|
Log-Analyse und Auswertung: Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkanntWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
23.11.2015, 18:29 | #1 |
| Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt Hallo liebes Trojanerboard, ich hab letztes TCP View (hxxp://www.chip.de/downloads/TCPView_13015059.html) bei Chip Online heruntergeladen und die .exe Datei gestartet. Chip Online nutzt ja gerade ihre eigene Software bzw. Installer um eine externe Software zu installieren. Als ich die Datei öffnete sich ein Fenster, das sich normalerweise beim Chip Installer nicht öffnet und ich auch sonst noch nie gesehen habe und das definitiv nicht von Windows stammte. Mein Virenscanner 360 Total Security meldete, dass er mit einer Datei nicht umgehen kann, weil es eine Malware ist etc. Leider schloß ich das Fenster sofort. Als ich dann bei der Anleitung von Trojanerboard zur Virenbeseitigung bei GMER mein Netzwerkadapter deaktivierte, weil dort angeben war, man solle die Verbindung zum Internet trennen, konnte ich ihn nach dem Scan nicht mehr aktivieren (Windows Fehler 20 ERROR_BAD_COMMAND) und einen Wlan Stick über USB erkannte mein Computer nicht, ebenso wie ein USB-Stick. Ich schreibe jetzt gerade ich abgesicherten Modus dieses Thema, weil dort mein Netzwerkadapter funktioniert. Angefügt sind die 4 Logfiles von der Anleitung. |
23.11.2015, 19:06 | #2 |
/// the machine /// TB-Ausbilder | Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke. So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
23.11.2015, 19:28 | #3 |
| Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkanntCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-11-2015 durchgeführt von marcel (2015-11-21 21:00:37) Gestartet von C:\Users\marcel\Downloads Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-06-07 08:21:03) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-499821555-1515846726-3243709471-500 - Administrator - Disabled) fbwuser4918 (S-1-5-21-499821555-1515846726-3243709471-1005 - Limited - Enabled) fbwuser6DC1 (S-1-5-21-499821555-1515846726-3243709471-1007 - Limited - Enabled) fbwuserE3F6 (S-1-5-21-499821555-1515846726-3243709471-1006 - Limited - Enabled) Gast (S-1-5-21-499821555-1515846726-3243709471-501 - Limited - Disabled) => C:\Users\Gast marcel (S-1-5-21-499821555-1515846726-3243709471-1001 - Administrator - Enabled) => C:\Users\marcel marina (S-1-5-21-499821555-1515846726-3243709471-1000 - Administrator - Enabled) => C:\Users\marina mario (S-1-5-21-499821555-1515846726-3243709471-1003 - Limited - Enabled) => C:\Users\mario ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D} AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 7.2.0.1021 - 360 Security Center) ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House) Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation) Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.12.36 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.6) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated) Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.) Agrotron Screensaver (HKLM-x32\...\Agrotron Screensaver_is1) (Version: - ) Any Video Converter 3.5.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) AVS Audio Converter version 6.1 (HKLM-x32\...\AVS Audio Converter 6.1_is1) (Version: - Online Media Technologies Ltd.) AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.) AVS4YOU Software Navigator 1.3 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.) Baidu PC Faster (HKLM-x32\...\Baidu PC Faster 3.2.0.9) (Version: 3.2.0.9 - Baidu, Inc.) <==== ACHTUNG Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) Becker Content Manager (HKLM-x32\...\Becker Content Manager) (Version: 1.5.1807.0 - Harman Becker Automotive Systems) Blender (HKLM\...\Blender) (Version: 2.68a - Blender Foundation) Bluesoleil2.6.0.9 Release 070606 (HKLM-x32\...\{846AC73B-9394-48B9-B941-8F7F472F0047}) (Version: 2.6.0.9 Release 070606 - IVT Corporation) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.9.860 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{CD9D0827-A6D6-4E2C-B31E-23F01577E27B}) (Version: 0.7.9.860 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Browser Updater 1.1 (HKLM-x32\...\Browser Updater_is1) (Version: - Browser Updater) BumpTop (HKLM-x32\...\{71702641-2849-45A4-8E62-4B85974B24A0}_is1) (Version: 2.1.6211 - Bump Technologies, Inc.) Bus-Simulator 2009 (HKLM-x32\...\Bus-Simulator 2009_is1) (Version: - astragon Software GmbH) Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch) Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - ) Camera RAW Plug-In for EPSON Creativity Suite (HKLM-x32\...\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION) CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team) CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.0.4 - Canon Inc.) Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.) Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.3.0.14 - Canon Inc.) Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.1.0.18 - Canon Inc.) Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.1.0.27 - Canon Inc.) Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.2.0.2 - Canon Inc.) Canon Utilities CameraWindow DC (HKLM-x32\...\CameraWindowDC) (Version: 7.4.0.9 - Canon Inc.) Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.5.0.3 - Canon Inc.) Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.2.0.4 - Canon Inc.) Canon Utilities MyCamera DC (HKLM-x32\...\MyCameraDC) (Version: 7.2.0.5 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.) Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.8.0.1 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.3.0.7 - Canon Inc.) Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.2.11 - Canon Inc.) CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.00.0001 - CASIO COMPUTER CO., LTD.) CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP) Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Content Manager 2 (HKLM-x32\...\Content Manager 2) (Version: 2.0.2.31 - Harman Becker Automotive Systems) Coole Schule! 5. Klasse (HKLM-x32\...\{C3A5EE5D-EB16-4431-9D39-BBB3B404CC80}) (Version: 1.1 - ) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.) CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2602 - CyberLink Corp.) CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.2110 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAC 5 (HKLM-x32\...\DAC 5) (Version: 1.0.0 - Helmut Schattenkirchner) Demolition Company Gold (HKLM-x32\...\DemolitionCompanyDE_is1) (Version: - GIANTS Software) DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden Driver Detective (HKLM-x32\...\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}) (Version: 8.0.1 - PC Drivers HeadQuarters) Einladungen zum Sofortdruck (HKLM-x32\...\Einladungen zum Sofortdruck) (Version: - SYBEX Verlags- und Vertriebs-GmbH) ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 13.3.0.9066 - Landesfinanzdirektion Thüringen) EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON) EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.3.0.0 - ) EPSON Easy Photo Print (HKLM-x32\...\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}) (Version: 1.5.0.0 - SEIKO EPSON CORPORATION) EPSON File Manager (HKLM-x32\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - ) EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handbuch (HKLM-x32\...\EPSON Stylus CX7300_CX8300_DX7400_DX8400 Benutzerhandbuch) (Version: - ) EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation) Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0.9.1.1 - Ezvid, inc.) Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden Favorit (HKLM-x32\...\vxggwx) (Version: - ) FileZilla Client 3.9.0.1 (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse) Finale NotePad 2008 (HKLM-x32\...\Finale NotePad 2008) (Version: 13.0.0.0 - MakeMusic) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Free Download Manager 3.0 (HKLM-x32\...\Free Download Manager) (Version: 3.0 - FreeDownloadManager.ORG) Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version: - musetips.com) Free System Utilities (HKLM-x32\...\{f8cd9221-848c-45fb-a509-fa75dea3a22f}) (Version: 1.0.0.28 - Covus Freemium GmbH) Free SystemUtilities (x32 Version: 1.0.0.28 - Covus Freemium GmbH) Hidden Free YouTube to MP3 Converter Classic version 3.12.63.913 (HKLM-x32\...\Free YouTube to MP3 Converter Classic_is1) (Version: 3.12.63.913 - DVDVideoSoft Ltd.) Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation) Freemake Video Converter Version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.2.0 - Ellora Assets Corporation) FSX_Screensaver (HKLM-x32\...\FSX_Screensaver) (Version: - ) Game Cam 2.6.1.0 (HKLM-x32\...\Game Cam) (Version: 2.6.1.0 - Game Cam Portal, Inc.) GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.24.0 - International GeoGebra Institute) GIANTS Editor 4.1.2 (HKLM-x32\...\giants_editor_4.1.2_is1) (Version: 4.1.2 - GIANTS Software GmbH) GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team) GnuWin32: Wget-1.11.4-1 (HKLM-x32\...\Wget-1.11.4-1_is1) (Version: 1.11.4-1 - GnuWin32) Google Chrome (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Hardware Diagnose Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.5144.16 - PC-Doctor, Inc.) Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation) Hotspot Shield 5.0.2 (HKLM-x32\...\HotspotShield) (Version: 5.0.2 - AnchorFree Inc.) HP Active Support Library (HKLM-x32\...\{0295F89F-F698-4101-9A7D-49F407EC2D82}) (Version: 3.1.10.1 - Hewlett-Packard) HP Advisor (HKLM-x32\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.1000.1002 - Hewlett-Packard) HP Customer Experience Enhancements (HKLM-x32\...\{B84739A3-F943-47E4-95D8-96381EF5AC48}) (Version: 5.7.0.2945 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Photosmart 7520 series - Grundlegende Software für das Gerät (HKLM\...\{7CD854BF-DBDA-4490-B863-7E49F22D13A7}) (Version: 28.0.989.0 - Hewlett-Packard Co.) HP Photosmart 7520 series Hilfe (HKLM-x32\...\{2230C40A-ADE0-4231-98EC-7AAFC14BC7F3}) (Version: 28.0.0 - Hewlett Packard) HP Support Information (HKLM-x32\...\{1CC069FA-1A86-402E-9787-3F04E652C67A}) (Version: 10.1.0001 - Hewlett-Packard) HP Total Care Setup (HKLM-x32\...\{784BEA84-FA66-4B19-BB80-7B545F248AC6}) (Version: 1.2.2854.2975 - Hewlett-Packard) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden ICQ 8.0 (build 5981, für aktuellen Benutzer) (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\ICQ) (Version: 8.0.5981.0 - Mail.Ru) iFunbox (v2.1.2228.731), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.1.2228.731 - ) Iminent (x32 Version: 6.17.41.0 - Iminent) Hidden <==== ACHTUNG iPhone-Konfigurationsprogramm (HKLM-x32\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.) ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.550 - Oracle) Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.117 - Kaspersky Lab) Kaspersky Security Scan (x32 Version: 12.0.1.117 - Kaspersky Lab) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1402 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.1402 - CyberLink Corp.) Hidden Lagarith lossless video codec (Remove Only) (HKLM-x32\...\LAGARITH) (Version: - ) Landwirtschafts Simulator 2011 (HKLM-x32\...\FarmingSimulator2011DE_is1) (Version: 1.0 - GIANTS Software) Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software) Landwirtschafts-Simulator 2009 (HKLM-x32\...\FarmingSimulator2009DE_is1) (Version: - GIANTS Software) LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - ) LEGO Universe (HKLM-x32\...\NetDevil_LEGO_Universe_is1) (Version: - LEGO Software) LEGO® Indiana Jones™ (HKLM-x32\...\InstallShield_{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}) (Version: 1.00.0000 - LucasArts) LEGO® Indiana Jones™ (x32 Version: 1.00.0000 - LucasArts) Hidden Lernpaket (HKLM-x32\...\Lernpaket) (Version: - ) Lieferwagen-Simulator 2010 (HKLM-x32\...\Lieferwagen-Simulator 2010_is1) (Version: - astragon Software GmbH) LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe) Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.0.3.0 - Lightworks) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) LOL (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\a33cb0a19aaf5f14) (Version: 1.0.0.0 - Microsoft) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.) MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation) Microsoft Flight Simulator SimConnect Client v10.0.62613.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62613.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation) Minecraft Cracked (HKLM-x32\...\Minecraft Cracked) (Version: - ) Minecraft PC Gamer Demo version 1.5 (HKLM-x32\...\{55D65D27-C0CD-4375-9021-F3D3D024ED90}_is1) (Version: 1.5 - Mojang) Mozilla Firefox 12.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 de)) (Version: 12.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla) MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden MSVCMergeModules (HKLM-x32\...\{AA721D14-CFE2-410E-B975-79FE5F82F99F}) (Version: 1.0.0 - Nav N Go Kft.) MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Müller Foto (HKLM-x32\...\Müller Foto) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA) myGamersCam 1.5 (HKLM-x32\...\myGamersCam) (Version: 1.5 - Frogster Online Gaming GmbH) Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - Nav N Go Ltd.) Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts) Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue) No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23) Nokia Connectivity Cable Driver (HKLM-x32\...\{82427977-8776-4087-90CA-9F65174D3C4D}) (Version: 7.1.16.0 - Nokia) Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\CopyTrans Suite) (Version: 2.36 - WindSolutions) NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation) NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - ) Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2141 - Electronic Arts, Inc.) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.) PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PicoZip Recovery Tool 1.02 (HKLM-x32\...\PicoZip Recovery Tool 1.02) (Version: 1.02 - Softchitect) PKZIP for Windows 9.00.0010 (HKLM-x32\...\{BE8DD809-A406-40E2-AB9F-28E69E737383}) (Version: 9.00.0010 - PKWARE, Inc) PokerStars.net (HKLM-x32\...\PokerStars.net) (Version: - PokerStars.net) Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2602 - CyberLink Corp.) Power2Go (x32 Version: 6.0.2602 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2611 - CyberLink Corp.) PowerDirector (x32 Version: 7.0.2611 - CyberLink Corp.) Hidden Protected Search 1.1 (HKLM-x32\...\Protected Search_is1) (Version: - Protected Search) <==== ACHTUNG PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Python 2.6 pywin32-212 (HKLM-x32\...\pywin32-py2.6) (Version: 2.12 - Python Software Foundation) Python 2.6.1 (HKLM-x32\...\{9CC89170-000B-457D-91F1-53691F85B223}) (Version: 2.6.1150 - Python Software Foundation) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 4.80 - Philipp Winterberg) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.103.0 - SAMSUNG Electronics Co., Ltd.) Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Siemens NX 8.0 (HKLM\...\{51676C0E-2D18-49F3-A1BE-005DE2654168}) (Version: 8.0.0.25 - Siemens) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) sp44626 (HKLM-x32\...\sp44626) (Version: - Hewlett-Packard) Spotify (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB) Spreng- und Abriss-Simulator (HKLM-x32\...\Spreng- und Abriss-Simulator) (Version: - ) Star Trek Legacy (HKLM-x32\...\{287A4E96-AC57-4A19-9B51-C5EED2EAB382}) (Version: 1.00.0000 - Ihr Firmenname) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version: - ) StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - ) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) tax 2015 (HKLM-x32\...\{4CF96070-DEE5-43B5-B6A7-23AC07BC0C77}) (Version: 22.00.8811 - Buhl Data Service GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Technitium MAC Address Changer v6.0.5 (HKLM-x32\...\TMACv6.0) (Version: 6.0.5 - Technitium) The Energy Thieves (HKLM-x32\...\The Energy Thieves) (Version: - ) TubeBox! (HKLM-x32\...\{6B48554C-9089-4177-A38D-B8FE122F11FC}) (Version: 3.4.7 - Jens Lorek) TypingMaster Pro (HKLM-x32\...\{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1) (Version: 7.10 - TypingMaster Inc) UltraMixer 5.0.3 (HKLM-x32\...\{8C101DEE-540D-42C7-866F-E126383A8155}_is1) (Version: 5.0.3 - UltraMixer Digital Audio Solutions) Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) VirtualDJ 8 (HKLM-x32\...\{24F8CB37-888B-41E6-B119-CDC3F5075F57}) (Version: 8.0.2483.0 - Atomix Productions) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 1.1.9 (HKLM-x32\...\VLC media player) (Version: 1.1.9 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) WinSCP 5.5 (HKLM-x32\...\winscp3_is1) (Version: 5.5 - Martin Prikryl) Wissen macht Ah! - Bildschirmschoner Bildschirmschoner (HKLM-x32\...\Wissen macht Ah! - Bildschirmschoner) (Version: - ) Wohnwagen Park Tycoon So lebt totaler Trash (HKLM-x32\...\{FA1DF66C-5EFA-4F8A-9256-0C7D2D74C640}) (Version: 1.00.0000 - IncaGold) Wondershare Video Converter Ultimate(Build 5.7.4.5) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: - Wondershare Software) World of Warships (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version: - Wargaming.net) Zahlenzauber 4 (HKLM-x32\...\Zahlenzauber4) (Version: - ) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\delegate_execute.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei ==================== Wiederherstellungspunkte ========================= 19-10-2015 15:52:51 Geplanter Prüfpunkt 20-10-2015 10:31:41 Windows Update 23-10-2015 14:17:11 Windows Update 27-10-2015 16:13:52 Windows Update 30-10-2015 16:01:44 Geplanter Prüfpunkt 31-10-2015 14:54:00 Geplanter Prüfpunkt 01-11-2015 17:48:06 Geplanter Prüfpunkt 04-11-2015 10:11:27 Windows Update 06-11-2015 16:08:06 Geplanter Prüfpunkt 07-11-2015 20:17:27 Geplanter Prüfpunkt 10-11-2015 14:55:54 Windows Update 10-11-2015 17:21:41 Gerätetreiber-Paketinstallation: TAP-Windows Provider V9 Netzwerkadapter 11-11-2015 17:16:32 Geplanter Prüfpunkt 12-11-2015 20:56:02 Windows Update 15-11-2015 13:23:04 Geplanter Prüfpunkt 17-11-2015 16:52:23 Windows Update 18-11-2015 15:40:16 Geplanter Prüfpunkt 18-11-2015 19:52:10 Installed Oracle VM VirtualBox 5.0.10 ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2006-11-02 13:34 - 2006-09-18 22:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0C304930-E90A-4F7E-AA97-5A3FC6E1FA8A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA => C:\Users\marina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.) Task: {0EA17453-D872-4497-9C3B-5E370E3D9DD7} - \SystemSockets\SystemSockets -> Keine Datei <==== ACHTUNG Task: {0FA6C043-1A05-41F5-B451-AA45C06EE5F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA => C:\Users\marina\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) Task: {20C5EAC5-E6C7-4D5D-B821-DC36AFC60E53} - System32\Tasks\AdobeAAMUpdater-1.0-marina-PC-marcel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Task: {2268B1C0-0C3B-40CA-B71E-01492B36C50D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {2C586A4A-24CF-4387-A062-75A2B42CCF37} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001UA => C:\Users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {4DAC3EC8-9A29-4417-A32A-98FA9CF63264} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Covus Freemium\Free System Utilities\1Click.exe Task: {56B3819B-F07C-42E1-83C1-7425A5CD7162} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated) Task: {5AF16D6C-85E1-452E-9B15-0E209C1CE047} - System32\Tasks\Baidu PC Faster Update => $szInstallingDir\Updater.exe Task: {5D11C318-039C-4530-9BC5-0A746BDF30C2} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe <==== ACHTUNG Task: {64AEC0B2-DBF2-42E5-BC81-C4F69ECD8874} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe <==== ACHTUNG Task: {69CFBAD6-3DA6-445D-A1DD-0894B406FC7C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003UA => C:\Users\mario\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {6AB2BF11-F035-476E-B6B2-B8DA188B6EEA} - System32\Tasks\{30A3CF10-EA6A-42B1-8678-BD9B4E0BB742} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.3.0.105&LastError=12002 Task: {6AFB957A-D7E0-49B5-8297-1D400411A537} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ACHTUNG Task: {70158EF5-6CE4-4FA7-BEE6-BADFC3708CA3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {77D6A1C2-290F-476C-A3C1-73A1D45712CC} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe Task: {8B9677A0-94AD-42A1-B1E5-0D5E1F9B3872} - \Browser Updater\Browser Updater -> Keine Datei <==== ACHTUNG Task: {9027A1B1-6B4E-4142-9F16-C551BB09EE15} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd) Task: {A0DB3953-5EE9-4E06-A0DA-4F26FA4D14AC} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04] (Hewlett-Packard) Task: {B23218E7-BD64-46C9-B6E3-F5DEC033F5E8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core => C:\Users\marina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.) Task: {B6D0F6F3-E36D-4281-8DF1-4E07EB78E72F} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\WBrowserShield.exe <==== ACHTUNG Task: {B803C051-339E-4D49-A711-353D095D8663} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {CE98EDF9-0AC5-48A6-A218-E6940628A2EB} - System32\Tasks\RecoveryCD => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2009-03-25] () Task: {D016EDCB-43A8-460F-A389-3CE5812FC67B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003Core => C:\Users\mario\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {D2931C31-C84A-405B-BF1F-D39502216EAB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core => C:\Users\marina\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) Task: {D4E6F240-8B92-4784-BB78-5DCB33095A8D} - System32\Tasks\{6F174A9A-BC6D-40D1-BB19-7A53BBA6FD1B} => pcalua.exe -a C:\Users\marcel\Downloads\streamripper-windows-installer-1.64.6.exe Task: {F4970054-C2A4-4E64-BBD2-5D95D38E11B1} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02] (PC-Doctor, Inc.) Task: {F7D66220-065A-4DDB-B4D8-089A138A7276} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001Core => C:\Users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {FA98CC90-8BE9-4A2E-B107-621106176535} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core.job => C:\Users\marina\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA.job => C:\Users\marina\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core.job => C:\Users\marina\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA.job => C:\Users\marina\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001Core.job => C:\Users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001UA.job => C:\Users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003Core.job => C:\Users\mario\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003UA.job => C:\Users\mario\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2009-11-03 15:30 - 2009-06-02 01:15 - 00051200 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2015-11-15 15:33 - 2015-09-21 06:29 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll 2015-10-12 21:41 - 2015-10-12 21:41 - 00850128 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe 2014-06-02 16:10 - 2014-06-29 15:19 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-11-15 15:33 - 2015-09-21 06:29 - 01032312 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe 2015-11-15 15:33 - 2015-09-21 06:29 - 00087672 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll 2015-08-19 17:45 - 2015-07-24 05:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-10-12 21:35 - 2015-10-12 21:35 - 00261328 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll 2015-10-12 21:55 - 2015-10-12 21:55 - 00895184 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.5.0.2.dll 2015-08-21 19:13 - 2015-08-21 19:13 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll 2009-03-27 21:02 - 2009-03-27 21:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll 2009-03-27 21:02 - 2009-03-27 21:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll 2015-11-15 15:33 - 2015-09-21 06:29 - 00559224 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll 2014-04-15 16:29 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\marcel\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2014-04-15 16:29 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\marcel\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\marina\Documents\Produce.avi:TOC.WMV ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-499821555-1515846726-3243709471-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\marcel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg DNS Servers: 192.168.0.1 - 192.168.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{F5C20972-2992-49D7-9E1A-8D79D5A7984B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE FirewallRules: [{F5094622-384F-4E7A-A0DD-69BB18D1BA2F}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe FirewallRules: [{2BF2EF32-1398-4FE0-A25F-7737140F89D0}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe FirewallRules: [{D6DFAD45-CE21-4CF9-9CBB-6692B61EFA3D}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe FirewallRules: [{FD7D0E6B-081C-4E0B-A535-51D8AC05DCB5}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe FirewallRules: [{D9131F9D-BFDC-4CAC-B304-6DE7F485E0FA}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{183D348E-F26F-40D1-9973-7954ADFB266F}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{0F2520BB-E5E5-49CF-AA15-B57CF9ED348B}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{C68EEF98-A094-40A2-9D33-32E57254E728}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{A91FF648-7789-4E4E-BF3E-604E7AE53695}] => (Allow) LPort=80 FirewallRules: [{60D0B398-E090-49AE-86CC-1DEE8CF04DBE}] => (Allow) LPort=80 FirewallRules: [{AA8583BB-A335-46A3-8099-969A16270232}] => (Allow) LPort=80 FirewallRules: [{11FD45A2-64D2-457C-887D-C71D64376993}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{3A306622-3D05-4DE7-8F5E-61AAD07F563D}] => (Allow) LPort=2869 FirewallRules: [{D44E1F2E-DB14-4FD6-A89E-DC7D7A315FE4}] => (Allow) LPort=1900 FirewallRules: [{574B0590-B8F5-4AE6-88A5-371F82990BE0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{B53D9E10-EFFB-458D-9FBD-DA3E746D70DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3BC77566-91CB-4095-821A-FB437D6A1C24}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4DB683EC-101D-46B4-8EFD-FAD5E1683EA9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{BF9DE9D9-3BE7-4636-8503-FD90B29210CC}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{25E2F7FD-83CE-4AB6-AD69-744BCCF22C36}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{DFF109DC-0749-44F7-90F6-2F4B7693A5EB}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{1C8EB865-7112-4B06-B91A-24D68BE32A42}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{26F8C160-C4FC-4047-B23B-296C4BA56D37}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{36100A4D-ACCC-4A32-B467-786DD7BCDCF0}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{94235AD2-251C-41BB-91C9-E8726C1C859A}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{38658058-B8B2-4EF7-884D-324F0ABD632E}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe FirewallRules: [{7C1FA24A-11C9-413F-B599-3978BCB7C940}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe FirewallRules: [{BD0650A3-3F30-4CDA-9B4B-6D877D216A03}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe FirewallRules: [{B2EC14F0-2E4C-45CE-8D9B-C0A787C897EE}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe FirewallRules: [{69ACC60D-B78B-4BF9-A5FB-C43A5770E869}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{4C89EA0C-F5D6-4522-840E-419F17FD334A}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{B27EFF98-35F9-4787-9BBE-AA61836F21D3}] => (Allow) C:\Users\marcel\AppData\Roaming\ICQM\icq.exe FirewallRules: [{B9836555-992D-4E8B-B48F-AA597F3C3CFD}] => (Allow) C:\Users\marcel\AppData\Roaming\ICQM\icq.exe FirewallRules: [{D49F4F42-7B2D-4ED1-97DF-E232B4F73F08}] => (Allow) C:\Windows\system32\hasplms.exe FirewallRules: [{7E554353-25C0-4364-B4DD-50F208E238BD}] => (Allow) C:\Windows\system32\hasplms.exe FirewallRules: [{E4706FE8-8A0D-4DBA-A05B-8F2BB876795F}] => (Allow) C:\Program Files (x86)\Lightworks\Lightworks.exe FirewallRules: [{1C081A2F-054B-43B4-8BE3-D11ABC0DEC54}] => (Allow) C:\Program Files (x86)\Lightworks\Lightworks.exe FirewallRules: [{2C066E0D-B236-4AC9-9DC5-B0777E62A303}] => (Allow) C:\Program Files (x86)\Lightworks\ntcardvt.exe FirewallRules: [{1E98149F-A068-431C-8F04-3236B9EAAD0F}] => (Allow) C:\Program Files (x86)\Lightworks\ntcardvt.exe FirewallRules: [{878CEAA4-F011-4DC2-A358-B5481A6E7775}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe FirewallRules: [{09AEB68B-39FE-4B63-8B24-AE2637580C7A}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe FirewallRules: [{8B050490-BB16-4388-B3C9-016E36282C6C}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe FirewallRules: [{DACF1B29-20EC-4513-82E5-B2BFE9EC73FC}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe FirewallRules: [{D7538DD0-2662-4F98-ABA9-D83D5329C468}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{4C33B38C-35DC-4EE6-A356-FB34C213C43F}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{88E2F03E-AFC1-4CF9-868B-F2012A84265A}] => (Allow) C:\Program Files (x86)\Protected Search\ProtectedSearch.exe FirewallRules: [{F68CFD70-6F80-402B-A3EC-1F4B99C086FC}] => (Allow) C:\Program Files (x86)\Protected Search\ProtectedSearch.exe FirewallRules: [{0C3987E2-F48B-4FB6-9FD7-9F2F662748B7}] => (Allow) C:\Program Files (x86)\HomeTab\TBUpdater.dll FirewallRules: [{BA0EEC2F-2CE8-4DBD-87D8-B52E818396CC}] => (Allow) C:\Program Files (x86)\HomeTab\TBUpdater.dll FirewallRules: [{82B8AE97-1333-47C8-9220-30A7B48018F2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{10D7AE9D-6D62-4E37-87BE-883DF16FEB58}] => (Allow) C:\Users\marina\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{4CD587C1-ACEA-448D-B28B-EF4CA135DA45}] => (Allow) C:\Users\marina\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{2F52FE38-9537-4577-9E99-1B460526DF3D}C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe] => (Block) C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe FirewallRules: [UDP Query User{EBE897A7-0CE5-45BB-8274-B09FFC56F612}C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe] => (Block) C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe FirewallRules: [TCP Query User{EC498DCC-8BC4-4514-9B72-CE21928DE5A2}C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe] => (Block) C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe FirewallRules: [UDP Query User{B9053513-3B65-4A0F-A841-98367FC1050D}C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe] => (Block) C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe FirewallRules: [TCP Query User{8D002325-D170-4524-BD1D-EA9356F0053D}C:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe FirewallRules: [UDP Query User{F4161B4F-8169-45E0-9946-5170E7CD5B72}C:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe FirewallRules: [TCP Query User{43DE585B-B761-47BF-8564-F73A8B23D55D}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Block) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe FirewallRules: [UDP Query User{9837EE9B-DCC5-4998-86ED-4F7BDBD1AD04}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Block) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe FirewallRules: [TCP Query User{D2BCF247-F742-47C1-BCEF-5C753243180B}C:\users\marina\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\marina\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{843D9811-27F7-4074-BA15-1F6C5086FF03}C:\users\marina\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\marina\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{95F93966-7B7F-4B2C-8E33-63B1489B834A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{7BFF6E9F-AA4B-4702-BCAD-6F981E173341}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{09677CA6-42DB-40A6-94F4-C7EEA7B396DA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{A2ADAAF9-0195-4B26-8386-D0816CEC5851}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{9B9ABDFA-E1BE-429F-9BF5-E33C6D1FBF02}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1260736F-1740-425C-9CEB-BB335A0D65BA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{64C70B3A-5323-4FAC-AF01-A6BC629DB7C9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5D0D04F4-9D89-4B6E-BE89-D0677D1BBA95}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{12A0CAEB-F6A8-4B17-B6E8-53C0C2FD69F3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{A6A7482C-959D-4666-B244-62EC711E45AC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{BFBFAAE9-497F-4170-815E-0D69E1CD98F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{7BC9C500-A121-4275-B394-FD14B99460A0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [TCP Query User{85C7763A-9E3A-446E-A3A0-A6199A277EF8}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [UDP Query User{F1DE4FDE-EF14-47A8-ADD2-D312E55BA9EE}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [{110B4C2D-84F3-4E21-8F9A-E609B62EF805}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{5A77CB5F-12B1-48CC-A50A-8824FC9C5350}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{273B2AF4-F418-4B10-96C4-F8DDDE530D9E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe FirewallRules: [{C0DD37C3-4A42-4862-BDD4-C27C0E1CBECB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe FirewallRules: [{DAA1875C-09BD-47D5-85B7-019F6FA58DEE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe FirewallRules: [{A233CC07-65D5-4EB5-AB57-449DF2447A73}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe FirewallRules: [{5ACDA239-DAE6-4208-B83C-B05A3FFBDA5D}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{E2FE3E90-AE53-4164-ABBA-0F1C7CA9563B}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{F72CA295-A9C6-4D76-A274-E9D9E85C4F6A}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{7FD3A865-6941-4DC8-B1CB-7352A63D81E4}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{0BAFAE37-25A3-47DD-B49D-7ED1578E7775}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{10957AEE-3E43-4BE3-B9B8-0E0777B4A67A}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{DE2A6792-1F78-4B44-8489-1CB5230A78E4}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{4E89E5DB-0C5C-44B7-9519-636CC13E8185}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{A1DC0A09-05E7-4F56-BD3C-080D2C659989}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{24953923-2DE3-402B-8ACF-6F49D68AA744}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{8D415465-8AC9-4F15-AF3D-39906A7E5222}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{FDE8E401-F5A9-4EE3-B96D-FD436B32FA36}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{149EB396-4385-400C-B240-359EBC6E07F5}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{2BC44EE9-B90B-45E4-984E-C97B185B51AD}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{C5C2EF04-0672-4962-949F-F0D5A22D0867}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{2060E93A-D62F-4490-838F-C45DF043B7E6}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{36D98AA6-DFAC-4C71-98A0-2057E2A2FFDA}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{4652CFF6-EE8A-431D-BB17-2EA2160E57CC}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{281C003D-4E75-4966-B019-028691200A96}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{AAEA6D43-8425-488E-BB54-422D788F85F6}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{D55B9232-6441-4F5F-987B-AAE19F0775E0}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{5A6354A6-8C4D-4E89-BF03-CDDD84928A38}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{ED50C3FB-C423-40CD-A95E-EE0B87C86DED}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{74481C2B-1959-45B3-9C79-2FA795AF5CB1}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{0FBEAE14-69BB-4A37-A501-4ABCFE72C054}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{AC7954E0-BA12-4A07-BFD8-CC748CBE312B}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{33DCF676-F111-4308-8CD6-BCDFB28F19DD}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{B680107E-BCB7-4FB6-8866-83216B5A3D72}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{BEDEADF4-2DA8-4E30-854C-D25EBBABB041}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{86C438A2-D489-4B12-8057-8BE4E26233AE}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{C64A5577-B731-4AE2-9752-92B8AF0D07AE}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{5D3588D0-3306-4F34-BB66-736843C6E4B3}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{2B574CED-678B-4391-922B-D7699334E217}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{2A17BC8E-CEDC-4D34-8557-0F7D9B9905B3}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{AB8BE9A6-BF22-4A50-B1F0-20FCF0918472}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{97331928-15FB-4960-BE9F-9E63DB9C4C94}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{C7974EFE-40B6-46CF-8998-51D9E993B81D}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{4658349B-1EE4-465F-93FD-613EDAC567FB}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{5C26FD64-A5F4-470F-ACBC-2C1326613FD7}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{CC8757D2-BDB9-48F4-BB2E-05429B04A7AF}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{4F6D85B7-ABF8-4CCB-822E-8E643CE859B7}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{1CF297D3-D2C1-45BD-B04C-3D471D2D3A9B}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{9C2E6C0F-A3B2-4D77-8A46-ED935BA0C738}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{C097C29E-5954-4593-B426-3774E7C18DC4}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{0C38B261-4B88-4BFD-90AB-77F9585A6D86}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{4EF45F49-2B04-443A-97D6-B9EFB4C9DBB1}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{CF9D47A7-76EA-4E74-BE15-F96201CB163A}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{02FB66F2-1814-4229-9D0C-7DCEF4506372}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{FBB9CBF6-5016-4439-A44F-B03EFA1BF9A1}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{0BF5D2E3-AB9D-4761-AE84-E3C4DB43B7E6}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{264E8181-B125-440E-BB26-2BE6A7CD1779}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{79FAB681-165D-4B32-BB1E-FC9C98BC705D}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{73D655E8-362F-480E-B12D-AB96B26657B7}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{7BF49F38-0067-42E8-8F32-AD2A7CA5FF4B}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{92F00E89-9A8C-4B38-B306-A15DF871E181}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{38264418-3196-4E86-9F18-C20D7A4DAF27}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{3B684585-7343-419D-B7E7-493EB56EDF92}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{DC526DEA-B6E3-4EA2-88AF-D23111874B6E}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{F1FF2753-2318-4DB1-B2BE-0897DB26461D}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{9AF9E66D-7C1D-4721-BD53-B609BC8680BD}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{BFC42BC3-719F-4491-8EAC-140EB7D0EC7C}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{49ED2C06-5A3A-4E61-A0ED-759ECDD4C550}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{F1DAEFFA-1B86-4D44-81EB-9FE59441A34B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C2ACF0F6-D62B-421F-9B7E-21F9B586BEC1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{45CB548A-ED19-4368-AE18-2AD72A431B6F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{87C91441-A22C-4F38-AA5E-20E32B52BBB0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{23560A78-B88A-4D8A-AF99-768ED50B97CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{D1F10B0C-1A7A-4EF5-B3D7-4AAB9F4039C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{0C34042E-38E1-4B4A-82B0-90523462918B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{C58CC58F-DF94-4C07-8F0F-E2A3054560ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{D5044604-C30D-40C0-BE57-2D7903A53385}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{5A94E26D-4EF6-4FB7-BEC6-4D9FA2B67D0B}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{EEA789EE-F15E-4ACE-B224-EB4A72564BEF}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{FF878A01-89F7-40B6-B4EF-225A9A20951E}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{FB20ABD8-184B-45F7-90B1-0B9CF90D7D2B}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{301B6EF0-0DF5-4CFD-B862-1AEC9B1B1D64}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{89C5D826-826E-4296-8075-00F30CF7953D}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{E96647F8-C4F5-41AA-A4A7-78BD59EAE9EE}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{A4D4A99E-39EA-4818-9A76-2A78FB25FD67}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{051EB43F-B7AB-4D6B-B1C4-A3F4CB030EFA}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{38A13790-8330-4CE3-8EBF-CB5763AC5145}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{F6615031-9951-4EFA-89B6-B9715E90F08E}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{DCE2EA9F-9679-4603-B8B4-FB3ABC4765BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{A704A6D8-C8AC-40DC-82EB-D0FB3706D19A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{F9081AC9-C324-4095-AF50-1EB851EAB26A}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserShield.exe FirewallRules: [{6B320970-3DB8-4D48-9263-E51FA4D7E72F}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserShield.exe FirewallRules: [{BFEAC4C8-F50D-46C8-912E-53EC4C7D9DB0}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdate.exe FirewallRules: [{890C9D9D-D916-42BC-BD1F-508FC261B376}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdate.exe FirewallRules: [{610F1C76-3807-48FE-A40A-5DDE01CE0648}] => (Allow) C:\Program Files (x86)\HomeTab\WConnectorProductivity.exe FirewallRules: [{8DA47B0A-A17C-4DBC-AA43-CD05E55AD329}] => (Allow) C:\Program Files (x86)\HomeTab\WConnectorProductivity.exe FirewallRules: [{0F7931B9-6301-49D7-938D-21EDEEED9A84}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserShield.exe FirewallRules: [{8EA04169-D6D2-4102-8F40-E46ABE20C55D}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserShield.exe FirewallRules: [{69EFB958-56FB-4C7B-845B-43CF318F9321}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdate.exe FirewallRules: [{89C0D41A-5975-4952-8F22-F0F69A2549C4}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdate.exe FirewallRules: [{A0BFCE82-5E33-4FBF-923E-F2A523F5807A}] => (Allow) C:\Program Files (x86)\HomeTab\WConnectorProductivity.exe FirewallRules: [{171A66A8-8ADF-4638-A0DA-FF75ED3AB97F}] => (Allow) C:\Program Files (x86)\HomeTab\WConnectorProductivity.exe FirewallRules: [TCP Query User{CB940CFA-9AF5-4C74-9468-5CAEE7D93557}C:\users\marcel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marcel\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{201F51D9-2447-4EEC-91FA-F7751025978F}C:\users\marcel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marcel\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{3796B6E7-A0E6-4469-9D87-EE525E7223A4}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{789828AF-195B-46AC-9B7D-D1AE1AEF3C4F}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [TCP Query User{00A84986-AFCB-47AC-A34B-2620CFEC7BD1}C:\users\marina\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marina\appdata\local\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{1CBBC152-7676-4B44-8098-1CFADFCE3DE8}C:\users\marina\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marina\appdata\local\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{F6109EFF-F034-4014-BE01-99E2D209D412}C:\users\marcel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marcel\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{DB71363E-AF8E-4D16-A22D-9ED335CCC057}C:\users\marcel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marcel\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{A1DFE7CB-8A9D-493B-983F-6D68DB7BA1F8}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{948E3949-4DEC-477A-9EB6-D1D2C7D4DAC6}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [TCP Query User{7B3223FF-7D51-413D-983B-EEA4902C77EB}C:\users\marcel\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\marcel\appdata\local\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{4AFDE2B8-1770-41BA-89AB-CFF0C7FC2D5F}C:\users\marcel\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\marcel\appdata\local\google\chrome\application\chrome.exe FirewallRules: [{EFE294F8-02BC-4C31-8AEB-7D000C127D0B}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{836B12DF-63E3-4B07-A81D-16F306A440DC}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{84AABCAF-1472-4965-B067-B84BB7F18D4F}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{81540CDE-1602-41C8-BC5D-9099DF78571A}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{49310285-F0CD-42C3-8697-D0330FC04FD7}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{961ED7D9-59F1-4ADD-B6C5-53971A80F5E7}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Bluetooth PAN Network Adapter Description: Bluetooth PAN Network Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: IVT Corporation Service: BT Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: TAP-Windows Adapter V9 Description: TAP-Windows Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: tap0901 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/21/2015 08:49:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/21/2015 08:48:57 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (11/21/2015 08:26:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/21/2015 08:25:16 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (11/21/2015 08:17:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/21/2015 08:16:47 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (11/21/2015 05:07:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/21/2015 05:07:42 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (11/20/2015 06:34:47 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/20/2015 06:34:47 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Systemfehler: ============= Error: (11/11/2009 01:59:04 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 10.11.2009 um 21:41:46 unerwartet heruntergefahren. CodeIntegrity: =================================== Date: 2015-11-21 20:59:33.960 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:33.470 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:32.939 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:32.422 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:31.652 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:31.153 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:30.638 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:30.054 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:29.182 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\360AvFlt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:28.671 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\360AvFlt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz Prozentuale Nutzung des RAM: 52% Installierter physikalischer RAM: 4094.26 MB Verfügbarer physikalischer RAM: 1946.8 MB Summe virtueller Speicher: 8399.78 MB Verfügbarer virtueller Speicher: 5697.64 MB ==================== Laufwerke ================================ Drive c: (COMPAQ) (Fixed) (Total:581.64 GB) (Free:105 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (FACTORY_IMAGE) (Fixed) (Total:14.53 GB) (Free:2.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (CANON_IJ) (CDROM) (Total:0.48 GB) (Free:0 GB) CDFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232) Partition 1: (Active) - (Size=581.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=14.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1) Log created at 20:52 on 21/11/2015 (marcel) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2015-11-23 17:11:51 Windows 6.0.6002 Service Pack 2 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD6400AAKS-65A7B2 rev.01.03B01 596,17GB Running: Gmer-19357.exe; Driver: C:\Users\marcel\AppData\Local\Temp\pwdiypod.sys ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification ---- User code sections - GMER 2.1 ---- .text C:\Windows\SysWOW64\PnkBstrA.exe[2520] C:\Windows\SysWOW64\WSOCK32.dll!recv + 81 0000000072c618a9 2 bytes CALL 74e4142d C:\Windows\syswow64\kernel32.dll .text C:\Windows\SysWOW64\PnkBstrA.exe[2520] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 87 0000000072c6190e 2 bytes CALL 74e4142d C:\Windows\syswow64\kernel32.dll .text C:\Windows\SysWOW64\PnkBstrA.exe[2520] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 0000000072c619f0 2 bytes JMP 754a8400 C:\Windows\syswow64\WS2_32.dll .text C:\Windows\SysWOW64\PnkBstrA.exe[2520] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 0000000072c619fb 2 bytes JMP 754b8b38 C:\Windows\syswow64\WS2_32.dll .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[1036] C:\Windows\syswow64\kernel32.dll!LoadLibraryExW 0000000074e4302b 7 bytes JMP 00000001003ef63e ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification ---- Processes - GMER 2.1 ---- Process C:\Users\marcel\AppData\Roaming\Spotify\SpotifyWebHelper.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [4056] (SpotifyWebHelper/Spotify Ltd)(2015-03-14 14:21:49) 0000000000400000 Library C:\Users\marcel\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\Ontology.dll (*** suspicious ***) @ C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1036] (Application Ontology library/NVIDIA Corporation)(2015-11-20 14:09:42) 000000006ac90000 Process C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe [3748] (Google Chrome/Google Inc.)(2010-01-08 17:41:09) 00000000008a0000 Process C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe [3248] (Google Chrome/Google Inc.)(2010-01-08 17:41:09) 00000000008a0000 Process C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe [4448] (Google Chrome/Google Inc.)(2010-01-08 17:41:09) 00000000008a0000 Process C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe [4464] (Google Chrome/Google Inc.)(2010-01-08 17:41:09) 00000000008a0000 Process C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe [4484] (Google Chrome/Google Inc.)(2010-01-08 17:41:09) 00000000008a0000 Process C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe [4504] (Google Chrome/Google Inc.)(2010-01-08 17:41:09) 00000000008a0000 Process C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\GoogleCrashHandler64.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\GoogleCrashHandler64.exe [4912] (Google Crash Handler/Google Inc.)(2015-09-15 04:03:06) 000000013f160000 Process C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe [4828] (Google Chrome/Google Inc.)(2010-01-08 17:41:09) 00000000008a0000 Process C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\nacl64.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\nacl64.exe [2808] (Google Chrome/Google Inc.)(2015-11-11 18:13:30) 000000013f530000 Process C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe [5060] (Google Chrome/Google Inc.)(2010-01-08 17:41:09) 00000000008a0000 Process C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\nacl64.exe (*** suspicious ***) @ C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\nacl64.exe [4520] (Google Chrome/Google Inc.)(2015-11-11 18:13:30) 000000013f530000 ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- EOF - GMER 2.1 ---- |
23.11.2015, 19:29 | #4 |
| Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkanntCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-11-2015 durchgeführt von marcel (2015-11-21 21:00:37) Gestartet von C:\Users\marcel\Downloads Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-06-07 08:21:03) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-499821555-1515846726-3243709471-500 - Administrator - Disabled) fbwuser4918 (S-1-5-21-499821555-1515846726-3243709471-1005 - Limited - Enabled) fbwuser6DC1 (S-1-5-21-499821555-1515846726-3243709471-1007 - Limited - Enabled) fbwuserE3F6 (S-1-5-21-499821555-1515846726-3243709471-1006 - Limited - Enabled) Gast (S-1-5-21-499821555-1515846726-3243709471-501 - Limited - Disabled) => C:\Users\Gast marcel (S-1-5-21-499821555-1515846726-3243709471-1001 - Administrator - Enabled) => C:\Users\marcel marina (S-1-5-21-499821555-1515846726-3243709471-1000 - Administrator - Enabled) => C:\Users\marina mario (S-1-5-21-499821555-1515846726-3243709471-1003 - Limited - Enabled) => C:\Users\mario ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D} AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 7.2.0.1021 - 360 Security Center) ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House) Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation) Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.12.36 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.6) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated) Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.) Agrotron Screensaver (HKLM-x32\...\Agrotron Screensaver_is1) (Version: - ) Any Video Converter 3.5.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) AVS Audio Converter version 6.1 (HKLM-x32\...\AVS Audio Converter 6.1_is1) (Version: - Online Media Technologies Ltd.) AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.) AVS4YOU Software Navigator 1.3 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.) Baidu PC Faster (HKLM-x32\...\Baidu PC Faster 3.2.0.9) (Version: 3.2.0.9 - Baidu, Inc.) <==== ACHTUNG Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) Becker Content Manager (HKLM-x32\...\Becker Content Manager) (Version: 1.5.1807.0 - Harman Becker Automotive Systems) Blender (HKLM\...\Blender) (Version: 2.68a - Blender Foundation) Bluesoleil2.6.0.9 Release 070606 (HKLM-x32\...\{846AC73B-9394-48B9-B941-8F7F472F0047}) (Version: 2.6.0.9 Release 070606 - IVT Corporation) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.9.860 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{CD9D0827-A6D6-4E2C-B31E-23F01577E27B}) (Version: 0.7.9.860 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Browser Updater 1.1 (HKLM-x32\...\Browser Updater_is1) (Version: - Browser Updater) BumpTop (HKLM-x32\...\{71702641-2849-45A4-8E62-4B85974B24A0}_is1) (Version: 2.1.6211 - Bump Technologies, Inc.) Bus-Simulator 2009 (HKLM-x32\...\Bus-Simulator 2009_is1) (Version: - astragon Software GmbH) Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch) Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - ) Camera RAW Plug-In for EPSON Creativity Suite (HKLM-x32\...\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION) CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team) CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.0.4 - Canon Inc.) Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.) Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.3.0.14 - Canon Inc.) Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.1.0.18 - Canon Inc.) Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.1.0.27 - Canon Inc.) Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.2.0.2 - Canon Inc.) Canon Utilities CameraWindow DC (HKLM-x32\...\CameraWindowDC) (Version: 7.4.0.9 - Canon Inc.) Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.5.0.3 - Canon Inc.) Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.2.0.4 - Canon Inc.) Canon Utilities MyCamera DC (HKLM-x32\...\MyCameraDC) (Version: 7.2.0.5 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.) Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.8.0.1 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.3.0.7 - Canon Inc.) Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.2.11 - Canon Inc.) CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.00.0001 - CASIO COMPUTER CO., LTD.) CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP) Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Content Manager 2 (HKLM-x32\...\Content Manager 2) (Version: 2.0.2.31 - Harman Becker Automotive Systems) Coole Schule! 5. Klasse (HKLM-x32\...\{C3A5EE5D-EB16-4431-9D39-BBB3B404CC80}) (Version: 1.1 - ) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.) CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2602 - CyberLink Corp.) CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.2110 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAC 5 (HKLM-x32\...\DAC 5) (Version: 1.0.0 - Helmut Schattenkirchner) Demolition Company Gold (HKLM-x32\...\DemolitionCompanyDE_is1) (Version: - GIANTS Software) DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden Driver Detective (HKLM-x32\...\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}) (Version: 8.0.1 - PC Drivers HeadQuarters) Einladungen zum Sofortdruck (HKLM-x32\...\Einladungen zum Sofortdruck) (Version: - SYBEX Verlags- und Vertriebs-GmbH) ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 13.3.0.9066 - Landesfinanzdirektion Thüringen) EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON) EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.3.0.0 - ) EPSON Easy Photo Print (HKLM-x32\...\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}) (Version: 1.5.0.0 - SEIKO EPSON CORPORATION) EPSON File Manager (HKLM-x32\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - ) EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handbuch (HKLM-x32\...\EPSON Stylus CX7300_CX8300_DX7400_DX8400 Benutzerhandbuch) (Version: - ) EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation) Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0.9.1.1 - Ezvid, inc.) Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden Favorit (HKLM-x32\...\vxggwx) (Version: - ) FileZilla Client 3.9.0.1 (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse) Finale NotePad 2008 (HKLM-x32\...\Finale NotePad 2008) (Version: 13.0.0.0 - MakeMusic) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Free Download Manager 3.0 (HKLM-x32\...\Free Download Manager) (Version: 3.0 - FreeDownloadManager.ORG) Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version: - musetips.com) Free System Utilities (HKLM-x32\...\{f8cd9221-848c-45fb-a509-fa75dea3a22f}) (Version: 1.0.0.28 - Covus Freemium GmbH) Free SystemUtilities (x32 Version: 1.0.0.28 - Covus Freemium GmbH) Hidden Free YouTube to MP3 Converter Classic version 3.12.63.913 (HKLM-x32\...\Free YouTube to MP3 Converter Classic_is1) (Version: 3.12.63.913 - DVDVideoSoft Ltd.) Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation) Freemake Video Converter Version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.2.0 - Ellora Assets Corporation) FSX_Screensaver (HKLM-x32\...\FSX_Screensaver) (Version: - ) Game Cam 2.6.1.0 (HKLM-x32\...\Game Cam) (Version: 2.6.1.0 - Game Cam Portal, Inc.) GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.24.0 - International GeoGebra Institute) GIANTS Editor 4.1.2 (HKLM-x32\...\giants_editor_4.1.2_is1) (Version: 4.1.2 - GIANTS Software GmbH) GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team) GnuWin32: Wget-1.11.4-1 (HKLM-x32\...\Wget-1.11.4-1_is1) (Version: 1.11.4-1 - GnuWin32) Google Chrome (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Hardware Diagnose Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.5144.16 - PC-Doctor, Inc.) Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation) Hotspot Shield 5.0.2 (HKLM-x32\...\HotspotShield) (Version: 5.0.2 - AnchorFree Inc.) HP Active Support Library (HKLM-x32\...\{0295F89F-F698-4101-9A7D-49F407EC2D82}) (Version: 3.1.10.1 - Hewlett-Packard) HP Advisor (HKLM-x32\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.1000.1002 - Hewlett-Packard) HP Customer Experience Enhancements (HKLM-x32\...\{B84739A3-F943-47E4-95D8-96381EF5AC48}) (Version: 5.7.0.2945 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Photosmart 7520 series - Grundlegende Software für das Gerät (HKLM\...\{7CD854BF-DBDA-4490-B863-7E49F22D13A7}) (Version: 28.0.989.0 - Hewlett-Packard Co.) HP Photosmart 7520 series Hilfe (HKLM-x32\...\{2230C40A-ADE0-4231-98EC-7AAFC14BC7F3}) (Version: 28.0.0 - Hewlett Packard) HP Support Information (HKLM-x32\...\{1CC069FA-1A86-402E-9787-3F04E652C67A}) (Version: 10.1.0001 - Hewlett-Packard) HP Total Care Setup (HKLM-x32\...\{784BEA84-FA66-4B19-BB80-7B545F248AC6}) (Version: 1.2.2854.2975 - Hewlett-Packard) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden ICQ 8.0 (build 5981, für aktuellen Benutzer) (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\ICQ) (Version: 8.0.5981.0 - Mail.Ru) iFunbox (v2.1.2228.731), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.1.2228.731 - ) Iminent (x32 Version: 6.17.41.0 - Iminent) Hidden <==== ACHTUNG iPhone-Konfigurationsprogramm (HKLM-x32\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.) ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.550 - Oracle) Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.117 - Kaspersky Lab) Kaspersky Security Scan (x32 Version: 12.0.1.117 - Kaspersky Lab) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1402 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.1402 - CyberLink Corp.) Hidden Lagarith lossless video codec (Remove Only) (HKLM-x32\...\LAGARITH) (Version: - ) Landwirtschafts Simulator 2011 (HKLM-x32\...\FarmingSimulator2011DE_is1) (Version: 1.0 - GIANTS Software) Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software) Landwirtschafts-Simulator 2009 (HKLM-x32\...\FarmingSimulator2009DE_is1) (Version: - GIANTS Software) LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - ) LEGO Universe (HKLM-x32\...\NetDevil_LEGO_Universe_is1) (Version: - LEGO Software) LEGO® Indiana Jones™ (HKLM-x32\...\InstallShield_{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}) (Version: 1.00.0000 - LucasArts) LEGO® Indiana Jones™ (x32 Version: 1.00.0000 - LucasArts) Hidden Lernpaket (HKLM-x32\...\Lernpaket) (Version: - ) Lieferwagen-Simulator 2010 (HKLM-x32\...\Lieferwagen-Simulator 2010_is1) (Version: - astragon Software GmbH) LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe) Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.0.3.0 - Lightworks) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) LOL (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\a33cb0a19aaf5f14) (Version: 1.0.0.0 - Microsoft) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.) MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation) Microsoft Flight Simulator SimConnect Client v10.0.62613.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62613.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation) Minecraft Cracked (HKLM-x32\...\Minecraft Cracked) (Version: - ) Minecraft PC Gamer Demo version 1.5 (HKLM-x32\...\{55D65D27-C0CD-4375-9021-F3D3D024ED90}_is1) (Version: 1.5 - Mojang) Mozilla Firefox 12.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 de)) (Version: 12.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla) MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden MSVCMergeModules (HKLM-x32\...\{AA721D14-CFE2-410E-B975-79FE5F82F99F}) (Version: 1.0.0 - Nav N Go Kft.) MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Müller Foto (HKLM-x32\...\Müller Foto) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA) myGamersCam 1.5 (HKLM-x32\...\myGamersCam) (Version: 1.5 - Frogster Online Gaming GmbH) Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - Nav N Go Ltd.) Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts) Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue) No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23) Nokia Connectivity Cable Driver (HKLM-x32\...\{82427977-8776-4087-90CA-9F65174D3C4D}) (Version: 7.1.16.0 - Nokia) Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\CopyTrans Suite) (Version: 2.36 - WindSolutions) NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation) NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - ) Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2141 - Electronic Arts, Inc.) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.) PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PicoZip Recovery Tool 1.02 (HKLM-x32\...\PicoZip Recovery Tool 1.02) (Version: 1.02 - Softchitect) PKZIP for Windows 9.00.0010 (HKLM-x32\...\{BE8DD809-A406-40E2-AB9F-28E69E737383}) (Version: 9.00.0010 - PKWARE, Inc) PokerStars.net (HKLM-x32\...\PokerStars.net) (Version: - PokerStars.net) Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2602 - CyberLink Corp.) Power2Go (x32 Version: 6.0.2602 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2611 - CyberLink Corp.) PowerDirector (x32 Version: 7.0.2611 - CyberLink Corp.) Hidden Protected Search 1.1 (HKLM-x32\...\Protected Search_is1) (Version: - Protected Search) <==== ACHTUNG PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Python 2.6 pywin32-212 (HKLM-x32\...\pywin32-py2.6) (Version: 2.12 - Python Software Foundation) Python 2.6.1 (HKLM-x32\...\{9CC89170-000B-457D-91F1-53691F85B223}) (Version: 2.6.1150 - Python Software Foundation) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 4.80 - Philipp Winterberg) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.103.0 - SAMSUNG Electronics Co., Ltd.) Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Siemens NX 8.0 (HKLM\...\{51676C0E-2D18-49F3-A1BE-005DE2654168}) (Version: 8.0.0.25 - Siemens) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) sp44626 (HKLM-x32\...\sp44626) (Version: - Hewlett-Packard) Spotify (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB) Spreng- und Abriss-Simulator (HKLM-x32\...\Spreng- und Abriss-Simulator) (Version: - ) Star Trek Legacy (HKLM-x32\...\{287A4E96-AC57-4A19-9B51-C5EED2EAB382}) (Version: 1.00.0000 - Ihr Firmenname) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version: - ) StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - ) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) tax 2015 (HKLM-x32\...\{4CF96070-DEE5-43B5-B6A7-23AC07BC0C77}) (Version: 22.00.8811 - Buhl Data Service GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Technitium MAC Address Changer v6.0.5 (HKLM-x32\...\TMACv6.0) (Version: 6.0.5 - Technitium) The Energy Thieves (HKLM-x32\...\The Energy Thieves) (Version: - ) TubeBox! (HKLM-x32\...\{6B48554C-9089-4177-A38D-B8FE122F11FC}) (Version: 3.4.7 - Jens Lorek) TypingMaster Pro (HKLM-x32\...\{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1) (Version: 7.10 - TypingMaster Inc) UltraMixer 5.0.3 (HKLM-x32\...\{8C101DEE-540D-42C7-866F-E126383A8155}_is1) (Version: 5.0.3 - UltraMixer Digital Audio Solutions) Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) VirtualDJ 8 (HKLM-x32\...\{24F8CB37-888B-41E6-B119-CDC3F5075F57}) (Version: 8.0.2483.0 - Atomix Productions) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 1.1.9 (HKLM-x32\...\VLC media player) (Version: 1.1.9 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) WinSCP 5.5 (HKLM-x32\...\winscp3_is1) (Version: 5.5 - Martin Prikryl) Wissen macht Ah! - Bildschirmschoner Bildschirmschoner (HKLM-x32\...\Wissen macht Ah! - Bildschirmschoner) (Version: - ) Wohnwagen Park Tycoon So lebt totaler Trash (HKLM-x32\...\{FA1DF66C-5EFA-4F8A-9256-0C7D2D74C640}) (Version: 1.00.0000 - IncaGold) Wondershare Video Converter Ultimate(Build 5.7.4.5) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: - Wondershare Software) World of Warships (HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version: - Wargaming.net) Zahlenzauber 4 (HKLM-x32\...\Zahlenzauber4) (Version: - ) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\delegate_execute.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-499821555-1515846726-3243709471-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei ==================== Wiederherstellungspunkte ========================= 19-10-2015 15:52:51 Geplanter Prüfpunkt 20-10-2015 10:31:41 Windows Update 23-10-2015 14:17:11 Windows Update 27-10-2015 16:13:52 Windows Update 30-10-2015 16:01:44 Geplanter Prüfpunkt 31-10-2015 14:54:00 Geplanter Prüfpunkt 01-11-2015 17:48:06 Geplanter Prüfpunkt 04-11-2015 10:11:27 Windows Update 06-11-2015 16:08:06 Geplanter Prüfpunkt 07-11-2015 20:17:27 Geplanter Prüfpunkt 10-11-2015 14:55:54 Windows Update 10-11-2015 17:21:41 Gerätetreiber-Paketinstallation: TAP-Windows Provider V9 Netzwerkadapter 11-11-2015 17:16:32 Geplanter Prüfpunkt 12-11-2015 20:56:02 Windows Update 15-11-2015 13:23:04 Geplanter Prüfpunkt 17-11-2015 16:52:23 Windows Update 18-11-2015 15:40:16 Geplanter Prüfpunkt 18-11-2015 19:52:10 Installed Oracle VM VirtualBox 5.0.10 ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2006-11-02 13:34 - 2006-09-18 22:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0C304930-E90A-4F7E-AA97-5A3FC6E1FA8A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA => C:\Users\marina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.) Task: {0EA17453-D872-4497-9C3B-5E370E3D9DD7} - \SystemSockets\SystemSockets -> Keine Datei <==== ACHTUNG Task: {0FA6C043-1A05-41F5-B451-AA45C06EE5F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA => C:\Users\marina\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) Task: {20C5EAC5-E6C7-4D5D-B821-DC36AFC60E53} - System32\Tasks\AdobeAAMUpdater-1.0-marina-PC-marcel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Task: {2268B1C0-0C3B-40CA-B71E-01492B36C50D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {2C586A4A-24CF-4387-A062-75A2B42CCF37} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001UA => C:\Users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {4DAC3EC8-9A29-4417-A32A-98FA9CF63264} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Covus Freemium\Free System Utilities\1Click.exe Task: {56B3819B-F07C-42E1-83C1-7425A5CD7162} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated) Task: {5AF16D6C-85E1-452E-9B15-0E209C1CE047} - System32\Tasks\Baidu PC Faster Update => $szInstallingDir\Updater.exe Task: {5D11C318-039C-4530-9BC5-0A746BDF30C2} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe <==== ACHTUNG Task: {64AEC0B2-DBF2-42E5-BC81-C4F69ECD8874} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe <==== ACHTUNG Task: {69CFBAD6-3DA6-445D-A1DD-0894B406FC7C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003UA => C:\Users\mario\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {6AB2BF11-F035-476E-B6B2-B8DA188B6EEA} - System32\Tasks\{30A3CF10-EA6A-42B1-8678-BD9B4E0BB742} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.3.0.105&LastError=12002 Task: {6AFB957A-D7E0-49B5-8297-1D400411A537} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ACHTUNG Task: {70158EF5-6CE4-4FA7-BEE6-BADFC3708CA3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {77D6A1C2-290F-476C-A3C1-73A1D45712CC} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe Task: {8B9677A0-94AD-42A1-B1E5-0D5E1F9B3872} - \Browser Updater\Browser Updater -> Keine Datei <==== ACHTUNG Task: {9027A1B1-6B4E-4142-9F16-C551BB09EE15} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd) Task: {A0DB3953-5EE9-4E06-A0DA-4F26FA4D14AC} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04] (Hewlett-Packard) Task: {B23218E7-BD64-46C9-B6E3-F5DEC033F5E8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core => C:\Users\marina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.) Task: {B6D0F6F3-E36D-4281-8DF1-4E07EB78E72F} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\WBrowserShield.exe <==== ACHTUNG Task: {B803C051-339E-4D49-A711-353D095D8663} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {CE98EDF9-0AC5-48A6-A218-E6940628A2EB} - System32\Tasks\RecoveryCD => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2009-03-25] () Task: {D016EDCB-43A8-460F-A389-3CE5812FC67B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003Core => C:\Users\mario\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {D2931C31-C84A-405B-BF1F-D39502216EAB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core => C:\Users\marina\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) Task: {D4E6F240-8B92-4784-BB78-5DCB33095A8D} - System32\Tasks\{6F174A9A-BC6D-40D1-BB19-7A53BBA6FD1B} => pcalua.exe -a C:\Users\marcel\Downloads\streamripper-windows-installer-1.64.6.exe Task: {F4970054-C2A4-4E64-BBD2-5D95D38E11B1} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02] (PC-Doctor, Inc.) Task: {F7D66220-065A-4DDB-B4D8-089A138A7276} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001Core => C:\Users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {FA98CC90-8BE9-4A2E-B107-621106176535} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core.job => C:\Users\marina\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA.job => C:\Users\marina\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core.job => C:\Users\marina\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA.job => C:\Users\marina\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001Core.job => C:\Users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001UA.job => C:\Users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003Core.job => C:\Users\mario\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003UA.job => C:\Users\mario\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2009-11-03 15:30 - 2009-06-02 01:15 - 00051200 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2015-11-15 15:33 - 2015-09-21 06:29 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll 2015-10-12 21:41 - 2015-10-12 21:41 - 00850128 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe 2014-06-02 16:10 - 2014-06-29 15:19 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-11-15 15:33 - 2015-09-21 06:29 - 01032312 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe 2015-11-15 15:33 - 2015-09-21 06:29 - 00087672 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll 2015-08-19 17:45 - 2015-07-24 05:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-10-12 21:35 - 2015-10-12 21:35 - 00261328 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll 2015-10-12 21:55 - 2015-10-12 21:55 - 00895184 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.5.0.2.dll 2015-08-21 19:13 - 2015-08-21 19:13 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll 2009-03-27 21:02 - 2009-03-27 21:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll 2009-03-27 21:02 - 2009-03-27 21:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll 2015-11-15 15:33 - 2015-09-21 06:29 - 00559224 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll 2014-04-15 16:29 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\marcel\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2014-04-15 16:29 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\marcel\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\marina\Documents\Produce.avi:TOC.WMV ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-499821555-1515846726-3243709471-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\marcel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg DNS Servers: 192.168.0.1 - 192.168.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{F5C20972-2992-49D7-9E1A-8D79D5A7984B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE FirewallRules: [{F5094622-384F-4E7A-A0DD-69BB18D1BA2F}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe FirewallRules: [{2BF2EF32-1398-4FE0-A25F-7737140F89D0}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe FirewallRules: [{D6DFAD45-CE21-4CF9-9CBB-6692B61EFA3D}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe FirewallRules: [{FD7D0E6B-081C-4E0B-A535-51D8AC05DCB5}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe FirewallRules: [{D9131F9D-BFDC-4CAC-B304-6DE7F485E0FA}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{183D348E-F26F-40D1-9973-7954ADFB266F}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{0F2520BB-E5E5-49CF-AA15-B57CF9ED348B}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{C68EEF98-A094-40A2-9D33-32E57254E728}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{A91FF648-7789-4E4E-BF3E-604E7AE53695}] => (Allow) LPort=80 FirewallRules: [{60D0B398-E090-49AE-86CC-1DEE8CF04DBE}] => (Allow) LPort=80 FirewallRules: [{AA8583BB-A335-46A3-8099-969A16270232}] => (Allow) LPort=80 FirewallRules: [{11FD45A2-64D2-457C-887D-C71D64376993}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{3A306622-3D05-4DE7-8F5E-61AAD07F563D}] => (Allow) LPort=2869 FirewallRules: [{D44E1F2E-DB14-4FD6-A89E-DC7D7A315FE4}] => (Allow) LPort=1900 FirewallRules: [{574B0590-B8F5-4AE6-88A5-371F82990BE0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{B53D9E10-EFFB-458D-9FBD-DA3E746D70DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3BC77566-91CB-4095-821A-FB437D6A1C24}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4DB683EC-101D-46B4-8EFD-FAD5E1683EA9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{BF9DE9D9-3BE7-4636-8503-FD90B29210CC}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{25E2F7FD-83CE-4AB6-AD69-744BCCF22C36}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{DFF109DC-0749-44F7-90F6-2F4B7693A5EB}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{1C8EB865-7112-4B06-B91A-24D68BE32A42}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{26F8C160-C4FC-4047-B23B-296C4BA56D37}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{36100A4D-ACCC-4A32-B467-786DD7BCDCF0}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{94235AD2-251C-41BB-91C9-E8726C1C859A}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{38658058-B8B2-4EF7-884D-324F0ABD632E}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe FirewallRules: [{7C1FA24A-11C9-413F-B599-3978BCB7C940}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe FirewallRules: [{BD0650A3-3F30-4CDA-9B4B-6D877D216A03}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe FirewallRules: [{B2EC14F0-2E4C-45CE-8D9B-C0A787C897EE}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe FirewallRules: [{69ACC60D-B78B-4BF9-A5FB-C43A5770E869}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{4C89EA0C-F5D6-4522-840E-419F17FD334A}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{B27EFF98-35F9-4787-9BBE-AA61836F21D3}] => (Allow) C:\Users\marcel\AppData\Roaming\ICQM\icq.exe FirewallRules: [{B9836555-992D-4E8B-B48F-AA597F3C3CFD}] => (Allow) C:\Users\marcel\AppData\Roaming\ICQM\icq.exe FirewallRules: [{D49F4F42-7B2D-4ED1-97DF-E232B4F73F08}] => (Allow) C:\Windows\system32\hasplms.exe FirewallRules: [{7E554353-25C0-4364-B4DD-50F208E238BD}] => (Allow) C:\Windows\system32\hasplms.exe FirewallRules: [{E4706FE8-8A0D-4DBA-A05B-8F2BB876795F}] => (Allow) C:\Program Files (x86)\Lightworks\Lightworks.exe FirewallRules: [{1C081A2F-054B-43B4-8BE3-D11ABC0DEC54}] => (Allow) C:\Program Files (x86)\Lightworks\Lightworks.exe FirewallRules: [{2C066E0D-B236-4AC9-9DC5-B0777E62A303}] => (Allow) C:\Program Files (x86)\Lightworks\ntcardvt.exe FirewallRules: [{1E98149F-A068-431C-8F04-3236B9EAAD0F}] => (Allow) C:\Program Files (x86)\Lightworks\ntcardvt.exe FirewallRules: [{878CEAA4-F011-4DC2-A358-B5481A6E7775}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe FirewallRules: [{09AEB68B-39FE-4B63-8B24-AE2637580C7A}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe FirewallRules: [{8B050490-BB16-4388-B3C9-016E36282C6C}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe FirewallRules: [{DACF1B29-20EC-4513-82E5-B2BFE9EC73FC}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe FirewallRules: [{D7538DD0-2662-4F98-ABA9-D83D5329C468}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{4C33B38C-35DC-4EE6-A356-FB34C213C43F}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{88E2F03E-AFC1-4CF9-868B-F2012A84265A}] => (Allow) C:\Program Files (x86)\Protected Search\ProtectedSearch.exe FirewallRules: [{F68CFD70-6F80-402B-A3EC-1F4B99C086FC}] => (Allow) C:\Program Files (x86)\Protected Search\ProtectedSearch.exe FirewallRules: [{0C3987E2-F48B-4FB6-9FD7-9F2F662748B7}] => (Allow) C:\Program Files (x86)\HomeTab\TBUpdater.dll FirewallRules: [{BA0EEC2F-2CE8-4DBD-87D8-B52E818396CC}] => (Allow) C:\Program Files (x86)\HomeTab\TBUpdater.dll FirewallRules: [{82B8AE97-1333-47C8-9220-30A7B48018F2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{10D7AE9D-6D62-4E37-87BE-883DF16FEB58}] => (Allow) C:\Users\marina\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{4CD587C1-ACEA-448D-B28B-EF4CA135DA45}] => (Allow) C:\Users\marina\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{2F52FE38-9537-4577-9E99-1B460526DF3D}C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe] => (Block) C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe FirewallRules: [UDP Query User{EBE897A7-0CE5-45BB-8274-B09FFC56F612}C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe] => (Block) C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe FirewallRules: [TCP Query User{EC498DCC-8BC4-4514-9B72-CE21928DE5A2}C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe] => (Block) C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe FirewallRules: [UDP Query User{B9053513-3B65-4A0F-A841-98367FC1050D}C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe] => (Block) C:\users\marcel\desktop\star trek online_en\star trek online\live\gameclient.exe FirewallRules: [TCP Query User{8D002325-D170-4524-BD1D-EA9356F0053D}C:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe FirewallRules: [UDP Query User{F4161B4F-8169-45E0-9946-5170E7CD5B72}C:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe FirewallRules: [TCP Query User{43DE585B-B761-47BF-8564-F73A8B23D55D}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Block) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe FirewallRules: [UDP Query User{9837EE9B-DCC5-4998-86ED-4F7BDBD1AD04}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Block) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe FirewallRules: [TCP Query User{D2BCF247-F742-47C1-BCEF-5C753243180B}C:\users\marina\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\marina\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{843D9811-27F7-4074-BA15-1F6C5086FF03}C:\users\marina\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\marina\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{95F93966-7B7F-4B2C-8E33-63B1489B834A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{7BFF6E9F-AA4B-4702-BCAD-6F981E173341}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{09677CA6-42DB-40A6-94F4-C7EEA7B396DA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{A2ADAAF9-0195-4B26-8386-D0816CEC5851}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{9B9ABDFA-E1BE-429F-9BF5-E33C6D1FBF02}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1260736F-1740-425C-9CEB-BB335A0D65BA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{64C70B3A-5323-4FAC-AF01-A6BC629DB7C9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5D0D04F4-9D89-4B6E-BE89-D0677D1BBA95}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{12A0CAEB-F6A8-4B17-B6E8-53C0C2FD69F3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{A6A7482C-959D-4666-B244-62EC711E45AC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{BFBFAAE9-497F-4170-815E-0D69E1CD98F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{7BC9C500-A121-4275-B394-FD14B99460A0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [TCP Query User{85C7763A-9E3A-446E-A3A0-A6199A277EF8}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [UDP Query User{F1DE4FDE-EF14-47A8-ADD2-D312E55BA9EE}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [{110B4C2D-84F3-4E21-8F9A-E609B62EF805}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{5A77CB5F-12B1-48CC-A50A-8824FC9C5350}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{273B2AF4-F418-4B10-96C4-F8DDDE530D9E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe FirewallRules: [{C0DD37C3-4A42-4862-BDD4-C27C0E1CBECB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe FirewallRules: [{DAA1875C-09BD-47D5-85B7-019F6FA58DEE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe FirewallRules: [{A233CC07-65D5-4EB5-AB57-449DF2447A73}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe FirewallRules: [{5ACDA239-DAE6-4208-B83C-B05A3FFBDA5D}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{E2FE3E90-AE53-4164-ABBA-0F1C7CA9563B}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{F72CA295-A9C6-4D76-A274-E9D9E85C4F6A}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{7FD3A865-6941-4DC8-B1CB-7352A63D81E4}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{0BAFAE37-25A3-47DD-B49D-7ED1578E7775}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{10957AEE-3E43-4BE3-B9B8-0E0777B4A67A}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{DE2A6792-1F78-4B44-8489-1CB5230A78E4}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{4E89E5DB-0C5C-44B7-9519-636CC13E8185}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{A1DC0A09-05E7-4F56-BD3C-080D2C659989}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{24953923-2DE3-402B-8ACF-6F49D68AA744}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{8D415465-8AC9-4F15-AF3D-39906A7E5222}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{FDE8E401-F5A9-4EE3-B96D-FD436B32FA36}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{149EB396-4385-400C-B240-359EBC6E07F5}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{2BC44EE9-B90B-45E4-984E-C97B185B51AD}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{C5C2EF04-0672-4962-949F-F0D5A22D0867}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{2060E93A-D62F-4490-838F-C45DF043B7E6}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{36D98AA6-DFAC-4C71-98A0-2057E2A2FFDA}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{4652CFF6-EE8A-431D-BB17-2EA2160E57CC}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{281C003D-4E75-4966-B019-028691200A96}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{AAEA6D43-8425-488E-BB54-422D788F85F6}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{D55B9232-6441-4F5F-987B-AAE19F0775E0}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{5A6354A6-8C4D-4E89-BF03-CDDD84928A38}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{ED50C3FB-C423-40CD-A95E-EE0B87C86DED}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{74481C2B-1959-45B3-9C79-2FA795AF5CB1}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{0FBEAE14-69BB-4A37-A501-4ABCFE72C054}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{AC7954E0-BA12-4A07-BFD8-CC748CBE312B}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{33DCF676-F111-4308-8CD6-BCDFB28F19DD}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{B680107E-BCB7-4FB6-8866-83216B5A3D72}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{BEDEADF4-2DA8-4E30-854C-D25EBBABB041}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{86C438A2-D489-4B12-8057-8BE4E26233AE}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{C64A5577-B731-4AE2-9752-92B8AF0D07AE}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{5D3588D0-3306-4F34-BB66-736843C6E4B3}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{2B574CED-678B-4391-922B-D7699334E217}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{2A17BC8E-CEDC-4D34-8557-0F7D9B9905B3}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{AB8BE9A6-BF22-4A50-B1F0-20FCF0918472}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{97331928-15FB-4960-BE9F-9E63DB9C4C94}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{C7974EFE-40B6-46CF-8998-51D9E993B81D}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{4658349B-1EE4-465F-93FD-613EDAC567FB}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{5C26FD64-A5F4-470F-ACBC-2C1326613FD7}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{CC8757D2-BDB9-48F4-BB2E-05429B04A7AF}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{4F6D85B7-ABF8-4CCB-822E-8E643CE859B7}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{1CF297D3-D2C1-45BD-B04C-3D471D2D3A9B}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{9C2E6C0F-A3B2-4D77-8A46-ED935BA0C738}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{C097C29E-5954-4593-B426-3774E7C18DC4}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{0C38B261-4B88-4BFD-90AB-77F9585A6D86}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{4EF45F49-2B04-443A-97D6-B9EFB4C9DBB1}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{CF9D47A7-76EA-4E74-BE15-F96201CB163A}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{02FB66F2-1814-4229-9D0C-7DCEF4506372}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{FBB9CBF6-5016-4439-A44F-B03EFA1BF9A1}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{0BF5D2E3-AB9D-4761-AE84-E3C4DB43B7E6}] => (Allow) C:\SoloApp\SoloApp.exe FirewallRules: [{264E8181-B125-440E-BB26-2BE6A7CD1779}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{79FAB681-165D-4B32-BB1E-FC9C98BC705D}] => (Allow) C:\SoloApp\WebDriver.dll FirewallRules: [{73D655E8-362F-480E-B12D-AB96B26657B7}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{7BF49F38-0067-42E8-8F32-AD2A7CA5FF4B}] => (Allow) C:\SoloApp\chromedriver.exe FirewallRules: [{92F00E89-9A8C-4B38-B306-A15DF871E181}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{38264418-3196-4E86-9F18-C20D7A4DAF27}] => (Allow) C:\SoloApp\IEDriverServer.exe FirewallRules: [{3B684585-7343-419D-B7E7-493EB56EDF92}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{DC526DEA-B6E3-4EA2-88AF-D23111874B6E}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{F1FF2753-2318-4DB1-B2BE-0897DB26461D}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{9AF9E66D-7C1D-4721-BD53-B609BC8680BD}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{BFC42BC3-719F-4491-8EAC-140EB7D0EC7C}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{49ED2C06-5A3A-4E61-A0ED-759ECDD4C550}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{F1DAEFFA-1B86-4D44-81EB-9FE59441A34B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C2ACF0F6-D62B-421F-9B7E-21F9B586BEC1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{45CB548A-ED19-4368-AE18-2AD72A431B6F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{87C91441-A22C-4F38-AA5E-20E32B52BBB0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{23560A78-B88A-4D8A-AF99-768ED50B97CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{D1F10B0C-1A7A-4EF5-B3D7-4AAB9F4039C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{0C34042E-38E1-4B4A-82B0-90523462918B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{C58CC58F-DF94-4C07-8F0F-E2A3054560ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{D5044604-C30D-40C0-BE57-2D7903A53385}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{5A94E26D-4EF6-4FB7-BEC6-4D9FA2B67D0B}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{EEA789EE-F15E-4ACE-B224-EB4A72564BEF}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{FF878A01-89F7-40B6-B4EF-225A9A20951E}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{FB20ABD8-184B-45F7-90B1-0B9CF90D7D2B}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{301B6EF0-0DF5-4CFD-B862-1AEC9B1B1D64}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{89C5D826-826E-4296-8075-00F30CF7953D}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{E96647F8-C4F5-41AA-A4A7-78BD59EAE9EE}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserArmor.exe FirewallRules: [{A4D4A99E-39EA-4818-9A76-2A78FB25FD67}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{051EB43F-B7AB-4D6B-B1C4-A3F4CB030EFA}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe FirewallRules: [{38A13790-8330-4CE3-8EBF-CB5763AC5145}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{F6615031-9951-4EFA-89B6-B9715E90F08E}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe FirewallRules: [{DCE2EA9F-9679-4603-B8B4-FB3ABC4765BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{A704A6D8-C8AC-40DC-82EB-D0FB3706D19A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{F9081AC9-C324-4095-AF50-1EB851EAB26A}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserShield.exe FirewallRules: [{6B320970-3DB8-4D48-9263-E51FA4D7E72F}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserShield.exe FirewallRules: [{BFEAC4C8-F50D-46C8-912E-53EC4C7D9DB0}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdate.exe FirewallRules: [{890C9D9D-D916-42BC-BD1F-508FC261B376}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdate.exe FirewallRules: [{610F1C76-3807-48FE-A40A-5DDE01CE0648}] => (Allow) C:\Program Files (x86)\HomeTab\WConnectorProductivity.exe FirewallRules: [{8DA47B0A-A17C-4DBC-AA43-CD05E55AD329}] => (Allow) C:\Program Files (x86)\HomeTab\WConnectorProductivity.exe FirewallRules: [{0F7931B9-6301-49D7-938D-21EDEEED9A84}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserShield.exe FirewallRules: [{8EA04169-D6D2-4102-8F40-E46ABE20C55D}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserShield.exe FirewallRules: [{69EFB958-56FB-4C7B-845B-43CF318F9321}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdate.exe FirewallRules: [{89C0D41A-5975-4952-8F22-F0F69A2549C4}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserUpdate.exe FirewallRules: [{A0BFCE82-5E33-4FBF-923E-F2A523F5807A}] => (Allow) C:\Program Files (x86)\HomeTab\WConnectorProductivity.exe FirewallRules: [{171A66A8-8ADF-4638-A0DA-FF75ED3AB97F}] => (Allow) C:\Program Files (x86)\HomeTab\WConnectorProductivity.exe FirewallRules: [TCP Query User{CB940CFA-9AF5-4C74-9468-5CAEE7D93557}C:\users\marcel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marcel\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{201F51D9-2447-4EEC-91FA-F7751025978F}C:\users\marcel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marcel\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{3796B6E7-A0E6-4469-9D87-EE525E7223A4}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{789828AF-195B-46AC-9B7D-D1AE1AEF3C4F}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [TCP Query User{00A84986-AFCB-47AC-A34B-2620CFEC7BD1}C:\users\marina\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marina\appdata\local\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{1CBBC152-7676-4B44-8098-1CFADFCE3DE8}C:\users\marina\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marina\appdata\local\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{F6109EFF-F034-4014-BE01-99E2D209D412}C:\users\marcel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marcel\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{DB71363E-AF8E-4D16-A22D-9ED335CCC057}C:\users\marcel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marcel\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{A1DFE7CB-8A9D-493B-983F-6D68DB7BA1F8}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{948E3949-4DEC-477A-9EB6-D1D2C7D4DAC6}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [TCP Query User{7B3223FF-7D51-413D-983B-EEA4902C77EB}C:\users\marcel\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\marcel\appdata\local\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{4AFDE2B8-1770-41BA-89AB-CFF0C7FC2D5F}C:\users\marcel\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\marcel\appdata\local\google\chrome\application\chrome.exe FirewallRules: [{EFE294F8-02BC-4C31-8AEB-7D000C127D0B}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{836B12DF-63E3-4B07-A81D-16F306A440DC}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{84AABCAF-1472-4965-B067-B84BB7F18D4F}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{81540CDE-1602-41C8-BC5D-9099DF78571A}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{49310285-F0CD-42C3-8697-D0330FC04FD7}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{961ED7D9-59F1-4ADD-B6C5-53971A80F5E7}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Bluetooth PAN Network Adapter Description: Bluetooth PAN Network Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: IVT Corporation Service: BT Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: TAP-Windows Adapter V9 Description: TAP-Windows Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: tap0901 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/21/2015 08:49:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/21/2015 08:48:57 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (11/21/2015 08:26:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/21/2015 08:25:16 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (11/21/2015 08:17:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/21/2015 08:16:47 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (11/21/2015 05:07:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/21/2015 05:07:42 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (11/20/2015 06:34:47 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/20/2015 06:34:47 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Systemfehler: ============= Error: (11/11/2009 01:59:04 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 10.11.2009 um 21:41:46 unerwartet heruntergefahren. CodeIntegrity: =================================== Date: 2015-11-21 20:59:33.960 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:33.470 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:32.939 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:32.422 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:31.652 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:31.153 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:30.638 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:30.054 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:29.182 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\360AvFlt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-21 20:59:28.671 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\360AvFlt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz Prozentuale Nutzung des RAM: 52% Installierter physikalischer RAM: 4094.26 MB Verfügbarer physikalischer RAM: 1946.8 MB Summe virtueller Speicher: 8399.78 MB Verfügbarer virtueller Speicher: 5697.64 MB ==================== Laufwerke ================================ Drive c: (COMPAQ) (Fixed) (Total:581.64 GB) (Free:105 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (FACTORY_IMAGE) (Fixed) (Total:14.53 GB) (Free:2.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (CANON_IJ) (CDROM) (Total:0.48 GB) (Free:0 GB) CDFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232) Partition 1: (Active) - (Size=581.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=14.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
24.11.2015, 22:10 | #5 |
/// the machine /// TB-Ausbilder | Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
25.11.2015, 18:13 | #6 |
| Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt Erstmal danke fürs helfen. Hier der Code Code:
ATTFilter ComboFix 15-11-23.01 - marcel 25.11.2015 17:12:35.1.4 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.4094.1417 [GMT 1:00] ausgeführt von:: c:\users\marcel\Desktop\ComboFix.exe AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859} SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\programdata\1366984667.bdinstall.bin c:\users\marcel\AppData\Local\lame_enc.dll c:\users\marcel\AppData\Local\no23xwrapper.dll c:\users\marcel\AppData\Local\ogg.dll c:\users\marcel\AppData\Local\vorbis.dll c:\users\marcel\AppData\Local\vorbisenc.dll c:\users\marcel\AppData\Local\vorbisfile.dll c:\users\marcel\Documents\~yt74FB.tmp c:\users\marcel\pdfcrack.exe c:\users\Public\sdelevURL.tmp c:\windows\IsUn0407.exe c:\windows\msdownld.tmp c:\windows\SysWow64\Packet.dll c:\windows\SysWow64\pthreadVC.dll c:\windows\SysWow64\tmp2952.tmp c:\windows\SysWow64\tmp29A1.tmp c:\windows\SysWow64\tmp4604.tmp c:\windows\SysWow64\tmp4682.tmp c:\windows\SysWow64\wpcap.dll . . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF -------\Service_npf . . ((((((((((((((((((((((( Dateien erstellt von 2015-10-25 bis 2015-11-25 )))))))))))))))))))))))))))))) . . 2015-11-25 16:36 . 2015-11-25 16:36 -------- d-----w- c:\users\mario\AppData\Local\temp 2015-11-25 16:36 . 2015-11-25 16:36 -------- d-----w- c:\users\marina\AppData\Local\temp 2015-11-25 16:36 . 2015-11-25 16:36 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-11-25 16:36 . 2015-11-25 16:36 -------- d-----w- c:\users\Gast\AppData\Local\temp 2015-11-25 15:46 . 2015-11-25 15:46 -------- d-----w- c:\program files (x86)\VS Revo Group 2015-11-24 15:49 . 2015-11-24 15:55 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0 2015-11-24 15:25 . 2015-11-24 16:52 -------- d-----w- c:\users\marcel\AppData\Roaming\Avira 2015-11-24 15:23 . 2015-11-24 15:27 163544 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2015-11-24 15:23 . 2015-11-24 15:27 141416 ----a-w- c:\windows\system32\drivers\avipbb.sys 2015-11-24 15:23 . 2015-03-17 12:01 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2015-11-24 15:23 . 2015-11-24 15:30 -------- d-----w- c:\programdata\Avira 2015-11-21 19:54 . 2015-11-21 20:17 -------- d-----w- C:\FRST 2015-11-18 19:40 . 2015-11-18 19:40 -------- d-----w- c:\users\marcel\VirtualBox VMs 2015-11-18 19:39 . 2015-11-20 18:36 -------- d-----w- c:\users\marcel\.VirtualBox 2015-11-18 18:57 . 2015-11-10 16:56 964928 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2015-11-18 18:57 . 2015-11-10 16:56 138904 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2015-11-18 18:56 . 2015-11-18 18:56 -------- d-----w- c:\program files\Oracle 2015-11-18 16:22 . 2015-11-18 16:22 -------- d-----w- c:\program files (x86)\LinuxLive USB Creator 2015-11-15 18:27 . 2015-11-15 18:27 -------- d-----w- c:\users\mario\AppData\Local\CrashRpt 2015-11-15 15:04 . 2009-04-10 22:27 299520 ----a-w- c:\program files (x86)\Internet Explorer\ieuser.exe 2015-11-15 15:03 . 2015-11-21 19:12 -------- d-----w- C:\$360Section 2015-11-15 14:51 . 2015-11-15 14:51 -------- d-----w- c:\program files (x86)\GnuWin32 2015-11-15 14:37 . 2015-11-21 19:12 -------- d-----w- c:\programdata\360Quarant 2015-11-15 14:30 . 2015-11-24 14:58 -------- d-----w- c:\program files (x86)\360 2015-11-12 20:55 . 2015-09-26 16:04 206336 ----a-w- c:\windows\SysWow64\ncrypt.dll 2015-11-12 20:55 . 2015-09-26 16:05 77312 ----a-w- c:\windows\SysWow64\secur32.dll 2015-11-12 20:55 . 2015-09-26 15:58 257536 ----a-w- c:\windows\system32\ncrypt.dll 2015-11-12 20:55 . 2015-09-26 13:21 275968 ----a-w- c:\windows\SysWow64\bcrypt.dll 2015-11-12 20:55 . 2015-09-22 13:10 517976 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2015-11-12 20:55 . 2015-09-22 13:10 306688 ----a-w- c:\windows\system32\bcrypt.dll 2015-11-12 20:55 . 2015-09-26 16:05 281600 ----a-w- c:\windows\SysWow64\schannel.dll 2015-11-12 20:55 . 2015-09-26 15:58 350720 ----a-w- c:\windows\system32\schannel.dll 2015-11-12 20:55 . 2015-10-17 14:35 2798592 ----a-w- c:\windows\system32\win32k.sys 2015-11-12 20:50 . 2015-10-17 16:01 501248 ----a-w- c:\windows\SysWow64\kerberos.dll 2015-11-12 20:50 . 2015-10-17 15:41 659456 ----a-w- c:\windows\system32\kerberos.dll 2015-11-12 20:48 . 2015-10-10 15:48 736192 ----a-w- c:\windows\system32\drivers\ndis.sys 2015-11-12 20:47 . 2015-10-01 16:03 940032 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2015-11-12 20:47 . 2015-10-01 15:41 1823232 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2015-11-12 20:47 . 2015-10-01 15:41 1506816 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2015-11-12 20:47 . 2015-10-01 15:41 1455104 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2015-11-12 20:47 . 2015-10-01 15:41 1482752 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2015-11-12 20:20 . 2015-10-13 14:44 94720 ----a-w- c:\windows\system32\drivers\tdx.sys 2015-11-12 20:20 . 2015-10-13 14:45 404992 ----a-w- c:\windows\system32\drivers\afd.sys 2015-11-12 20:02 . 2015-10-14 20:25 1586304 ----a-w- c:\windows\system32\ntdll.dll 2015-11-12 20:02 . 2015-10-14 15:47 4691392 ----a-w- c:\windows\system32\ntoskrnl.exe 2015-11-12 20:02 . 2015-10-14 20:25 1168600 ----a-w- c:\windows\SysWow64\ntdll.dll 2015-11-10 16:56 . 2015-11-10 16:56 194976 ----a-w- c:\windows\system32\drivers\VBoxNetLwf.sys 2015-11-10 16:56 . 2015-11-10 16:56 117768 ----a-w- c:\windows\system32\drivers\VBoxNetAdp6.sys 2015-11-10 16:23 . 2015-11-10 16:23 -------- d-----w- c:\users\marcel\AppData\Local\CyberGhost 2015-11-10 16:21 . 2015-11-10 16:23 -------- d-----w- c:\program files\TAP-Windows 2015-11-10 16:21 . 2015-11-10 16:23 -------- d-----w- c:\program files\CyberGhost 5 . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-11-12 20:57 . 2006-11-02 12:35 145617392 ----a-w- c:\windows\system32\mrt.exe 2015-11-11 14:46 . 2013-03-11 09:39 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-11-11 14:46 . 2013-03-11 09:39 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-10-29 09:28 . 2015-11-24 08:49 11138400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{53C1F4BF-B534-47EC-AA6F-55F5804FC456}\mpengine.dll 2015-10-13 00:29 . 2015-10-13 00:29 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll 2015-10-13 00:22 . 2015-10-13 00:22 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll 2015-09-02 21:26 . 2015-09-10 13:47 1402368 ----a-w- c:\windows\SysWow64\msxml6.dll 2015-09-02 21:26 . 2015-09-10 13:47 1253376 ----a-w- c:\windows\SysWow64\msxml3.dll 2015-09-02 21:26 . 2015-09-10 13:47 1796096 ----a-w- c:\windows\system32\msxml6.dll 2015-09-02 21:26 . 2015-09-10 13:47 1875968 ----a-w- c:\windows\system32\msxml3.dll 2015-09-02 21:26 . 2015-09-10 13:23 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2015-09-02 21:25 . 2015-09-10 13:23 48128 ----a-w- c:\windows\system32\atmlib.dll 2015-09-02 20:16 . 2015-09-10 13:23 372736 ----a-w- c:\windows\system32\atmfd.dll 2015-09-02 19:54 . 2015-09-10 13:23 297472 ----a-w- c:\windows\SysWow64\atmfd.dll 2013-02-14 11:50 . 2013-02-14 11:50 4126720 ----a-w- c:\program files (x86)\GUTFA66.tmp . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}] 2009-11-08 08:55 297808 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240] "Spotify Web Helper"="c:\users\marcel\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-11-18 2344768] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-31 43816] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-11-24 782520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0?È¥??????????????1\0UnatD?È¥?????????rv_XV_b9KiVy?È¥?autocheck autochk *\0?È¥??È¥??????????????1\0_?È¥??? . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AutoUpdateDisableNotify"=dword:00000001 . R1 360FsFlt;360FsFlt mini-filter driver;c:\windows\system32\DRIVERS\360FsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\360FsFlt.sys [x] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - WS2IFSL . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes ezSharedSvc . Inhalt des "geplante Tasks" Ordners . 2015-11-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-11 14:46] . 2015-11-24 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core.job - c:\users\marina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13 16:15] . 2015-11-25 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA.job - c:\users\marina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13 16:15] . 2015-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-10 17:25] . 2015-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-10 17:25] . 2015-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core.job - c:\users\marina\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-17 08:53] . 2015-11-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA.job - c:\users\marina\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-17 08:53] . 2015-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001Core.job - c:\users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-08 11:56] . 2015-11-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001UA.job - c:\users\marcel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-08 11:56] . 2015-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003Core.job - c:\users\mario\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-23 18:33] . 2015-11-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003UA.job - c:\users\mario\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-23 18:33] . 2014-06-30 c:\windows\Tasks\PCDRScheduledMaintenance.job - c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02 18:59] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-07-24 2634896] . ------- Zusätzlicher Suchlauf ------- . uStart Page = about:newtab uDefault_Search_URL = hxxp://www.google.com mStart Page = about:newtab mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt mDefault_Search_URL = hxxp://www.google.com mSearch Page = hxxp://www.google.com mSearch Bar = hxxp://www.google.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = www.google.com/ IE: &AOL Toolbar-Suche - c:\programdata\AOL\ieToolbar\resources\de-DE\local\search.html IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: Free YouTube Download - c:\users\marcel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {{6e80943c-847c-4447-b830-f94e7dcbbd4e} - {96edaac7-6183-4cb5-8823-b8b12d94f967} - LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll TCP: DhcpNameServer = 192.168.0.1 192.168.0.2 FF - ProfilePath - c:\users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\ FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: network.proxy.type - . - - - - Entfernte verwaiste Registrierungseinträge - - - - . ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) SafeBoot-WudfPf SafeBoot-WudfRd ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) AddRemove-{f8cd9221-848c-45fb-a509-fa75dea3a22f} - c:\programdata\Package Cache\{f8cd9221-848c-45fb-a509-fa75dea3a22f}\free-system-utilities_Setup_product-website.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0] "ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\software\BlueStacks] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}] @Denied: (A 2) (Everyone) @SACL= @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation] @SACL= "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32] @SACL= @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10a.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib] @SACL= @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{1989C694-3CF9-4a56-B1CC-2E3CB1D753D7}\Control] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{1989C694-3CF9-4a56-B1CC-2E3CB1D753D7}\Implemented Categories] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{1989C694-3CF9-4a56-B1CC-2E3CB1D753D7}\MiscStatus] @DACL=(02 0000) @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{1989C694-3CF9-4a56-B1CC-2E3CB1D753D7}\ProgID] @DACL=(02 0000) @="VHtmlInput.HtmlInput.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{1989C694-3CF9-4a56-B1CC-2E3CB1D753D7}\Programmable] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{1989C694-3CF9-4a56-B1CC-2E3CB1D753D7}\ToolboxBitmap32] @DACL=(02 0000) @="c:\\Windows\\eHome\\ehkeyctl.dll, 102" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{1989C694-3CF9-4a56-B1CC-2E3CB1D753D7}\Version] @DACL=(02 0000) @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{1989C694-3CF9-4a56-B1CC-2E3CB1D753D7}\VersionIndependentProgID] @DACL=(02 0000) @="VHtmlInput.HtmlInput" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @SACL= @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Control] @SACL= . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage] @SACL= . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories] @SACL= . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @SACL= @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @SACL= @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @SACL= @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Programmable] @SACL= . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @SACL= @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @SACL= @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @SACL= @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @SACL= @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @SACL= @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Control] @SACL= . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @SACL= @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @SACL= @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Programmable] @SACL= . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @SACL= @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @SACL= @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @SACL= @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @SACL= @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}] @Denied: (A 2) (Everyone) @SACL= @="IFlashBroker2" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32] @SACL= @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib] @SACL= @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) @SACL= . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @SACL= @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @SACL= @="" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @SACL= @="FlashBroker" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Weitere laufende Prozesse ------------------------ . c:\program files (x86)\Avira\AntiVir Desktop\sched.exe c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\hasplms.exe c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe c:\program files (x86)\Hotspot Shield\bin\hsswd.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files\CyberGhost 5\Service.exe . ************************************************************************** . Zeit der Fertigstellung: 2015-11-25 18:00:19 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2015-11-25 17:00 . Vor Suchlauf: 24 Verzeichnis(se), 117.662.969.856 Bytes frei Nach Suchlauf: 33 Verzeichnis(se), 119.828.656.128 Bytes frei . - - End Of File - - 6CAE663E5BBF4F2EC1F90713C1DFCB52 03BA8F890B47C0BE359A4D5A636D214D Warning! Error restoring C:\Windows\erdnt\subs\software to C:\Windows\System32\config\software ! Continue with the next file? [ RegReplaceKey: 5 - zugriff verweigert ] Ja Nein __________________________ Wenn ich jetzt auf ja gedrückt hab ging das immer so weiter, also hab ich auf nein gedrückt und das Fenster schloss sich. |
27.11.2015, 00:09 | #7 |
/// the machine /// TB-Ausbilder | Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
27.11.2015, 16:21 | #8 |
| Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt Die Malwarebytes Anti-Malware Log-Datei hab ich versehentlich nicht gespeichert, es waren aber über 150 gefundene Objekte Code:
ATTFilter # AdwCleaner v5.022 - Bericht erstellt am 27/11/2015 um 15:55:30 # Aktualisiert am 22/11/2015 von Xplode # Datenbank : 2015-11-22.2 [Server] # Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (x64) # Benutzername : marcel - MARINA-PC # Gestartet von : C:\Users\marcel\Downloads\AdwCleaner_5.022.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** [-] Dienst Gelöscht : SystemStoreService ***** [ Ordner ] ***** [#] Ordner Gelöscht : C:\Program Files (x86)\Browser Updater [#] Ordner Gelöscht : C:\Program Files (x86)\GreenTree Applications [#] Ordner Gelöscht : C:\Program Files (x86)\GutscheinFinder [#] Ordner Gelöscht : C:\Program Files (x86)\Protected Search [#] Ordner Gelöscht : C:\ProgramData\ytd video downloader [#] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective [#] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader [#] Ordner Gelöscht : C:\Users\marcel\AppData\LocalLow\SimplyTech [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\dvdvideosoftiehelpers [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\SimplyTech [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Systweak [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C} [#] Ordner Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C} [#] Ordner Gelöscht : C:\Users\marina\AppData\Local\NativeMessaging [#] Ordner Gelöscht : C:\Users\marina\AppData\Local\PackageAware [#] Ordner Gelöscht : C:\Users\marina\AppData\Local\WhiteListing [#] Ordner Gelöscht : C:\Users\marina\AppData\LocalLow\AskToolbar [#] Ordner Gelöscht : C:\Users\marina\AppData\LocalLow\Conduit [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\dvdvideosoftiehelpers [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\Systweak [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\mt4tj8sf.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\mt4tj8sf.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\mt4tj8sf.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\mt4tj8sf.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\mt4tj8sf.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\mario\AppData\Local\Conduit [#] Ordner Gelöscht : C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [#] Ordner Gelöscht : C:\Users\mario\AppData\LocalLow\AskToolbar [#] Ordner Gelöscht : C:\Users\mario\AppData\LocalLow\SimplyTech [#] Ordner Gelöscht : C:\Users\mario\AppData\Roaming\Systweak [#] Ordner Gelöscht : C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} [#] Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe} [#] Ordner Gelöscht : C:\Windows\SysNative\Tasks\Software Updater ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\invalidprefs.js [-] Datei Gelöscht : C:\Users\marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.ask.com_0.localstorage [-] Datei Gelöscht : C:\Users\marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_excel-kassenbuch.softonic.de_0.localstorage [-] Datei Gelöscht : C:\Users\marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage [-] Datei Gelöscht : C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage [-] Datei Gelöscht : C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal [-] Datei Gelöscht : C:\Windows\launcher.exe ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** [-] Aufgabenplanung Gelöscht : Freemium1ClickMaint [-] Aufgabenplanung Gelöscht : Scheduled Update for Ask Toolbar [-] Aufgabenplanung Gelöscht : Software Updater [-] Aufgabenplanung Gelöscht : Software Updater Ui ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DriversHQ.DriverDetective.Client.exe [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}] [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6E80943C-847C-4447-B830-F94E7DCBBD4E} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} [!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102} [-] Schlüssel Gelöscht : HKCU\Software\APN PIP [-] Schlüssel Gelöscht : HKCU\Software\Complitly [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKCU\Software\simplytech [-] Schlüssel Gelöscht : HKCU\Software\Avg Secure Update [-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar [-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech [-] Schlüssel Gelöscht : HKLM\SOFTWARE\covus freemium gmbh [-] Schlüssel Gelöscht : HKLM\SOFTWARE\PIP [-] Schlüssel Gelöscht : HKLM\SOFTWARE\SimplyGen [-] Schlüssel Gelöscht : HKLM\SOFTWARE\systweak [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7F1E694F-1880-4D5F-BD27-A0D0A5379864} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4640FDE1-B83A-4376-84ED-86F86BEE2D41} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PokerStars.net [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2D81E70-2A98-4A08-A628-94388B063C5E} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4640FDE1-B83A-4376-84ED-86F86BEE2D41} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PokerStars.net [-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskToolbar [-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\IBUpdaterService [-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Avg Secure Update [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\APN [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Conduit [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\OCS [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Softonic [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\systweak [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Avg Secure Update [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Toolbar [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\AskToolbar [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\Conduit [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\APN [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Softonic [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\systweak [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Toolbar [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\AskToolbar [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\Conduit [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4640FDE1-B83A-4376-84ED-86F86BEE2D41} [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Toolbar [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\Conduit [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14C66209FCA938858B9729645C666684 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87EC9ACEAFE8ECD52A529663CD35213F [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EDF0464A38B673448DE688FB6EED214 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F496E1F70881F5D4DB720A0D5A738946 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI [(Default)] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI [] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [] [-] Daten Wiederhergestellt : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ [!] Schlüssel Nicht Gelöscht : DisplayName [!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ [!] Schlüssel Nicht Gelöscht : URL [!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ [!] Schlüssel Nicht Gelöscht : TopResultURLFallback [!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{017A66CC-3985-4911-A97F-FECB0BCC95B0} [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes\{017A66CC-3985-4911-A97F-FECB0BCC95B0} [-] Daten Wiederhergestellt : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes\{336A1CA7-0577-4AC0-920F-8B8530FC20F4} [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} [-] Schlüssel Gelöscht : HKU\S-1-5-21-499821555-1515846726-3243709471-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes\{AC89B4BD-598F-4B4D-8D64-DAE86FD9B32F} ***** [ Internetbrowser ] ***** [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Web Search"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultenginename", "Web Search"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Web Search"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "Web Search"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.enabledAddons", "{20a82645-c095-46ed-80e3-08825760534b}:0.0.0,toolbar@gmx.net:2.3.4,webbooster@iminent.com:6.27.3.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.version", "6.27.3.1"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"6.27.3.1\",\"InstallEventCTime\":1395738456812,\"InstallEvent\":\"True\"}"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.FavLinkSplitTestingClass", "v2"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.SOFTONICREFRESHRATE", "140000"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "1"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1384533064817"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.SOFTONICREFRESHRATE", "140000"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\ahvi0b3s.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1384532992796"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\mt4tj8sf.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultenginename", "Web Search"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\mt4tj8sf.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Web Search"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\mt4tj8sf.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "Web Search"); [-] [C:\Users\marina\AppData\Roaming\Mozilla\Firefox\Profiles\mt4tj8sf.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Web Search"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultenginename", "Web Search"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Web Search"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "Web Search"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\3tholvcs.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Web Search"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : * To make a manual change r_pref("HomeTab_3580.global.ClearSearchHistoryOnClose", "false"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.CurrentLanguageSelection", "English"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.CurrentNavigationSelection", "Current window"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.CurrentSearchEngineSelection", "US: United States of America"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.DisplayRecentSearches", "true"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.ShowButtonText2", "true"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.UpdateTime", "1419348491894"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.setupExtension", "true"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.userEnable", true); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.userID", "3ed670ccefa1994786ee9dd122847672"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Web Search"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultenginename", "Web Search"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Web Search"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "Web Search"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.ShowThankyouPixel", "0"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.adapters", "{\"gmx\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"expireTime\":\"1387897816340259200\"},\"google\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"e[...] [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.registerToolbarEvent102", "1393513414355"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.version", "7.50.3.1"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.50.3.1\",\"InstallEventCTime\":1393513354606,\"InstallEvent\":\"True\"}"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.SOFTONICREFRESHRATE", "140000"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1387381459794"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.SOFTONICREFRESHRATE", "140000"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02"); [-] [C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1387381455106"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.CurrentLanguageSelection", "English"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.CurrentNavigationSelection", "Current window"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.CurrentSearchEngineSelection", "US: United States of America"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.DisplayRecentSearches", "true"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.ShowButtonText2", "true"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.UpdateTime", "1425028710064"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.setupExtension", "true"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.userEnable", true); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("HomeTab_3580.global.userID", "1c37796ff67acef0d1a9bfdac6053d34"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Web Search"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultenginename", "Web Search"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Web Search"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "Web Search"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.ShowThankyouPixel", "0"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":3}"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.adapters", "{\"suche.gmx.net\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"gmx\",\"v\":true,\"p\":0,\"t\":1,\"th\":0.228,\"expireTime\":\"14025729887468640[...] [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.version", "8.23.4.1"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.23.4.1\",\"InstallEventCTime\":1402495005592,\"InstallEvent\":\"True\"}"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.FavLinkSplitTestingClass", "v1"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.SOFTONICREFRESHRATE", "140000"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0"); [-] [C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\auy7bacv.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "1"); [-] [C:\Users\marina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : slirsredirect.search.aol.com [-] [C:\Users\marina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : excel-kassenbuch.softonic.de [-] [C:\Users\marina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.conduit.com [-] [C:\Users\marina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : dlfienamagdnkekbbbocojppncdambda [-] [C:\Users\marina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : jbolfgndggfhhpbnkgnpjkfhinclbigj [-] [C:\Users\marina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : nikpibnbobmbdbheedjfogjlikpgpnhp [-] [C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Gelöscht : hxxp://search.conduit.com/?ctid=CT3241949&SearchSource=48 [-] [C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : coljhboelhlkbgaaolcngflenaggpeao [-] [C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : didlmjkkjfegblmkekbhgpefajgikncm [-] [C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : engeblojhfeingnjnfpiceofljnjpldp [-] [C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : fcljdicbcnmfhekdcaobgbpjjifniemh [-] [C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : jbolfgndggfhhpbnkgnpjkfhinclbigj [-] [C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : websearch.ask.com [-] [C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : ask.com [-] [C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=DVS2&o=1586&locale=en_US&apn_uid=6e9b802b-78a6-4510-938c-b1a08d713252&apn_ptnrs=^AAA&apn_sauid=7EA519FA-0AB0-4123-B434-F31BEBCB244A&apn_dtid=^YYYYYY^YY^DE&q={searchTerms} [-] [C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : coljhboelhlkbgaaolcngflenaggpeao [-] [C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : fcljdicbcnmfhekdcaobgbpjjifniemh [-] [C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : jbolfgndggfhhpbnkgnpjkfhinclbigj ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ************************* C:\AdwCleaner[R1].txt - [40469 Bytes] - [11/03/2013 18:44:02] C:\AdwCleaner[S1].txt - [352 Bytes] - [11/03/2013 18:44:37] C:\AdwCleaner[S2].txt - [37768 Bytes] - [11/03/2013 18:45:33] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [74697 Bytes] ########## Geändert von sexyrexy (27.11.2015 um 16:29 Uhr) |
27.11.2015, 16:22 | #9 |
| Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkanntCode:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.1 (11.24.2015) Operating System: Windows (TM) Vista Home Premium x64 Ran by marcel (Administrator) on 27.11.2015 at 16:09:02,99 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 45 Successfully deleted: C:\ProgramData\pc drivers headquarters (Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{016BFF02-A967-4C1E-8C5D-8B10E0E099B3} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{088C82C0-EA80-4033-9BFB-1CDDAB9D98CB} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{0A5061BA-1310-462E-A137-54CE8BC76B1B} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{0B4C5A46-CD93-4161-9E2D-3E28ED39DF0C} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{105054BD-AA12-4B3F-AD07-55E977071DBA} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{15CF4572-67CE-4A82-BDC7-54E915F02D71} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{17EE6BA0-4E05-40DB-9B66-A13B1D11A29E} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{1FB4AD6C-10A3-4C4D-9915-A3CD945FE9CD} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{249FE362-1822-4723-BD09-92EF7838CB4A} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{34A4A0A5-60A5-41DB-971A-23201196D64D} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{3E5E3853-AEEF-47D3-BAC0-E2CD7937C795} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{3E7F1112-FB62-46E7-AAFB-D77A37FD8DDA} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{43909600-EBDB-4827-9BF5-4633E75C4DD9} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{465B2985-A245-46C5-B759-6AE49EE5500C} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{46AC4F6C-C049-4159-933E-3CE8ED7F0955} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{540DDE6D-D5DC-4EDE-AC23-8F79AA548654} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{589EC35F-54EB-4504-AFB0-0E8F721A0C26} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{72384AD6-C404-48D3-BCBF-B7185BD66AEC} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{742498A3-8AC9-42A5-9AC8-0064EA757DA0} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{762D3EEC-8182-494D-8C81-04B3D464FD65} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{76CF6445-1941-4360-A6D9-5C919E8EEE94} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{7C3971F7-D7A0-4DEE-B63C-6821407B6D2B} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{7DD07412-6F03-4F94-A852-7CE1B45DB3A1} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{7E4E197E-EC35-426F-8BE5-75BC8FEF21D4} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{87DD61AA-1402-4BB4-AEED-7F4C35EAE27E} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{8B8A681F-A34F-48EA-ABB9-79A20EFD8A59} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{8D821A77-7730-4585-953D-7FAE23195FF4} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{951DCCFB-7046-4D6C-A507-66354AD58902} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{B477FFD6-170D-4425-91E7-8549EDA98D25} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{BFB2009F-A63B-4E49-BC1A-8DFF80249FC3} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{C4DF5008-7C5F-4FD8-968F-3343BD7827CE} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{C5599979-1180-41F6-B00C-DE991BAC513F} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{E20F312A-3366-4C2D-920F-7C17B2261906} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{E4CEC8FA-B7D2-4053-8CD8-AC9D687EDA5D} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{EFCAACF1-EA3F-471A-9F12-A830E9C25DF1} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{F041A431-B0E2-49EB-81D3-6829D83B417D} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{F6B1753E-3663-45A5-9421-2185901C752F} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\{FE4799B5-BC6E-49CF-BCC5-0DC7D9CF33FF} (Empty Folder) Successfully deleted: C:\Users\marcel\AppData\Local\crashrpt (Folder) Successfully deleted: C:\Users\marcel\AppData\Local\cre (Folder) Successfully deleted: C:\Users\marcel\AppData\Roaming\getrighttogo (Folder) Successfully deleted: C:\Users\Public\Desktop\hotspot shield.lnk (Shortcut) Successfully deleted: C:\Program Files (x86)\GUTFA66.tmp (File) Successfully deleted: C:\Program Files (x86)\pc drivers headquarters (Folder) Registry: 8 Successfully deleted: HKLM\Software\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh (Registry Key) Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\PCFApiUtil (Registry Key) Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{017A66CC-3985-4911-A97F-FECB0BCC95B0} (Registry Key) Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{58235107-16C5-49E2-98F1-21B363368353} (Registry Key) Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9E85F70F-E0D6-4AD4-823C-1BC5B6AE763C} (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2} (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL (Registry Value) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 27.11.2015 at 16:14:55,35 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-11-2015 durchgeführt von marcel (Administrator) auf MARINA-PC (27-11-2015 16:20:22) Gestartet von C:\Users\marcel\Desktop Geladene Profile: marcel (Verfügbare Profile: marina & marcel & mario & Gast) Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 9 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Google Inc.) C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\nacl64.exe (Google Inc.) C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\nacl64.exe (Google Inc.) C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\marcel\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\marcel\AppData\Roaming\Spotify\SpotifyCrashService.exe (Spotify Ltd) C:\Users\marcel\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\marcel\AppData\Roaming\Spotify\Spotify.exe (Google Inc.) C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-11-24] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Run: [Spotify Web Helper] => C:\Users\marcel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-18] (Spotify Ltd) HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-499821555-1515846726-3243709471-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [334336 2008-01-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei Startup: C:\Users\marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-15] ShortcutTarget: Dropbox.lnk -> C:\Users\marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei) Startup: C:\Users\marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2009-12-02] ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Keine Datei) Startup: C:\Users\marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2014-07-21] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * ?È¥??????????????1UnatD?È¥?????????rv_XV_b9KiVy?È¥?autocheck autochk * ?È¥??È¥??????????????1_?È¥??? ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{176F75FA-2EEA-4574-9FF6-D5EE634F10B2}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{60898117-5FDF-4AD7-913E-0657A1685320}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{9729659E-F4AD-41A7-A304-B8FFAD2E6CB1}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{A083A9A5-9BA3-4A07-BD4B-25914ABC1824}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{A0EA3E07-4716-4DF2-AD89-6CBD70C1F409}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{C4713B7D-069F-4723-8D4E-87A096190CC5}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{D770CD81-744D-4D34-AAEA-1EDD562342AD}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-499821555-1515846726-3243709471-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-499821555-1515846726-3243709471-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKU\S-1-5-21-499821555-1515846726-3243709471-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> DefaultScope Wert fehlt SearchScopes: HKLM -> {017A66CC-3985-4911-A97F-FECB0BCC95B0} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de SearchScopes: HKLM -> {58235107-16C5-49E2-98F1-21B363368353} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 SearchScopes: HKLM -> {9E85F70F-E0D6-4AD4-823C-1BC5B6AE763C} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\S-1-5-21-499821555-1515846726-3243709471-1001 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = SearchScopes: HKU\S-1-5-21-499821555-1515846726-3243709471-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation) BHO-x32: Kein Name -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> Keine Datei BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2014-09-18] (Perfect World Entertainment Inc) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Kein Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Keine Datei BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation) Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - Keine Datei Toolbar: HKU\S-1-5-21-499821555-1515846726-3243709471-1001 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - Keine Datei Toolbar: HKU\S-1-5-21-499821555-1515846726-3243709471-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default FF NewTab: about:newtab FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-12] (Pando Networks) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [2014-09-18] (Perfect World Entertainment Inc) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-499821555-1515846726-3243709471-1001: @tools.google.com/Google Update;version=3 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-499821555-1515846726-3243709471-1001: @tools.google.com/Google Update;version=9 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-499821555-1515846726-3243709471-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-12] (Pando Networks) FF SearchPlugin: C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\searchplugins\forestle-de.xml [2012-07-12] FF Extension: GMX MailCheck - C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\extensions\toolbar@gmx.net.xpi [2013-12-24] [ist nicht signiert] FF Extension: Web Developer - C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-12-24] [ist nicht signiert] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee} [nicht gefunden] FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2012-10-06] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2012-10-06] [ist nicht signiert] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.de/ CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3241949&SearchSource=48" CHR Plugin: (Shockwave Flash) - C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => Keine Datei CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => Keine Datei CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => Keine Datei CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei CHR Plugin: (Native Client) - C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => Keine Datei CHR Plugin: (Chrome PDF Viewer) - C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei CHR Plugin: (registryAccess) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaakfopmidbfddimafofbdngbkidf\7.13.0.17889_0\background/registryAccess.dll => Keine Datei CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll => Keine Datei CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Profile: C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Web Developer) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-05-26] CHR Extension: (YouTube) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Adblock Plus) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24] CHR Extension: (Google-Suche) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (Google Play Musik) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-11-20] CHR Extension: (ModHeader) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2015-11-11] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25] CHR Extension: (Google Mail) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR Extension: (night tochpc) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjmhomfflfeomeelinjbpnmomlllilom [2015-07-16] CHR HKLM-x32\...\Chrome\Extension: [aaaaplmcbjhigpfkmaffahlojgchbgfk] - C:\Users\marcel\AppData\Local\APN\GoogleCRXs\aaaaplmcbjhigpfkmaffahlojgchbgfk_7.17.0.0.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-10-06] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome - C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe--register-chrome-browser-suffix=.marcel StartMenuInternet: Google Chrome.marcel - C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [916968 2015-11-24] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-11-24] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-11-24] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1210512 2015-11-24] (Avira Operations GmbH & Co. KG) S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-09-18] (Perfect World Entertainment Inc) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-02-15] (BlueStack Systems, Inc.) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-02-15] (BlueStack Systems, Inc.) S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L) S4 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-01-04] (EasyBits Sofware AS) [Datei ist nicht signiert] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-03-19] (Macrovision Europe Ltd.) [Datei ist nicht signiert] S3 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2012-09-07] (Freemake) [Datei ist nicht signiert] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation) R2 hasplms; C:\Windows\system32\hasplms.exe [4941768 2012-06-28] (SafeNet Inc.) R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-12-04] (Hewlett-Packard) [Datei ist nicht signiert] R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1873616 2015-10-12] (AnchorFree Inc.) S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-10-12] () R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [850128 2015-10-12] () S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [Datei ist nicht signiert] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [Datei ist nicht signiert] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-15] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-29] () S3 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [254552 2012-09-11] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [36256 2009-11-13] (Google Inc) U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-11-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-11-24] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG) S1 Beep; kein ImagePath R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.) R3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.) R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.) R3 BlueletSCOAudio; C:\Windows\SysWOW64\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-02-15] (BlueStack Systems) S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.) S3 BT; C:\Windows\SysWOW64\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.) S3 Btcsrusb; C:\Windows\SysWOW64\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.) R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.) R0 BTHidEnum; C:\Windows\SysWOW64\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.) R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.) R0 BTHidMgr; C:\Windows\SysWOW64\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.) R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2015-05-08] (AnchorFree Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2015-05-08] (Anchorfree Inc.) R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation) R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.) R3 VComm; C:\Windows\SysWOW64\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.) R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.) R3 VcommMgr; C:\Windows\SysWOW64\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.) S3 ZY202_VS; C:\Windows\System32\DRIVERS\WlanGZG.sys [1041920 2007-11-12] (Atheros Communications, Inc.) S1 360FsFlt; system32\DRIVERS\360FsFlt.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X] U4 vsserv; kein ImagePath U2 wuaserv; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-27 16:19 - 2015-11-27 16:19 - 00000000 ____D C:\Users\marcel\Desktop\FRST-OlderVersion 2015-11-27 16:14 - 2015-11-27 16:14 - 00006109 _____ C:\Users\marcel\Desktop\JRT.txt 2015-11-27 15:55 - 2015-11-27 15:57 - 00075513 _____ C:\Users\marcel\Desktop\AdwCleaner[C1].txt 2015-11-27 15:51 - 2015-11-27 16:17 - 00000000 ____D C:\AdwCleaner 2015-11-27 15:51 - 2015-11-27 15:51 - 01599336 _____ (Malwarebytes) C:\Users\marcel\Downloads\JRT.exe 2015-11-27 15:49 - 2015-11-27 15:49 - 01733632 _____ C:\Users\marcel\Downloads\AdwCleaner_5.022.exe 2015-11-27 15:19 - 2015-11-27 15:19 - 00001221 _____ C:\Users\marcel\Desktop\malwarebytes log.txt 2015-11-27 14:30 - 2015-11-27 15:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-27 14:28 - 2015-11-27 14:35 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-11-27 14:28 - 2015-11-27 14:28 - 00000907 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-11-27 14:28 - 2015-11-27 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-27 14:28 - 2015-11-27 14:28 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-27 14:28 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-11-27 14:28 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2015-11-27 14:25 - 2015-11-27 14:25 - 22908888 _____ (Malwarebytes ) C:\Users\marcel\Downloads\mbam-setup-2.2.0.1024 (4).exe 2015-11-26 19:12 - 2015-11-26 19:13 - 31916032 _____ C:\Users\marcel\Downloads\VBoxGuestAdditions_3.2.0.iso 2015-11-26 18:30 - 2015-11-26 18:30 - 00000000 ____D C:\Users\marcel\Desktop\Sharing 2015-11-26 18:24 - 2015-11-26 18:24 - 02629772 _____ C:\Users\marcel\Downloads\compat-wireless-2010-06-26-pc.tar.bz2 2015-11-26 17:38 - 2015-11-26 17:38 - 07368965 _____ C:\Users\marcel\Downloads\TL-WN721N_V1_140915 (1).zip 2015-11-26 17:38 - 2015-11-26 17:38 - 07368965 _____ C:\Users\marcel\Desktop\TL-WN721N_V1_140915 (1).zip 2015-11-26 17:38 - 2014-12-26 15:01 - 00000000 ____D C:\Users\marcel\Desktop\TL-WN721N_V1_140915 2015-11-26 17:38 - 2013-06-29 06:49 - 01732096 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athurx.sys 2015-11-26 17:23 - 2015-11-26 17:24 - 00290040 _____ C:\Windows\Minidump\Mini112615-02.dmp 2015-11-26 16:36 - 2015-11-26 16:36 - 00284976 _____ C:\Windows\Minidump\Mini112615-01.dmp 2015-11-25 22:20 - 2015-11-25 22:20 - 00289848 _____ C:\Windows\Minidump\Mini112515-01.dmp 2015-11-25 22:06 - 2015-11-25 22:06 - 00000719 _____ C:\Users\marcel\Desktop\taskmgr.lnk 2015-11-25 22:01 - 2015-11-25 22:01 - 00000000 ____D C:\Users\marcel\{bffece50-dab4-406c-9fc8-27fe89a6a32a} 2015-11-25 19:00 - 2015-11-25 19:00 - 07368965 _____ C:\Users\marcel\Downloads\TL-WN721N_V1_140915.zip 2015-11-25 18:00 - 2015-11-25 18:00 - 00023431 _____ C:\Users\marcel\Desktop\ComboFix.txt 2015-11-25 17:05 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe 2015-11-25 17:05 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe 2015-11-25 17:05 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-11-25 17:05 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-11-25 17:05 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-11-25 17:05 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe 2015-11-25 17:05 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe 2015-11-25 17:05 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe 2015-11-25 17:00 - 2015-11-25 18:00 - 00000000 ____D C:\Qoobox 2015-11-25 16:58 - 2015-11-25 17:57 - 00000000 ____D C:\Windows\erdnt 2015-11-25 16:57 - 2015-11-25 16:57 - 05640282 _____ (Swearware) C:\Users\marcel\Downloads\Nicht bestätigt 684132.crdownload 2015-11-25 16:57 - 2015-11-25 16:56 - 05640282 ____R (Swearware) C:\Users\marcel\Desktop\ComboFix.exe 2015-11-25 16:55 - 2015-11-25 16:56 - 05640282 _____ (Swearware) C:\Users\marcel\Downloads\ComboFix.exe 2015-11-25 16:46 - 2015-11-25 16:46 - 00001065 _____ C:\Users\marcel\Desktop\Revo Uninstaller.lnk 2015-11-25 16:46 - 2015-11-25 16:46 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2015-11-25 16:46 - 2015-11-25 16:46 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2015-11-25 16:45 - 2015-11-25 16:46 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\marcel\Downloads\revosetup95.exe 2015-11-24 19:34 - 2015-11-24 19:34 - 00084711 _____ C:\Users\marcel\Downloads\Addition (3).txt 2015-11-24 16:49 - 2015-11-24 16:55 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0 2015-11-24 16:31 - 2015-11-24 16:31 - 00001879 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk 2015-11-24 16:25 - 2015-11-24 17:52 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Avira 2015-11-24 16:24 - 2015-11-24 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-24 16:23 - 2015-11-24 16:30 - 00000000 ____D C:\ProgramData\Avira 2015-11-24 16:23 - 2015-11-24 16:27 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-11-24 16:23 - 2015-11-24 16:27 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-11-24 16:23 - 2015-03-17 13:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-11-24 16:14 - 2015-11-24 16:14 - 00388608 _____ (Trend Micro Inc.) C:\Users\marcel\Downloads\HijackThis_2.0.5.exe 2015-11-24 16:14 - 2015-11-24 16:14 - 00388608 _____ (Trend Micro Inc.) C:\Users\marcel\Downloads\HijackThis_2.0.5 (1).exe 2015-11-24 16:10 - 2015-11-24 16:12 - 165283560 _____ C:\Users\marcel\Downloads\avira_free_antivirus259_de.exe 2015-11-24 15:56 - 2015-11-24 15:56 - 00000000 _____ C:\Users\marcel\AppData\Local\{0D2AF67A-9638-4711-8048-673C2CC0EBD8} 2015-11-24 15:45 - 2015-11-24 15:45 - 00000000 ____D C:\Users\marcel\Downloads\Kaspersky Rescue2Usb 2015-11-24 15:42 - 2015-11-24 15:42 - 00387584 _____ C:\Users\marcel\Downloads\rescue2usb.exe 2015-11-24 15:41 - 2015-11-24 15:45 - 283867136 _____ C:\Users\marcel\Downloads\kav_rescue_10.iso 2015-11-24 15:04 - 2015-11-24 15:04 - 22908888 _____ (Malwarebytes ) C:\Users\marcel\Downloads\mbam-setup-2.2.0.1024 (3).exe 2015-11-24 14:42 - 2015-11-24 14:42 - 00084711 _____ C:\Users\marcel\Downloads\Addition (2).txt 2015-11-24 14:42 - 2015-11-24 14:42 - 00067956 _____ C:\Users\marcel\Downloads\FRST (1).txt 2015-11-24 14:41 - 2015-11-24 14:41 - 00084711 _____ C:\Users\marcel\Downloads\Addition (1).txt 2015-11-24 14:41 - 2015-11-24 14:41 - 00067956 _____ C:\Users\marcel\Downloads\FRST.txt 2015-11-24 14:08 - 2015-11-24 14:08 - 22908888 _____ (Malwarebytes ) C:\Users\marcel\Downloads\mbam-setup-2.2.0.1024 (2).exe 2015-11-24 09:56 - 2015-11-24 09:56 - 00038905 _____ C:\Users\marina\Documents\Müller Foto urlaub 2015.mcf 2015-11-24 09:56 - 2015-11-24 09:56 - 00000000 ____D C:\Users\marina\Documents\Müller Foto urlaub 2015_mcf-Dateien 2015-11-24 09:33 - 2015-11-24 09:44 - 00000000 ____D C:\Users\marina\AppData\LocalLow\360WD 2015-11-23 18:29 - 2015-11-23 18:29 - 00084711 _____ C:\Users\marcel\Downloads\Addition.txt 2015-11-23 17:12 - 2015-11-23 17:12 - 00006912 _____ C:\Users\marcel\Desktop\Gmer.txt 2015-11-21 23:19 - 2015-11-21 23:19 - 00285952 _____ C:\Windows\Minidump\Mini112115-01.dmp 2015-11-21 21:22 - 2015-11-21 21:22 - 00380416 _____ C:\Users\marcel\Downloads\Gmer-19357.exe 2015-11-21 21:22 - 2015-11-21 21:22 - 00380416 _____ C:\Users\marcel\Desktop\Gmer-19357.exe 2015-11-21 21:00 - 2015-11-21 21:17 - 00084711 _____ C:\Users\marcel\Desktop\Addition.txt 2015-11-21 20:54 - 2015-11-27 16:20 - 00031352 _____ C:\Users\marcel\Desktop\FRST.txt 2015-11-21 20:54 - 2015-11-27 16:20 - 00000000 ____D C:\FRST 2015-11-21 20:53 - 2015-11-27 16:19 - 02348544 _____ (Farbar) C:\Users\marcel\Desktop\FRST64.exe 2015-11-21 20:52 - 2015-11-21 20:52 - 00000000 _____ C:\Users\marcel\defogger_reenable 2015-11-21 20:51 - 2015-11-21 20:51 - 00050477 _____ C:\Users\marcel\Downloads\Defogger.exe 2015-11-21 20:51 - 2015-11-21 20:51 - 00050477 _____ C:\Users\marcel\Desktop\Defogger.exe 2015-11-21 20:30 - 2015-11-21 20:30 - 22908888 _____ (Malwarebytes ) C:\Users\marcel\Downloads\mbam-setup-2.2.0.1024.exe 2015-11-21 20:30 - 2015-11-21 20:30 - 22908888 _____ (Malwarebytes ) C:\Users\marcel\Downloads\mbam-setup-2.2.0.1024 (1).exe 2015-11-20 18:57 - 2015-11-20 18:57 - 00038291 _____ C:\Users\marcel\Downloads\zd1211-firmware-1.5 (2).tar.bz2 2015-11-20 18:57 - 2015-11-20 18:57 - 00038291 _____ C:\Users\marcel\Downloads\zd1211-firmware-1.5 (1).tar.bz2 2015-11-20 16:09 - 2015-11-20 18:59 - 00000000 ____D C:\Users\marcel\Desktop\scan 2015-11-20 16:08 - 2015-11-20 16:08 - 00038291 _____ C:\Users\marcel\Downloads\zd1211-firmware-1.5.tar.bz2 2015-11-20 12:56 - 2015-11-20 12:56 - 01464419 _____ C:\Users\mario\Downloads\Aboretum Lehrwanderung.pdf 2015-11-20 12:56 - 2015-11-20 12:56 - 00013521 _____ C:\Users\mario\Downloads\Baumnamen Karteikarten deutsch-lateinisch.xlsx 2015-11-19 22:01 - 2015-11-19 22:01 - 00000055 _____ C:\Users\marcel\Desktop\chipsatz.txt 2015-11-18 21:13 - 2015-11-18 21:13 - 00000000 ____D C:\Users\marcel\Desktop\wordlists 2015-11-18 20:41 - 2015-11-18 21:32 - 3403579392 _____ C:\Users\marcel\Downloads\kali-linux-2.0-i386.iso 2015-11-18 20:40 - 2015-11-18 20:40 - 00000000 ____D C:\Users\marcel\VirtualBox VMs 2015-11-18 20:39 - 2015-11-26 19:25 - 00000000 ____D C:\Users\marcel\.VirtualBox 2015-11-18 19:58 - 2015-11-18 19:58 - 00000989 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2015-11-18 19:58 - 2015-11-18 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2015-11-18 19:57 - 2015-11-10 17:56 - 00964928 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2015-11-18 19:57 - 2015-11-10 17:56 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2015-11-18 19:56 - 2015-11-18 19:56 - 00000000 ____D C:\Program Files\Oracle 2015-11-18 19:46 - 2015-11-18 19:46 - 01466656 _____ C:\Users\marcel\Downloads\VirtualBox - CHIP-Installer.exe 2015-11-18 18:14 - 2015-11-18 18:14 - 09989712 _____ (MEGA Limited) C:\Users\marcel\Downloads\MEGAsyncSetup.exe 2015-11-18 17:24 - 2015-11-18 18:02 - 3320512512 _____ C:\Users\marcel\Downloads\kali-linux-2.0-amd64.iso 2015-11-18 17:22 - 2015-11-18 17:22 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator 2015-11-18 17:22 - 2015-11-18 17:22 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator 2015-11-18 17:19 - 2015-11-18 17:19 - 01466656 _____ C:\Users\marcel\Downloads\Linux Live USB Creator - CHIP-Installer.exe 2015-11-18 17:18 - 2015-11-18 17:18 - 01433463 _____ C:\Users\marcel\Downloads\openssl-fips-ecp-2.0.10.tar.gz 2015-11-18 17:16 - 2015-11-18 17:16 - 00000000 ____D C:\Users\marcel\Desktop\aircrack ng 2015-11-18 17:15 - 2015-11-18 17:15 - 05559264 _____ C:\Users\marcel\Downloads\aircrack-ng-1.2-rc2-win.zip 2015-11-18 16:59 - 2015-11-18 17:00 - 28620792 _____ (Python Software Foundation) C:\Users\marcel\Downloads\python-3.5.0.exe 2015-11-15 19:42 - 2015-11-15 19:42 - 01139791 _____ C:\Users\mario\Documents\Checkliste_PSA_Waschanleitung.pdf 2015-11-15 19:28 - 2015-11-20 11:02 - 00000000 ____D C:\Users\mario\AppData\LocalLow\360WD 2015-11-15 19:27 - 2015-11-15 19:27 - 00000000 ____D C:\Users\mario\AppData\Local\CrashRpt 2015-11-15 16:58 - 2015-11-24 15:38 - 00002045 _____ C:\Users\marcel\Desktop\Google Chrome.lnk 2015-11-15 16:03 - 2015-11-21 20:12 - 00000000 ____D C:\$360Section 2015-11-15 15:51 - 2015-11-15 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuWin32 2015-11-15 15:51 - 2015-11-15 15:51 - 00000000 ____D C:\Program Files (x86)\GnuWin32 2015-11-15 15:49 - 2015-11-15 15:49 - 03012464 _____ (GnuWin32 <gnuwin32.sourceforge.net> ) C:\Users\marcel\Downloads\wget-1.11.4-1-setup.exe 2015-11-15 15:42 - 2015-11-15 15:42 - 03432131 _____ C:\Users\marcel\Downloads\wget-1.16.1.tar.gz 2015-11-15 15:37 - 2015-11-21 20:12 - 00000000 ____D C:\ProgramData\360Quarant 2015-11-15 15:30 - 2015-11-24 15:58 - 00000000 ____D C:\Program Files (x86)\360 2015-11-15 15:28 - 2015-11-15 15:28 - 00106681 _____ C:\Users\marcel\Downloads\wgetwin-1_5_3_1-binary.zip 2015-11-15 15:28 - 2015-11-15 15:28 - 00001067 _____ C:\Users\marcel\Downloads\install.sh 2015-11-15 15:19 - 2015-11-15 15:20 - 01466656 _____ C:\Users\marcel\Downloads\360 Total Security Essential Qihu 360 Internet Security - CHIP-Installer.exe 2015-11-15 12:43 - 2015-11-15 12:43 - 00000000 ____D C:\Users\marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-14 20:04 - 2015-11-14 20:04 - 00000002 _____ C:\Users\marcel\Documents\test99.bat 2015-11-14 19:54 - 2015-11-14 19:55 - 12337752 _____ (Microsoft Corporation) C:\Users\marcel\Downloads\rktools2003.exe 2015-11-14 19:51 - 2015-11-14 19:51 - 00000000 _____ C:\Users\marcel\nNUL 2015-11-14 17:50 - 2015-11-14 17:50 - 06539752 _____ (Tim Kosse) C:\Users\marcel\Downloads\FileZilla_3.14.1_win64-setup.exe 2015-11-12 21:55 - 2015-10-17 15:35 - 02798592 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-12 21:55 - 2015-09-26 17:05 - 00281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-12 21:55 - 2015-09-26 17:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-11-12 21:55 - 2015-09-26 17:04 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-12 21:55 - 2015-09-26 16:58 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-12 21:55 - 2015-09-26 16:58 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-12 21:55 - 2015-09-26 14:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2015-11-12 21:55 - 2015-09-22 14:10 - 00517976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-11-12 21:55 - 2015-09-22 14:10 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2015-11-12 21:50 - 2015-10-17 17:01 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-12 21:50 - 2015-10-17 16:41 - 00659456 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-12 21:48 - 2015-10-10 16:48 - 00736192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-11-12 21:20 - 2015-10-13 15:45 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-12 21:20 - 2015-10-13 15:44 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-12 21:02 - 2015-10-14 21:25 - 01586304 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-11-12 21:02 - 2015-10-14 21:25 - 01168600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-11-12 21:02 - 2015-10-14 16:47 - 04691392 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 16:35 - 2015-11-11 16:35 - 00004103 _____ C:\Users\marcel\Downloads\Ping IP Address.bat 2015-11-11 16:34 - 2015-11-11 16:34 - 00000611 _____ C:\Users\marcel\Downloads\IP Addresses.bat 2015-11-11 14:44 - 2015-10-31 20:48 - 17079296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 14:44 - 2015-10-31 20:45 - 10886144 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 14:44 - 2015-10-31 20:45 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-11-11 14:44 - 2015-10-31 20:44 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 14:44 - 2015-10-31 20:44 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-11-11 14:44 - 2015-10-31 20:44 - 01299968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 14:44 - 2015-10-31 20:44 - 01295872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-11-11 14:44 - 2015-10-31 20:43 - 02129408 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00887296 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-11-11 14:44 - 2015-10-31 20:43 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-11-11 14:44 - 2015-10-31 20:43 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-11-11 14:44 - 2015-10-31 19:40 - 12376576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-11 14:44 - 2015-10-31 19:38 - 09727488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-11 14:44 - 2015-10-31 19:38 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-11-11 14:44 - 2015-10-31 19:37 - 01830912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-11-11 14:44 - 2015-10-31 19:36 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 01436160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-11-11 14:44 - 2015-10-31 19:36 - 01093632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 01088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00615424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00412672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-11-11 14:44 - 2015-10-31 19:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2015-11-11 14:44 - 2015-10-31 19:36 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2015-11-10 17:56 - 2015-11-10 17:56 - 00194976 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys 2015-11-10 17:56 - 2015-11-10 17:56 - 00125008 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSB.sys 2015-11-10 17:56 - 2015-11-10 17:56 - 00117768 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys 2015-11-10 17:23 - 2015-11-10 17:23 - 00000000 ____D C:\Users\marcel\AppData\Local\CyberGhost 2015-11-10 17:21 - 2015-11-10 17:23 - 00000000 ____D C:\Program Files\TAP-Windows 2015-11-10 17:21 - 2015-11-10 17:23 - 00000000 ____D C:\Program Files\CyberGhost 5 2015-11-10 17:21 - 2015-11-10 17:21 - 00001682 _____ C:\Users\marcel\Desktop\CyberGhost 5.lnk 2015-11-10 17:21 - 2015-11-10 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5 2015-11-10 17:16 - 2015-11-10 17:16 - 09736240 _____ (CyberGhost S.R.L. ) C:\Users\marcel\Downloads\CG_5.5.0.2_7.exe 2015-11-06 18:27 - 2015-11-06 18:27 - 00068937 _____ C:\Users\marcel\Downloads\g147 (1).pdf 2015-11-06 18:25 - 2015-11-06 18:25 - 00068937 _____ C:\Users\marcel\Downloads\g147.pdf 2015-11-05 16:11 - 2015-11-05 16:11 - 00057178 _____ C:\Users\marcel\Downloads\3607-1445496876-0.pdf 2015-10-31 15:39 - 2015-10-31 15:39 - 02010436 _____ C:\Users\marcel\Downloads\W250367-1.pdf 2015-10-31 15:39 - 2015-10-31 15:39 - 01441031 _____ C:\Users\marcel\Downloads\W250367.zip 2015-10-28 19:37 - 2015-10-28 19:37 - 01461024 _____ C:\Users\marcel\Downloads\USB Mouserate Switcher - CHIP-Installer.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-27 16:16 - 2014-12-18 18:25 - 00000000 ____D C:\Users\marcel\AppData\Local\Spotify 2015-11-27 16:16 - 2014-12-18 18:23 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Spotify 2015-11-27 16:08 - 2015-06-13 17:15 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA.job 2015-11-27 16:08 - 2010-01-08 18:37 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001UA.job 2015-11-27 16:04 - 2013-10-27 16:11 - 01727886 _____ C:\Windows\ntbtlog.txt 2015-11-27 16:03 - 2010-11-10 18:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-27 16:00 - 2010-08-17 10:32 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2015-11-27 16:00 - 2009-09-17 12:55 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA.job 2015-11-27 15:59 - 2010-11-10 18:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-27 15:59 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-27 15:59 - 2006-11-02 16:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-27 15:59 - 2006-11-02 16:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-27 15:57 - 2006-11-02 16:42 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-11-27 15:55 - 2006-11-02 14:33 - 00000000 ____D C:\Windows 2015-11-27 15:49 - 2011-02-23 19:19 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003UA.job 2015-11-27 15:48 - 2014-11-21 15:24 - 00000000 ____D C:\Users\marcel\AppData\Roaming\TS3Client 2015-11-27 15:46 - 2013-03-11 10:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-27 15:24 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\IME 2015-11-27 15:21 - 2011-02-01 17:30 - 00000000 ____D C:\Program Files (x86)\BrotherSoft_Extreme 2015-11-27 15:19 - 2009-08-11 12:13 - 00000000 ____D C:\Users\marina 2015-11-27 14:25 - 2012-02-27 17:58 - 00003698 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{80C3CF13-38B5-4DC4-8C1F-9022EAA5D8DC} 2015-11-26 20:49 - 2014-11-10 16:41 - 00000000 ____D C:\Program Files (x86)\Steam 2015-11-26 19:37 - 2011-04-29 13:30 - 00000000 ____D C:\Users\marcel\AppData\Roaming\vlc 2015-11-26 19:23 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\tracing 2015-11-26 17:40 - 2010-01-08 18:20 - 00000000 ____D C:\Users\marcel 2015-11-26 17:40 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\inf 2015-11-26 17:23 - 2013-09-17 15:07 - 588865791 _____ C:\Windows\MEMORY.DMP 2015-11-26 17:23 - 2010-01-30 12:43 - 00000000 ____D C:\Windows\Minidump 2015-11-25 22:07 - 2013-04-20 16:39 - 00000000 ____D C:\Users\marcel\Documents\VirtualDJ 2015-11-25 20:11 - 2011-02-23 19:05 - 00000000 ____D C:\Users\mario 2015-11-25 18:00 - 2013-07-02 13:58 - 00000000 ____D C:\Users\marcel\AppData\Local\Apps\2.0 2015-11-25 17:51 - 2006-11-02 13:34 - 00000215 _____ C:\Windows\system.ini 2015-11-25 17:47 - 2006-11-02 13:33 - 69992448 _____ C:\Windows\system32\config\components.bak 2015-11-25 17:47 - 2006-11-02 13:33 - 03145728 _____ C:\Windows\system32\config\default.bak 2015-11-25 17:47 - 2006-11-02 13:33 - 00159744 _____ C:\Windows\system32\config\sam.bak 2015-11-25 17:47 - 2006-11-02 13:33 - 00024576 _____ C:\Windows\system32\config\security.bak 2015-11-25 17:08 - 2011-02-23 17:21 - 00000000 ____D C:\Users\Gast 2015-11-24 16:23 - 2014-04-04 15:24 - 00000000 ____D C:\Program Files (x86)\Avira 2015-11-24 15:24 - 2012-09-12 12:56 - 00000000 ____D C:\Users\marcel\AppData\Local\CrashDumps 2015-11-24 14:38 - 2009-05-19 13:37 - 00674024 _____ C:\Windows\system32\perfh007.dat 2015-11-24 14:38 - 2009-05-19 13:37 - 00146036 _____ C:\Windows\system32\perfc007.dat 2015-11-24 14:38 - 2006-11-02 13:46 - 01567488 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-24 10:54 - 2011-01-17 12:43 - 00000000 ____D C:\ProgramData\tmp 2015-11-24 10:49 - 2011-02-23 19:19 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003Core.job 2015-11-24 10:09 - 2015-06-13 17:15 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core.job 2015-11-24 09:37 - 2013-07-25 17:20 - 00000000 ___RD C:\Users\marina\Dropbox 2015-11-24 09:37 - 2013-07-25 17:14 - 00000000 ____D C:\Users\marina\AppData\Roaming\Dropbox 2015-11-23 18:04 - 2010-06-26 12:50 - 00001460 _____ C:\Users\marcel\AppData\Local\d3d9caps64.dat 2015-11-20 15:27 - 2014-07-23 17:04 - 00000000 ____D C:\Users\marcel\AppData\Roaming\FileZilla 2015-11-20 14:27 - 2011-12-14 21:00 - 00000000 ____D C:\Users\mario\AppData\Local\CrashDumps 2015-11-20 14:00 - 2009-09-17 12:55 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core.job 2015-11-20 11:02 - 2012-02-29 16:36 - 00003694 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0449D097-8C07-46B2-B0DE-06504224E682} 2015-11-20 10:59 - 2011-02-23 19:29 - 00002081 _____ C:\Users\mario\Desktop\Google Chrome.lnk 2015-11-18 17:19 - 2010-01-09 11:32 - 00052736 _____ C:\Users\marcel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-15 19:47 - 2010-03-05 14:56 - 00000000 ____D C:\Program Files (x86)\Wohnwagen Park Tycoon 2015-11-15 19:28 - 2011-02-23 19:06 - 00107224 _____ C:\Users\mario\AppData\Local\GDIPFONTCACHEV1.DAT 2015-11-15 16:04 - 2013-05-06 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport 2015-11-15 16:04 - 2013-04-13 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BumpTop 2015-11-15 16:04 - 2012-09-09 18:33 - 00000000 ___RD C:\Users\marcel\Desktop\Tools Kiste 2015-11-15 16:04 - 2012-08-14 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular 2015-11-15 16:04 - 2010-02-24 18:14 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zahlenzauber 4 2015-11-15 16:04 - 2010-02-03 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lernpaket 2015-11-15 16:04 - 2009-08-25 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager 2015-11-15 15:52 - 2010-01-09 11:19 - 00000000 ____D C:\Users\marcel\AppData\Local\Adobe 2015-11-13 15:24 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\rescache 2015-11-13 14:47 - 2006-11-02 16:21 - 02299520 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-12 22:28 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-12 22:28 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-11-12 21:58 - 2013-08-17 20:08 - 00000000 ____D C:\Windows\system32\MRT 2015-11-12 21:57 - 2006-11-02 13:35 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2015-11-12 21:54 - 2009-08-11 12:46 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-12 21:40 - 2013-03-08 20:36 - 01542944 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-11-11 15:46 - 2013-03-11 10:39 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-11 15:46 - 2013-03-11 10:39 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-11 15:46 - 2013-03-11 10:39 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-11 14:03 - 2010-01-08 18:25 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Adobe 2015-10-30 14:45 - 2013-05-31 16:33 - 00000000 ___RD C:\Users\marcel\Desktop\Musik 2015-10-28 06:08 - 2010-01-08 18:37 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001Core.job ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2010-02-08 18:27 - 2010-03-21 13:32 - 0023604 _____ () C:\Users\marcel\AppData\Roaming\UserTile.png 2013-12-28 14:14 - 2013-12-28 14:14 - 0000600 _____ () C:\Users\marcel\AppData\Roaming\winscp.rnd 2010-01-23 17:44 - 2010-01-23 17:44 - 0000000 _____ () C:\Users\marcel\AppData\Roaming\wklnhst.dat 2006-12-11 18:13 - 2006-12-11 18:13 - 0097336 _____ (Un4seen Developments) C:\Users\marcel\AppData\Local\bass.dll 2006-12-11 18:13 - 2006-12-11 18:13 - 0013872 _____ (Un4seen Developments) C:\Users\marcel\AppData\Local\basscd.dll 2007-08-13 16:46 - 2007-08-13 16:46 - 0102912 _____ (Albert L Faber) C:\Users\marcel\AppData\Local\CDRip.dll 2013-02-13 14:02 - 2013-02-13 14:02 - 0000552 _____ () C:\Users\marcel\AppData\Local\d3d8caps.dat 2010-08-10 20:26 - 2015-01-01 17:55 - 0000680 _____ () C:\Users\marcel\AppData\Local\d3d9caps.dat 2010-06-26 12:50 - 2015-11-23 18:04 - 0001460 _____ () C:\Users\marcel\AppData\Local\d3d9caps64.dat 2010-01-09 11:32 - 2015-11-18 17:19 - 0052736 _____ () C:\Users\marcel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-03-08 20:49 - 2013-03-08 20:50 - 1115884 _____ () C:\Users\marcel\AppData\Local\dd_ADONETEntityFrameworkTools_deu_MSI4818.txt 2013-03-08 18:17 - 2013-04-09 13:53 - 0265781 _____ () C:\Users\marcel\AppData\Local\dd_depcheck_VB_EXP_100.txt 2013-04-17 17:35 - 2013-06-15 16:55 - 0512085 _____ () C:\Users\marcel\AppData\Local\dd_depcheck_VCS_EXP_100.txt 2013-03-08 20:33 - 2013-03-08 20:33 - 0327350 _____ () C:\Users\marcel\AppData\Local\dd_dw20shared_x86_msi3BF0.txt 2013-03-08 18:17 - 2013-03-08 18:17 - 0000002 _____ () C:\Users\marcel\AppData\Local\dd_error_vb_xcor_100.txt 2013-04-17 17:35 - 2013-04-18 14:27 - 0005908 _____ () C:\Users\marcel\AppData\Local\dd_error_vcs_xcor_100.txt 2013-03-08 20:51 - 2013-03-08 20:51 - 0242746 _____ () C:\Users\marcel\AppData\Local\dd_HelpSetupLP_MSI4937.txt 2013-03-08 20:50 - 2013-03-08 20:50 - 0336450 _____ () C:\Users\marcel\AppData\Local\dd_HelpSetup_MSI4906.txt 2013-03-08 18:17 - 2013-04-09 13:53 - 0780584 _____ () C:\Users\marcel\AppData\Local\dd_install_vb_xcor_100.txt 2013-04-17 17:34 - 2013-06-15 17:00 - 1008750 _____ () C:\Users\marcel\AppData\Local\dd_install_vcs_xcor_100.txt 2013-03-08 20:41 - 2013-03-08 20:41 - 1540220 _____ () C:\Users\marcel\AppData\Local\dd_netfx_dtp41C8.txt 2013-03-08 20:48 - 2013-03-08 20:49 - 1795838 _____ () C:\Users\marcel\AppData\Local\dd_SharedManagementObjects_MSI4782.txt 2013-03-08 20:47 - 2013-03-08 20:47 - 0227364 _____ () C:\Users\marcel\AppData\Local\dd_SQLCEToolsForVS2007_MSI46CE.txt 2013-03-08 20:48 - 2013-03-08 20:48 - 0554040 _____ () C:\Users\marcel\AppData\Local\dd_SQLSysClrTypes_msi472A.txt 2013-03-08 20:47 - 2013-03-08 20:47 - 0715122 _____ () C:\Users\marcel\AppData\Local\dd_SSCERuntime_64_MSI46AA.txt 2013-03-08 20:47 - 2013-03-08 20:47 - 0736684 _____ () C:\Users\marcel\AppData\Local\dd_SSCERuntime_MSI4676.txt 2012-10-20 13:46 - 2012-10-20 13:46 - 0413734 _____ () C:\Users\marcel\AppData\Local\dd_vcredistMSI1776.txt 2013-03-27 18:07 - 2013-03-27 18:07 - 0366274 _____ () C:\Users\marcel\AppData\Local\dd_vcredistMSI1871.txt 2012-10-27 14:33 - 2012-10-27 14:34 - 0412746 _____ () C:\Users\marcel\AppData\Local\dd_vcredistMSI5F04.txt 2012-10-20 13:46 - 2012-10-20 13:46 - 0011208 _____ () C:\Users\marcel\AppData\Local\dd_vcredistUI1776.txt 2013-03-27 18:07 - 2013-03-27 18:07 - 0011386 _____ () C:\Users\marcel\AppData\Local\dd_vcredistUI1871.txt 2012-10-27 14:33 - 2012-10-27 14:34 - 0011176 _____ () C:\Users\marcel\AppData\Local\dd_vcredistUI5F04.txt 2013-03-08 20:33 - 2013-03-08 20:33 - 0326798 _____ () C:\Users\marcel\AppData\Local\dd_vc_runtime_x64_msi3C14.txt 2013-03-08 20:40 - 2013-03-08 20:40 - 1298630 _____ () C:\Users\marcel\AppData\Local\dd_vsexpbsln64_1004124.txt 2013-04-20 11:04 - 2013-04-20 11:15 - 12620522 _____ () C:\Users\marcel\AppData\Local\dd_VSMsiLog27EB.txt 2013-03-08 20:41 - 2013-03-08 20:47 - 15125568 _____ () C:\Users\marcel\AppData\Local\dd_VSMsiLog4247.txt 2013-06-15 16:56 - 2013-06-15 16:58 - 6787946 _____ () C:\Users\marcel\AppData\Local\dd_VSMsiLog4CD7.txt 2007-01-18 20:09 - 2007-01-18 20:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\marcel\AppData\Local\No23 Recorder.exe 2015-10-02 14:42 - 2015-10-02 14:42 - 0000836 _____ () C:\Users\marcel\AppData\Local\recently-used.xbel 2014-03-25 15:03 - 2014-04-29 17:39 - 0000040 _____ () C:\Users\marcel\AppData\Local\tmp.no23 2013-03-08 18:17 - 2013-06-15 17:00 - 0052742 _____ () C:\Users\marcel\AppData\Local\uxeventlog.txt 2013-06-09 11:31 - 2013-06-09 11:31 - 0017408 _____ () C:\Users\marcel\AppData\Local\WebpageIcons.db 2015-11-24 15:56 - 2015-11-24 15:56 - 0000000 _____ () C:\Users\marcel\AppData\Local\{0D2AF67A-9638-4711-8048-673C2CC0EBD8} 2014-08-02 12:33 - 2014-08-02 12:33 - 0000000 _____ () C:\Users\marcel\AppData\Local\{92601203-0403-49BE-B529-B1AF716242D2} 2013-03-31 15:13 - 2013-03-31 15:13 - 0000057 _____ () C:\ProgramData\Ament.ini 2009-05-19 05:30 - 2014-06-03 16:11 - 0080734 _____ () C:\ProgramData\nvModes.001 2009-05-19 05:30 - 2014-06-03 16:11 - 0080734 _____ () C:\ProgramData\nvModes.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\marcel\cygwin1.dll Einige Dateien in TEMP: ==================== C:\Users\marcel\AppData\Local\temp\avgnt.exe C:\Users\marcel\AppData\Local\temp\sqlite3.dll C:\Users\mario\AppData\Local\temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-27 16:10 ==================== Ende von FRST.txt ============================ |
29.11.2015, 06:56 | #10 |
/// the machine /// TB-Ausbilder | Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkanntESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
29.11.2015, 20:42 | #11 |
| Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt Ne, eigentlich keine Probleme mehr Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=e238842c32720c47a6e06298605efd38 # end=init # utc_time=2015-11-29 01:26:03 # local_time=2015-11-29 02:26:03 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.0.6002 NT Service Pack 2 Update Init Update Download Update Finalize Updated modules version: 26958 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=e238842c32720c47a6e06298605efd38 # end=updated # utc_time=2015-11-29 01:38:13 # local_time=2015-11-29 02:38:13 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.0.6002 NT Service Pack 2 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=e238842c32720c47a6e06298605efd38 # engine=26958 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-11-29 07:19:53 # local_time=2015-11-29 08:19:53 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode_1='Avira Desktop' # compatibility_mode=1812 16777213 100 98 30888 22234682 0 0 # compatibility_mode_1='' # compatibility_mode=5892 16776574 100 100 469840 286348699 0 0 # scanned=748339 # found=25 # cleaned=0 # scan_time=20499 sh=1D814EA403A946B40CC0A6A261B2387880D6B547 ft=1 fh=ff0bc5a908f5ad94 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Documents\Downloads\Integrated_BrotherSoft_TB.exe" sh=26722201B09417FD78152FA0CFDF31A77BCB58A9 ft=1 fh=4006686882dda19b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\360 Total Security Essential Qihu 360 Internet Security - CHIP-Installer.exe" sh=23133DD87E8B8EC005B2DA2190DE3F417EF755EE ft=1 fh=0671de0249d2a458 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\BruteForcer - CHIP-Installer.exe" sh=D366627B609FFF4DAD032805E204F56F84BA67D0 ft=1 fh=26716298ead2f4f9 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\FreeAudioConverter_5.0.21.1212.exe" sh=C26657E814FE1C660841B82AA95CD79DEC2B00DB ft=1 fh=02e6fbd7e1fc392f vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\FreeYouTubeDownload3014.exe" sh=D92B055EA8F4A4227B1A5BA3F26C56DDE67C16E9 ft=1 fh=1a95ac7c880e3c26 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\GeoGebra - CHIP-Installer.exe" sh=F6EDB151058C7CE3CCC4F942FF4CC65F18D5434E ft=1 fh=fdd0f70fd1968c0b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\Hotspot Shield VPN - CHIP-Installer.exe" sh=16714534232C63B22C439E8A69DD083E1EC2A846 ft=1 fh=40849a6985947c00 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\HSS-3.42-install-hss-691-conduit.exe" sh=3E950EBDD2FF2201D8D1ADAB846FEE6F3D20C86E ft=1 fh=f8af7bc246c1f02a vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\Linux Live USB Creator - CHIP-Installer.exe" sh=C08F6584A07C9C59AFFFBA5EA09808D23E0E2FCF ft=1 fh=d61f5cc36ab5f2d5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\LogMeIn Hamachi - CHIP-Installer.exe" sh=EC7FDD42C1E422C8743803CBED9EAA7DC9CAE161 ft=1 fh=3daee56f73f493af vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\Playmate Wallpaper Babi Rossi - CHIP-Installer.exe" sh=6484454865876421B75E1D0A7C3EE43636C3D01F ft=1 fh=1ce6247cc1b6f8eb vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\Tor Browser Paket - CHIP-Installer.exe" sh=EA8438E09E69DF34B3423C6FC937DA43F9D7EDA5 ft=1 fh=0464b67785e74962 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\USB Mouserate Switcher - CHIP-Installer.exe" sh=6DD7A411AD0B7CCD6668250ABE407464CB09DA94 ft=1 fh=739f922b79294d6b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\VirtualBox - CHIP-Installer.exe" sh=3E03C3AFD6E9F2B893F2538242983AF322EB8064 ft=1 fh=433057e32b24c335 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\VLC media player Portable - CHIP-Installer.exe" sh=54699755A60754CFA2727BA269C8EC10683BC530 ft=1 fh=b6282fb93128e2e8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\wallpaper-miss-juni-2011 - CHIP-Installer.exe" sh=32ED093F4709D6F26BEC2A4420860F89897F3D1F ft=1 fh=39e2957cefceba71 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marcel\Downloads\Wasser Wallpaper Pack - CHIP-Installer.exe" sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\tbBro0.dll" sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\tbBro1.dll" sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll" sh=457676F180502600FE0F920F7CB0F78C5EEEDC67 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\mario\AppData\Local\Mozilla\Firefox\Profiles\auy7bacv.default\Cache\D\F2\5398Ad01" sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\mario\AppData\LocalLow\BrotherSoft_Extreme\tbBro0.dll" sh=846D95D63EDE9508EFC7CEEE1D145D7CE62988C3 ft=1 fh=ec23a4ae3310ce50 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\mario\Downloads\FreeYouTubeToMP3Converter_3.11.32.918.exe" sh=AD598B25A06EA14D36C2DBF6FE84F937116E0AB1 ft=1 fh=32cb9ebcc5d6d7b4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\mario\Downloads\PDF24 Creator - CHIP-Installer.exe" sh=A85EB2E3BA1DD7E864C07338157A2765C6E5E2EF ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\40915c.msi" Code:
ATTFilter Results of screen317's Security Check version 1.009 Windows Vista Service Pack 2 x64 (UAC is enabled) Internet Explorer 9 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Avira Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 55 Java version 32-bit out of Date! Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 19.0.0.245 Adobe Reader 10.1.6 Adobe Reader out of Date! Mozilla Firefox 12.0 Firefox out of Date! Google Chrome (46.0.2490.86) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
30.11.2015, 08:00 | #12 |
/// the machine /// TB-Ausbilder | Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt das frische FRST log fehlt noch
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
30.11.2015, 17:53 | #13 |
| Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt sorry , ich nehm an ich das ganze out of date aktualisieren Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-11-2015 durchgeführt von marcel (Administrator) auf MARINA-PC (30-11-2015 17:46:10) Gestartet von C:\Users\marcel\Desktop\Malware Infektion Cleaning Geladene Profile: marcel (Verfügbare Profile: marina & marcel & mario & Gast) Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 9 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Spotify Ltd) C:\Users\marcel\AppData\Roaming\Spotify\SpotifyWebHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe (Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-11-24] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Run: [Spotify Web Helper] => C:\Users\marcel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-18] (Spotify Ltd) HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-499821555-1515846726-3243709471-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-499821555-1515846726-3243709471-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [334336 2008-01-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei Startup: C:\Users\marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-15] ShortcutTarget: Dropbox.lnk -> C:\Users\marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei) Startup: C:\Users\marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2009-12-02] ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Keine Datei) Startup: C:\Users\marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2014-07-21] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * ?È¥??????????????1UnatD?È¥?????????rv_XV_b9KiVy?È¥?autocheck autochk * ?È¥??È¥??????????????1_?È¥??? ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{176F75FA-2EEA-4574-9FF6-D5EE634F10B2}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{60898117-5FDF-4AD7-913E-0657A1685320}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{9729659E-F4AD-41A7-A304-B8FFAD2E6CB1}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{A083A9A5-9BA3-4A07-BD4B-25914ABC1824}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{A0EA3E07-4716-4DF2-AD89-6CBD70C1F409}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{C4713B7D-069F-4723-8D4E-87A096190CC5}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{D770CD81-744D-4D34-AAEA-1EDD562342AD}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-499821555-1515846726-3243709471-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-499821555-1515846726-3243709471-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKU\S-1-5-21-499821555-1515846726-3243709471-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> DefaultScope Wert fehlt SearchScopes: HKLM -> {017A66CC-3985-4911-A97F-FECB0BCC95B0} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de SearchScopes: HKLM -> {58235107-16C5-49E2-98F1-21B363368353} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 SearchScopes: HKLM -> {9E85F70F-E0D6-4AD4-823C-1BC5B6AE763C} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\S-1-5-21-499821555-1515846726-3243709471-1001 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = SearchScopes: HKU\S-1-5-21-499821555-1515846726-3243709471-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation) BHO-x32: Kein Name -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> Keine Datei BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2014-09-18] (Perfect World Entertainment Inc) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Kein Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Keine Datei BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation) Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - Keine Datei Toolbar: HKU\S-1-5-21-499821555-1515846726-3243709471-1001 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - Keine Datei Toolbar: HKU\S-1-5-21-499821555-1515846726-3243709471-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default FF NewTab: about:newtab FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-12] (Pando Networks) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [2014-09-18] (Perfect World Entertainment Inc) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-499821555-1515846726-3243709471-1001: @tools.google.com/Google Update;version=3 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-499821555-1515846726-3243709471-1001: @tools.google.com/Google Update;version=9 -> C:\Users\marcel\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-499821555-1515846726-3243709471-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-12] (Pando Networks) FF SearchPlugin: C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\searchplugins\forestle-de.xml [2012-07-12] FF Extension: GMX MailCheck - C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\extensions\toolbar@gmx.net.xpi [2013-12-24] [ist nicht signiert] FF Extension: Web Developer - C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-12-24] [ist nicht signiert] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [nicht gefunden] FF Extension: Kein Name - C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Profiles\ni48g1q6.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee} [nicht gefunden] FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2012-10-06] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2012-10-06] [ist nicht signiert] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.de/ CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3241949&SearchSource=48" CHR Plugin: (Shockwave Flash) - C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => Keine Datei CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => Keine Datei CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => Keine Datei CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei CHR Plugin: (Native Client) - C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => Keine Datei CHR Plugin: (Chrome PDF Viewer) - C:\Users\marcel\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei CHR Plugin: (registryAccess) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaakfopmidbfddimafofbdngbkidf\7.13.0.17889_0\background/registryAccess.dll => Keine Datei CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll => Keine Datei CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Profile: C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Web Developer) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-05-26] CHR Extension: (YouTube) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Adblock Plus) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24] CHR Extension: (Google-Suche) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (Google Play Musik) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-11-20] CHR Extension: (ModHeader) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2015-11-11] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25] CHR Extension: (Google Mail) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR Extension: (night tochpc) - C:\Users\marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjmhomfflfeomeelinjbpnmomlllilom [2015-07-16] CHR HKLM-x32\...\Chrome\Extension: [aaaaplmcbjhigpfkmaffahlojgchbgfk] - C:\Users\marcel\AppData\Local\APN\GoogleCRXs\aaaaplmcbjhigpfkmaffahlojgchbgfk_7.17.0.0.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-10-06] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome - C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe--register-chrome-browser-suffix=.marcel StartMenuInternet: Google Chrome.marcel - C:\Users\marcel\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [916968 2015-11-24] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-11-24] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-11-24] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1210512 2015-11-24] (Avira Operations GmbH & Co. KG) S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-09-18] (Perfect World Entertainment Inc) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-02-15] (BlueStack Systems, Inc.) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-02-15] (BlueStack Systems, Inc.) S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L) S4 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-01-04] (EasyBits Sofware AS) [Datei ist nicht signiert] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-03-19] (Macrovision Europe Ltd.) [Datei ist nicht signiert] S3 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2012-09-07] (Freemake) [Datei ist nicht signiert] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation) R2 hasplms; C:\Windows\system32\hasplms.exe [4941768 2012-06-28] (SafeNet Inc.) S2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-12-04] (Hewlett-Packard) [Datei ist nicht signiert] R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1873616 2015-10-12] (AnchorFree Inc.) S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-10-12] () R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [850128 2015-10-12] () S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [Datei ist nicht signiert] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [Datei ist nicht signiert] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-15] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-29] () S3 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [254552 2012-09-11] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [36256 2009-11-13] (Google Inc) U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-11-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-11-24] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG) S1 Beep; kein ImagePath R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.) R3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.) R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.) R3 BlueletSCOAudio; C:\Windows\SysWOW64\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-02-15] (BlueStack Systems) S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.) S3 BT; C:\Windows\SysWOW64\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.) S3 Btcsrusb; C:\Windows\SysWOW64\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.) R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.) R0 BTHidEnum; C:\Windows\SysWOW64\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.) R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.) R0 BTHidMgr; C:\Windows\SysWOW64\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.) R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2015-05-08] (AnchorFree Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-30] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2015-05-08] (Anchorfree Inc.) R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation) R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.) R3 VComm; C:\Windows\SysWOW64\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.) R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.) R3 VcommMgr; C:\Windows\SysWOW64\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.) S3 ZY202_VS; C:\Windows\System32\DRIVERS\WlanGZG.sys [1041920 2007-11-12] (Atheros Communications, Inc.) S1 360FsFlt; system32\DRIVERS\360FsFlt.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X] U4 vsserv; kein ImagePath U2 wuaserv; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-30 16:41 - 2015-11-30 16:41 - 12479485 _____ C:\Users\marina\Downloads\Ohne Titel 1 (1).pdf 2015-11-30 16:39 - 2015-11-30 16:39 - 12479485 _____ C:\Users\marina\Downloads\Ohne Titel 1.pdf 2015-11-30 14:48 - 2015-11-30 15:08 - 00000000 ____D C:\Users\marina\2015-11-30 2015-11-30 13:55 - 2015-11-30 13:55 - 00000000 ____D C:\Users\marina\AppData\Roaming\Avira 2015-11-29 14:35 - 2015-11-29 14:35 - 00852720 _____ C:\Users\marcel\Downloads\SecurityCheck.exe 2015-11-29 14:24 - 2015-11-29 14:25 - 02870984 _____ (ESET) C:\Users\marcel\Downloads\esetsmartinstaller_deu.exe 2015-11-29 11:35 - 2015-11-29 11:35 - 00000000 _____ C:\Users\mario\AppData\Local\{B5C2BBA1-700A-4577-A18A-043BB1560A63} 2015-11-28 16:05 - 2015-11-28 16:05 - 00000000 ____D C:\Users\mario\AppData\Local\ABBYY 2015-11-28 16:01 - 2015-11-28 16:01 - 00000000 ____D C:\Users\mario\AppData\Roaming\Avira 2015-11-27 19:36 - 2015-11-27 19:36 - 00309552 _____ C:\Windows\Minidump\Mini112715-01.dmp 2015-11-27 16:23 - 2015-11-30 17:47 - 00000000 ____D C:\Users\marcel\Desktop\Malware Infektion Cleaning 2015-11-27 16:19 - 2015-11-27 16:19 - 00000000 ____D C:\Users\marcel\Desktop\FRST-OlderVersion 2015-11-27 15:51 - 2015-11-27 16:17 - 00000000 ____D C:\AdwCleaner 2015-11-27 15:51 - 2015-11-27 15:51 - 01599336 _____ (Malwarebytes) C:\Users\marcel\Downloads\JRT.exe 2015-11-27 15:49 - 2015-11-27 15:49 - 01733632 _____ C:\Users\marcel\Downloads\AdwCleaner_5.022.exe 2015-11-27 14:30 - 2015-11-30 17:45 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-27 14:28 - 2015-11-27 14:35 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-11-27 14:28 - 2015-11-27 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-27 14:28 - 2015-11-27 14:28 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-27 14:28 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-11-27 14:28 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2015-11-27 14:25 - 2015-11-27 14:25 - 22908888 _____ (Malwarebytes ) C:\Users\marcel\Downloads\mbam-setup-2.2.0.1024 (4).exe 2015-11-26 19:12 - 2015-11-26 19:13 - 31916032 _____ C:\Users\marcel\Downloads\VBoxGuestAdditions_3.2.0.iso 2015-11-26 18:30 - 2015-11-26 18:30 - 00000000 ____D C:\Users\marcel\Desktop\Sharing 2015-11-26 18:24 - 2015-11-26 18:24 - 02629772 _____ C:\Users\marcel\Downloads\compat-wireless-2010-06-26-pc.tar.bz2 2015-11-26 17:38 - 2015-11-26 17:38 - 07368965 _____ C:\Users\marcel\Downloads\TL-WN721N_V1_140915 (1).zip 2015-11-26 17:38 - 2013-06-29 06:49 - 01732096 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athurx.sys 2015-11-26 17:23 - 2015-11-26 17:24 - 00290040 _____ C:\Windows\Minidump\Mini112615-02.dmp 2015-11-26 16:36 - 2015-11-26 16:36 - 00284976 _____ C:\Windows\Minidump\Mini112615-01.dmp 2015-11-25 22:20 - 2015-11-25 22:20 - 00289848 _____ C:\Windows\Minidump\Mini112515-01.dmp 2015-11-25 22:06 - 2015-11-25 22:06 - 00000719 _____ C:\Users\marcel\Desktop\taskmgr.lnk 2015-11-25 22:01 - 2015-11-25 22:01 - 00000000 ____D C:\Users\marcel\{bffece50-dab4-406c-9fc8-27fe89a6a32a} 2015-11-25 19:00 - 2015-11-25 19:00 - 07368965 _____ C:\Users\marcel\Downloads\TL-WN721N_V1_140915.zip 2015-11-25 17:05 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe 2015-11-25 17:05 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe 2015-11-25 17:05 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-11-25 17:05 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-11-25 17:05 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-11-25 17:05 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe 2015-11-25 17:05 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe 2015-11-25 17:05 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe 2015-11-25 17:00 - 2015-11-25 18:00 - 00000000 ____D C:\Qoobox 2015-11-25 16:58 - 2015-11-25 17:57 - 00000000 ____D C:\Windows\erdnt 2015-11-25 16:57 - 2015-11-25 16:57 - 05640282 _____ (Swearware) C:\Users\marcel\Downloads\Nicht bestätigt 684132.crdownload 2015-11-25 16:55 - 2015-11-25 16:56 - 05640282 _____ (Swearware) C:\Users\marcel\Downloads\ComboFix.exe 2015-11-25 16:46 - 2015-11-25 16:46 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2015-11-25 16:46 - 2015-11-25 16:46 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2015-11-25 16:45 - 2015-11-25 16:46 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\marcel\Downloads\revosetup95.exe 2015-11-24 19:34 - 2015-11-24 19:34 - 00084711 _____ C:\Users\marcel\Downloads\Addition (3).txt 2015-11-24 16:49 - 2015-11-24 16:55 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0 2015-11-24 16:31 - 2015-11-24 16:31 - 00001879 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk 2015-11-24 16:25 - 2015-11-24 17:52 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Avira 2015-11-24 16:24 - 2015-11-24 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-24 16:23 - 2015-11-24 16:30 - 00000000 ____D C:\ProgramData\Avira 2015-11-24 16:23 - 2015-11-24 16:27 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-11-24 16:23 - 2015-11-24 16:27 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-11-24 16:23 - 2015-03-17 13:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-11-24 16:14 - 2015-11-24 16:14 - 00388608 _____ (Trend Micro Inc.) C:\Users\marcel\Downloads\HijackThis_2.0.5.exe 2015-11-24 16:14 - 2015-11-24 16:14 - 00388608 _____ (Trend Micro Inc.) C:\Users\marcel\Downloads\HijackThis_2.0.5 (1).exe 2015-11-24 16:10 - 2015-11-24 16:12 - 165283560 _____ C:\Users\marcel\Downloads\avira_free_antivirus259_de.exe 2015-11-24 15:56 - 2015-11-24 15:56 - 00000000 _____ C:\Users\marcel\AppData\Local\{0D2AF67A-9638-4711-8048-673C2CC0EBD8} 2015-11-24 15:45 - 2015-11-24 15:45 - 00000000 ____D C:\Users\marcel\Downloads\Kaspersky Rescue2Usb 2015-11-24 15:42 - 2015-11-24 15:42 - 00387584 _____ C:\Users\marcel\Downloads\rescue2usb.exe 2015-11-24 15:41 - 2015-11-24 15:45 - 283867136 _____ C:\Users\marcel\Downloads\kav_rescue_10.iso 2015-11-24 15:04 - 2015-11-24 15:04 - 22908888 _____ (Malwarebytes ) C:\Users\marcel\Downloads\mbam-setup-2.2.0.1024 (3).exe 2015-11-24 14:42 - 2015-11-24 14:42 - 00084711 _____ C:\Users\marcel\Downloads\Addition (2).txt 2015-11-24 14:42 - 2015-11-24 14:42 - 00067956 _____ C:\Users\marcel\Downloads\FRST (1).txt 2015-11-24 14:41 - 2015-11-24 14:41 - 00084711 _____ C:\Users\marcel\Downloads\Addition (1).txt 2015-11-24 14:41 - 2015-11-24 14:41 - 00067956 _____ C:\Users\marcel\Downloads\FRST.txt 2015-11-24 14:08 - 2015-11-24 14:08 - 22908888 _____ (Malwarebytes ) C:\Users\marcel\Downloads\mbam-setup-2.2.0.1024 (2).exe 2015-11-24 09:56 - 2015-11-30 17:42 - 00059780 _____ C:\Users\marina\Documents\Müller Foto urlaub 2015.mcf 2015-11-24 09:56 - 2015-11-30 17:38 - 00059780 _____ C:\Users\marina\Documents\Müller Foto urlaub 2015.mcf~ 2015-11-24 09:56 - 2015-11-30 17:37 - 00000000 ____D C:\Users\marina\Documents\Müller Foto urlaub 2015_mcf-Dateien 2015-11-24 09:33 - 2015-11-24 09:44 - 00000000 ____D C:\Users\marina\AppData\LocalLow\360WD 2015-11-23 18:29 - 2015-11-23 18:29 - 00084711 _____ C:\Users\marcel\Downloads\Addition.txt 2015-11-23 17:12 - 2015-11-23 17:12 - 00006912 _____ C:\Users\marcel\Desktop\Gmer.txt 2015-11-21 23:19 - 2015-11-21 23:19 - 00285952 _____ C:\Windows\Minidump\Mini112115-01.dmp 2015-11-21 21:22 - 2015-11-21 21:22 - 00380416 _____ C:\Users\marcel\Downloads\Gmer-19357.exe 2015-11-21 20:54 - 2015-11-30 17:46 - 00000000 ____D C:\FRST 2015-11-21 20:52 - 2015-11-21 20:52 - 00000000 _____ C:\Users\marcel\defogger_reenable 2015-11-21 20:51 - 2015-11-21 20:51 - 00050477 _____ C:\Users\marcel\Downloads\Defogger.exe 2015-11-21 20:30 - 2015-11-21 20:30 - 22908888 _____ (Malwarebytes ) C:\Users\marcel\Downloads\mbam-setup-2.2.0.1024.exe 2015-11-21 20:30 - 2015-11-21 20:30 - 22908888 _____ (Malwarebytes ) C:\Users\marcel\Downloads\mbam-setup-2.2.0.1024 (1).exe 2015-11-20 18:57 - 2015-11-20 18:57 - 00038291 _____ C:\Users\marcel\Downloads\zd1211-firmware-1.5 (2).tar.bz2 2015-11-20 18:57 - 2015-11-20 18:57 - 00038291 _____ C:\Users\marcel\Downloads\zd1211-firmware-1.5 (1).tar.bz2 2015-11-20 16:08 - 2015-11-20 16:08 - 00038291 _____ C:\Users\marcel\Downloads\zd1211-firmware-1.5.tar.bz2 2015-11-20 12:56 - 2015-11-20 12:56 - 01464419 _____ C:\Users\mario\Downloads\Aboretum Lehrwanderung.pdf 2015-11-20 12:56 - 2015-11-20 12:56 - 00013521 _____ C:\Users\mario\Downloads\Baumnamen Karteikarten deutsch-lateinisch.xlsx 2015-11-18 21:13 - 2015-11-18 21:13 - 00000000 ____D C:\Users\marcel\Desktop\wordlists 2015-11-18 20:41 - 2015-11-18 21:32 - 3403579392 _____ C:\Users\marcel\Downloads\kali-linux-2.0-i386.iso 2015-11-18 20:40 - 2015-11-18 20:40 - 00000000 ____D C:\Users\marcel\VirtualBox VMs 2015-11-18 20:39 - 2015-11-27 22:08 - 00000000 ____D C:\Users\marcel\.VirtualBox 2015-11-18 19:58 - 2015-11-18 19:58 - 00000989 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2015-11-18 19:58 - 2015-11-18 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2015-11-18 19:57 - 2015-11-10 17:56 - 00964928 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2015-11-18 19:57 - 2015-11-10 17:56 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2015-11-18 19:56 - 2015-11-18 19:56 - 00000000 ____D C:\Program Files\Oracle 2015-11-18 19:46 - 2015-11-18 19:46 - 01466656 _____ C:\Users\marcel\Downloads\VirtualBox - CHIP-Installer.exe 2015-11-18 18:14 - 2015-11-18 18:14 - 09989712 _____ (MEGA Limited) C:\Users\marcel\Downloads\MEGAsyncSetup.exe 2015-11-18 17:24 - 2015-11-18 18:02 - 3320512512 _____ C:\Users\marcel\Downloads\kali-linux-2.0-amd64.iso 2015-11-18 17:22 - 2015-11-18 17:22 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator 2015-11-18 17:22 - 2015-11-18 17:22 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator 2015-11-18 17:19 - 2015-11-18 17:19 - 01466656 _____ C:\Users\marcel\Downloads\Linux Live USB Creator - CHIP-Installer.exe 2015-11-18 17:18 - 2015-11-18 17:18 - 01433463 _____ C:\Users\marcel\Downloads\openssl-fips-ecp-2.0.10.tar.gz 2015-11-18 17:16 - 2015-11-18 17:16 - 00000000 ____D C:\Users\marcel\Desktop\aircrack ng 2015-11-18 17:15 - 2015-11-18 17:15 - 05559264 _____ C:\Users\marcel\Downloads\aircrack-ng-1.2-rc2-win.zip 2015-11-18 16:59 - 2015-11-18 17:00 - 28620792 _____ (Python Software Foundation) C:\Users\marcel\Downloads\python-3.5.0.exe 2015-11-15 19:42 - 2015-11-15 19:42 - 01139791 _____ C:\Users\mario\Documents\Checkliste_PSA_Waschanleitung.pdf 2015-11-15 19:28 - 2015-11-20 11:02 - 00000000 ____D C:\Users\mario\AppData\LocalLow\360WD 2015-11-15 19:27 - 2015-11-15 19:27 - 00000000 ____D C:\Users\mario\AppData\Local\CrashRpt 2015-11-15 16:58 - 2015-11-24 15:38 - 00002045 _____ C:\Users\marcel\Desktop\Google Chrome.lnk 2015-11-15 16:03 - 2015-11-21 20:12 - 00000000 ____D C:\$360Section 2015-11-15 15:51 - 2015-11-15 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuWin32 2015-11-15 15:51 - 2015-11-15 15:51 - 00000000 ____D C:\Program Files (x86)\GnuWin32 2015-11-15 15:49 - 2015-11-15 15:49 - 03012464 _____ (GnuWin32 <gnuwin32.sourceforge.net> ) C:\Users\marcel\Downloads\wget-1.11.4-1-setup.exe 2015-11-15 15:42 - 2015-11-15 15:42 - 03432131 _____ C:\Users\marcel\Downloads\wget-1.16.1.tar.gz 2015-11-15 15:37 - 2015-11-21 20:12 - 00000000 ____D C:\ProgramData\360Quarant 2015-11-15 15:30 - 2015-11-24 15:58 - 00000000 ____D C:\Program Files (x86)\360 2015-11-15 15:28 - 2015-11-15 15:28 - 00106681 _____ C:\Users\marcel\Downloads\wgetwin-1_5_3_1-binary.zip 2015-11-15 15:28 - 2015-11-15 15:28 - 00001067 _____ C:\Users\marcel\Downloads\install.sh 2015-11-15 15:19 - 2015-11-15 15:20 - 01466656 _____ C:\Users\marcel\Downloads\360 Total Security Essential Qihu 360 Internet Security - CHIP-Installer.exe 2015-11-15 12:43 - 2015-11-15 12:43 - 00000000 ____D C:\Users\marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-14 20:04 - 2015-11-14 20:04 - 00000002 _____ C:\Users\marcel\Documents\test99.bat 2015-11-14 19:54 - 2015-11-14 19:55 - 12337752 _____ (Microsoft Corporation) C:\Users\marcel\Downloads\rktools2003.exe 2015-11-14 19:51 - 2015-11-14 19:51 - 00000000 _____ C:\Users\marcel\nNUL 2015-11-14 17:50 - 2015-11-14 17:50 - 06539752 _____ (Tim Kosse) C:\Users\marcel\Downloads\FileZilla_3.14.1_win64-setup.exe 2015-11-12 21:55 - 2015-10-17 15:35 - 02798592 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-12 21:55 - 2015-09-26 17:05 - 00281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-12 21:55 - 2015-09-26 17:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-11-12 21:55 - 2015-09-26 17:04 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-12 21:55 - 2015-09-26 16:58 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-12 21:55 - 2015-09-26 16:58 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-12 21:55 - 2015-09-26 14:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2015-11-12 21:55 - 2015-09-22 14:10 - 00517976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-11-12 21:55 - 2015-09-22 14:10 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2015-11-12 21:50 - 2015-10-17 17:01 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-12 21:50 - 2015-10-17 16:41 - 00659456 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-12 21:48 - 2015-10-10 16:48 - 00736192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-11-12 21:20 - 2015-10-13 15:45 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-12 21:20 - 2015-10-13 15:44 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-12 21:02 - 2015-10-14 21:25 - 01586304 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-11-12 21:02 - 2015-10-14 21:25 - 01168600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-11-12 21:02 - 2015-10-14 16:47 - 04691392 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 16:35 - 2015-11-11 16:35 - 00004103 _____ C:\Users\marcel\Downloads\Ping IP Address.bat 2015-11-11 16:34 - 2015-11-11 16:34 - 00000611 _____ C:\Users\marcel\Downloads\IP Addresses.bat 2015-11-11 14:44 - 2015-10-31 20:48 - 17079296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 14:44 - 2015-10-31 20:45 - 10886144 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 14:44 - 2015-10-31 20:45 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-11-11 14:44 - 2015-10-31 20:44 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 14:44 - 2015-10-31 20:44 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-11-11 14:44 - 2015-10-31 20:44 - 01299968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 14:44 - 2015-10-31 20:44 - 01295872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-11-11 14:44 - 2015-10-31 20:43 - 02129408 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00887296 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-11-11 14:44 - 2015-10-31 20:43 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-11-11 14:44 - 2015-10-31 20:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-11-11 14:44 - 2015-10-31 20:43 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-11-11 14:44 - 2015-10-31 19:40 - 12376576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-11 14:44 - 2015-10-31 19:38 - 09727488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-11 14:44 - 2015-10-31 19:38 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-11-11 14:44 - 2015-10-31 19:37 - 01830912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-11-11 14:44 - 2015-10-31 19:36 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 01436160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-11-11 14:44 - 2015-10-31 19:36 - 01093632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 01088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00615424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00412672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-11-11 14:44 - 2015-10-31 19:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2015-11-11 14:44 - 2015-10-31 19:36 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2015-11-11 14:44 - 2015-10-31 19:36 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2015-11-10 17:56 - 2015-11-10 17:56 - 00194976 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys 2015-11-10 17:56 - 2015-11-10 17:56 - 00125008 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSB.sys 2015-11-10 17:56 - 2015-11-10 17:56 - 00117768 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys 2015-11-10 17:23 - 2015-11-10 17:23 - 00000000 ____D C:\Users\marcel\AppData\Local\CyberGhost 2015-11-10 17:21 - 2015-11-10 17:23 - 00000000 ____D C:\Program Files\TAP-Windows 2015-11-10 17:21 - 2015-11-10 17:23 - 00000000 ____D C:\Program Files\CyberGhost 5 2015-11-10 17:21 - 2015-11-10 17:21 - 00001682 _____ C:\Users\marcel\Desktop\CyberGhost 5.lnk 2015-11-10 17:21 - 2015-11-10 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5 2015-11-10 17:16 - 2015-11-10 17:16 - 09736240 _____ (CyberGhost S.R.L. ) C:\Users\marcel\Downloads\CG_5.5.0.2_7.exe 2015-11-06 18:27 - 2015-11-06 18:27 - 00068937 _____ C:\Users\marcel\Downloads\g147 (1).pdf 2015-11-06 18:25 - 2015-11-06 18:25 - 00068937 _____ C:\Users\marcel\Downloads\g147.pdf 2015-11-05 16:11 - 2015-11-05 16:11 - 00057178 _____ C:\Users\marcel\Downloads\3607-1445496876-0.pdf 2015-10-31 15:39 - 2015-10-31 15:39 - 02010436 _____ C:\Users\marcel\Downloads\W250367-1.pdf 2015-10-31 15:39 - 2015-10-31 15:39 - 01441031 _____ C:\Users\marcel\Downloads\W250367.zip ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-30 17:48 - 2011-02-23 19:19 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003UA.job 2015-11-30 17:46 - 2013-03-11 10:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-30 17:45 - 2013-10-27 16:11 - 02162852 _____ C:\Windows\ntbtlog.txt 2015-11-30 17:45 - 2010-11-10 18:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-30 17:45 - 2006-11-02 16:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-30 17:45 - 2006-11-02 16:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-30 17:42 - 2011-01-17 12:43 - 00000000 ____D C:\ProgramData\tmp 2015-11-30 17:09 - 2015-06-13 17:15 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA.job 2015-11-30 17:07 - 2010-01-08 18:37 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1001UA.job 2015-11-30 17:03 - 2010-11-10 18:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-30 17:00 - 2009-09-17 12:55 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000UA.job 2015-11-30 14:48 - 2009-08-11 12:13 - 00000000 ____D C:\Users\marina 2015-11-30 14:00 - 2009-09-17 12:55 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core.job 2015-11-30 13:52 - 2013-07-25 17:20 - 00000000 ___RD C:\Users\marina\Dropbox 2015-11-30 13:52 - 2013-07-25 17:14 - 00000000 ____D C:\Users\marina\AppData\Roaming\Dropbox 2015-11-30 13:46 - 2010-08-17 10:32 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2015-11-30 13:45 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-29 21:47 - 2006-11-02 16:42 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-11-29 21:38 - 2014-11-21 15:24 - 00000000 ____D C:\Users\marcel\AppData\Roaming\TS3Client 2015-11-29 21:02 - 2014-11-10 16:41 - 00000000 ____D C:\Program Files (x86)\Steam 2015-11-29 17:48 - 2012-02-27 17:58 - 00003698 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{80C3CF13-38B5-4DC4-8C1F-9022EAA5D8DC} 2015-11-29 16:29 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\tracing 2015-11-29 11:37 - 2009-05-19 13:37 - 00674024 _____ C:\Windows\system32\perfh007.dat 2015-11-29 11:37 - 2009-05-19 13:37 - 00146036 _____ C:\Windows\system32\perfc007.dat 2015-11-29 11:37 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\inf 2015-11-29 11:37 - 2006-11-02 13:46 - 01567488 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-28 16:20 - 2013-03-20 14:52 - 00000000 ____D C:\Users\mario\Desktop\Bilder 2015-11-28 04:25 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-11-27 22:21 - 2014-12-18 18:25 - 00000000 ____D C:\Users\marcel\AppData\Local\Spotify 2015-11-27 19:59 - 2014-12-18 18:23 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Spotify 2015-11-27 19:36 - 2010-01-30 12:43 - 00000000 ____D C:\Windows\Minidump 2015-11-27 19:35 - 2013-09-17 15:07 - 247110928 _____ C:\Windows\MEMORY.DMP 2015-11-27 19:35 - 2006-11-02 14:33 - 00000000 ____D C:\Windows 2015-11-27 15:24 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\IME 2015-11-27 15:21 - 2011-02-01 17:30 - 00000000 ____D C:\Program Files (x86)\BrotherSoft_Extreme 2015-11-26 19:37 - 2011-04-29 13:30 - 00000000 ____D C:\Users\marcel\AppData\Roaming\vlc 2015-11-26 17:40 - 2010-01-08 18:20 - 00000000 ____D C:\Users\marcel 2015-11-25 22:07 - 2013-04-20 16:39 - 00000000 ____D C:\Users\marcel\Documents\VirtualDJ 2015-11-25 20:11 - 2011-02-23 19:05 - 00000000 ____D C:\Users\mario 2015-11-25 18:00 - 2013-07-02 13:58 - 00000000 ____D C:\Users\marcel\AppData\Local\Apps\2.0 2015-11-25 17:51 - 2006-11-02 13:34 - 00000215 _____ C:\Windows\system.ini 2015-11-25 17:47 - 2006-11-02 13:33 - 69992448 _____ C:\Windows\system32\config\components.bak 2015-11-25 17:47 - 2006-11-02 13:33 - 03145728 _____ C:\Windows\system32\config\default.bak 2015-11-25 17:47 - 2006-11-02 13:33 - 00159744 _____ C:\Windows\system32\config\sam.bak 2015-11-25 17:47 - 2006-11-02 13:33 - 00024576 _____ C:\Windows\system32\config\security.bak 2015-11-25 17:08 - 2011-02-23 17:21 - 00000000 ____D C:\Users\Gast 2015-11-24 16:23 - 2014-04-04 15:24 - 00000000 ____D C:\Program Files (x86)\Avira 2015-11-24 15:24 - 2012-09-12 12:56 - 00000000 ____D C:\Users\marcel\AppData\Local\CrashDumps 2015-11-24 10:49 - 2011-02-23 19:19 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1003Core.job 2015-11-24 10:09 - 2015-06-13 17:15 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-499821555-1515846726-3243709471-1000Core.job 2015-11-23 18:04 - 2010-06-26 12:50 - 00001460 _____ C:\Users\marcel\AppData\Local\d3d9caps64.dat 2015-11-20 15:27 - 2014-07-23 17:04 - 00000000 ____D C:\Users\marcel\AppData\Roaming\FileZilla 2015-11-20 14:27 - 2011-12-14 21:00 - 00000000 ____D C:\Users\mario\AppData\Local\CrashDumps 2015-11-20 11:02 - 2012-02-29 16:36 - 00003694 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0449D097-8C07-46B2-B0DE-06504224E682} 2015-11-20 10:59 - 2011-02-23 19:29 - 00002081 _____ C:\Users\mario\Desktop\Google Chrome.lnk 2015-11-18 17:19 - 2010-01-09 11:32 - 00052736 _____ C:\Users\marcel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-15 19:47 - 2010-03-05 14:56 - 00000000 ____D C:\Program Files (x86)\Wohnwagen Park Tycoon 2015-11-15 19:28 - 2011-02-23 19:06 - 00107224 _____ C:\Users\mario\AppData\Local\GDIPFONTCACHEV1.DAT 2015-11-15 16:04 - 2013-05-06 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport 2015-11-15 16:04 - 2013-04-13 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BumpTop 2015-11-15 16:04 - 2012-09-09 18:33 - 00000000 ___RD C:\Users\marcel\Desktop\Tools Kiste 2015-11-15 16:04 - 2012-08-14 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular 2015-11-15 16:04 - 2010-02-24 18:14 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zahlenzauber 4 2015-11-15 16:04 - 2010-02-03 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lernpaket 2015-11-15 16:04 - 2009-08-25 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager 2015-11-15 15:52 - 2010-01-09 11:19 - 00000000 ____D C:\Users\marcel\AppData\Local\Adobe 2015-11-13 15:24 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\rescache 2015-11-13 14:47 - 2006-11-02 16:21 - 02299520 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-12 22:28 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-12 21:58 - 2013-08-17 20:08 - 00000000 ____D C:\Windows\system32\MRT 2015-11-12 21:57 - 2006-11-02 13:35 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2015-11-12 21:54 - 2009-08-11 12:46 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-12 21:40 - 2013-03-08 20:36 - 01542944 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-11-11 15:46 - 2013-03-11 10:39 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-11 15:46 - 2013-03-11 10:39 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-11 15:46 - 2013-03-11 10:39 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-11 14:03 - 2010-01-08 18:25 - 00000000 ____D C:\Users\marcel\AppData\Roaming\Adobe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2010-02-08 18:27 - 2010-03-21 13:32 - 0023604 _____ () C:\Users\marcel\AppData\Roaming\UserTile.png 2013-12-28 14:14 - 2013-12-28 14:14 - 0000600 _____ () C:\Users\marcel\AppData\Roaming\winscp.rnd 2010-01-23 17:44 - 2010-01-23 17:44 - 0000000 _____ () C:\Users\marcel\AppData\Roaming\wklnhst.dat 2006-12-11 18:13 - 2006-12-11 18:13 - 0097336 _____ (Un4seen Developments) C:\Users\marcel\AppData\Local\bass.dll 2006-12-11 18:13 - 2006-12-11 18:13 - 0013872 _____ (Un4seen Developments) C:\Users\marcel\AppData\Local\basscd.dll 2007-08-13 16:46 - 2007-08-13 16:46 - 0102912 _____ (Albert L Faber) C:\Users\marcel\AppData\Local\CDRip.dll 2013-02-13 14:02 - 2013-02-13 14:02 - 0000552 _____ () C:\Users\marcel\AppData\Local\d3d8caps.dat 2010-08-10 20:26 - 2015-01-01 17:55 - 0000680 _____ () C:\Users\marcel\AppData\Local\d3d9caps.dat 2010-06-26 12:50 - 2015-11-23 18:04 - 0001460 _____ () C:\Users\marcel\AppData\Local\d3d9caps64.dat 2010-01-09 11:32 - 2015-11-18 17:19 - 0052736 _____ () C:\Users\marcel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-03-08 20:49 - 2013-03-08 20:50 - 1115884 _____ () C:\Users\marcel\AppData\Local\dd_ADONETEntityFrameworkTools_deu_MSI4818.txt 2013-03-08 18:17 - 2013-04-09 13:53 - 0265781 _____ () C:\Users\marcel\AppData\Local\dd_depcheck_VB_EXP_100.txt 2013-04-17 17:35 - 2013-06-15 16:55 - 0512085 _____ () C:\Users\marcel\AppData\Local\dd_depcheck_VCS_EXP_100.txt 2013-03-08 20:33 - 2013-03-08 20:33 - 0327350 _____ () C:\Users\marcel\AppData\Local\dd_dw20shared_x86_msi3BF0.txt 2013-03-08 18:17 - 2013-03-08 18:17 - 0000002 _____ () C:\Users\marcel\AppData\Local\dd_error_vb_xcor_100.txt 2013-04-17 17:35 - 2013-04-18 14:27 - 0005908 _____ () C:\Users\marcel\AppData\Local\dd_error_vcs_xcor_100.txt 2013-03-08 20:51 - 2013-03-08 20:51 - 0242746 _____ () C:\Users\marcel\AppData\Local\dd_HelpSetupLP_MSI4937.txt 2013-03-08 20:50 - 2013-03-08 20:50 - 0336450 _____ () C:\Users\marcel\AppData\Local\dd_HelpSetup_MSI4906.txt 2013-03-08 18:17 - 2013-04-09 13:53 - 0780584 _____ () C:\Users\marcel\AppData\Local\dd_install_vb_xcor_100.txt 2013-04-17 17:34 - 2013-06-15 17:00 - 1008750 _____ () C:\Users\marcel\AppData\Local\dd_install_vcs_xcor_100.txt 2013-03-08 20:41 - 2013-03-08 20:41 - 1540220 _____ () C:\Users\marcel\AppData\Local\dd_netfx_dtp41C8.txt 2013-03-08 20:48 - 2013-03-08 20:49 - 1795838 _____ () C:\Users\marcel\AppData\Local\dd_SharedManagementObjects_MSI4782.txt 2013-03-08 20:47 - 2013-03-08 20:47 - 0227364 _____ () C:\Users\marcel\AppData\Local\dd_SQLCEToolsForVS2007_MSI46CE.txt 2013-03-08 20:48 - 2013-03-08 20:48 - 0554040 _____ () C:\Users\marcel\AppData\Local\dd_SQLSysClrTypes_msi472A.txt 2013-03-08 20:47 - 2013-03-08 20:47 - 0715122 _____ () C:\Users\marcel\AppData\Local\dd_SSCERuntime_64_MSI46AA.txt 2013-03-08 20:47 - 2013-03-08 20:47 - 0736684 _____ () C:\Users\marcel\AppData\Local\dd_SSCERuntime_MSI4676.txt 2012-10-20 13:46 - 2012-10-20 13:46 - 0413734 _____ () C:\Users\marcel\AppData\Local\dd_vcredistMSI1776.txt 2013-03-27 18:07 - 2013-03-27 18:07 - 0366274 _____ () C:\Users\marcel\AppData\Local\dd_vcredistMSI1871.txt 2012-10-27 14:33 - 2012-10-27 14:34 - 0412746 _____ () C:\Users\marcel\AppData\Local\dd_vcredistMSI5F04.txt 2012-10-20 13:46 - 2012-10-20 13:46 - 0011208 _____ () C:\Users\marcel\AppData\Local\dd_vcredistUI1776.txt 2013-03-27 18:07 - 2013-03-27 18:07 - 0011386 _____ () C:\Users\marcel\AppData\Local\dd_vcredistUI1871.txt 2012-10-27 14:33 - 2012-10-27 14:34 - 0011176 _____ () C:\Users\marcel\AppData\Local\dd_vcredistUI5F04.txt 2013-03-08 20:33 - 2013-03-08 20:33 - 0326798 _____ () C:\Users\marcel\AppData\Local\dd_vc_runtime_x64_msi3C14.txt 2013-03-08 20:40 - 2013-03-08 20:40 - 1298630 _____ () C:\Users\marcel\AppData\Local\dd_vsexpbsln64_1004124.txt 2013-04-20 11:04 - 2013-04-20 11:15 - 12620522 _____ () C:\Users\marcel\AppData\Local\dd_VSMsiLog27EB.txt 2013-03-08 20:41 - 2013-03-08 20:47 - 15125568 _____ () C:\Users\marcel\AppData\Local\dd_VSMsiLog4247.txt 2013-06-15 16:56 - 2013-06-15 16:58 - 6787946 _____ () C:\Users\marcel\AppData\Local\dd_VSMsiLog4CD7.txt 2007-01-18 20:09 - 2007-01-18 20:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\marcel\AppData\Local\No23 Recorder.exe 2015-10-02 14:42 - 2015-10-02 14:42 - 0000836 _____ () C:\Users\marcel\AppData\Local\recently-used.xbel 2014-03-25 15:03 - 2014-04-29 17:39 - 0000040 _____ () C:\Users\marcel\AppData\Local\tmp.no23 2013-03-08 18:17 - 2013-06-15 17:00 - 0052742 _____ () C:\Users\marcel\AppData\Local\uxeventlog.txt 2013-06-09 11:31 - 2013-06-09 11:31 - 0017408 _____ () C:\Users\marcel\AppData\Local\WebpageIcons.db 2015-11-24 15:56 - 2015-11-24 15:56 - 0000000 _____ () C:\Users\marcel\AppData\Local\{0D2AF67A-9638-4711-8048-673C2CC0EBD8} 2014-08-02 12:33 - 2014-08-02 12:33 - 0000000 _____ () C:\Users\marcel\AppData\Local\{92601203-0403-49BE-B529-B1AF716242D2} 2013-03-31 15:13 - 2013-03-31 15:13 - 0000057 _____ () C:\ProgramData\Ament.ini 2009-05-19 05:30 - 2014-06-03 16:11 - 0080734 _____ () C:\ProgramData\nvModes.001 2009-05-19 05:30 - 2014-06-03 16:11 - 0080734 _____ () C:\ProgramData\nvModes.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\marcel\cygwin1.dll Einige Dateien in TEMP: ==================== C:\Users\marcel\AppData\Local\temp\avgnt.exe C:\Users\marcel\AppData\Local\temp\sqlite3.dll C:\Users\marina\AppData\Local\temp\avgnt.exe C:\Users\marina\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnv6vqk.dll C:\Users\mario\AppData\Local\temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-30 13:55 ==================== Ende von FRST.txt ============================ |
01.12.2015, 20:13 | #14 |
/// the machine /// TB-Ausbilder | Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt Genau, Updates machen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\marcel\Documents\Downloads\Integrated_BrotherSoft_TB.exe C:\Users\marcel\Downloads\360 Total Security Essential Qihu 360 Internet Security - CHIP-Installer.exe C:\Users\marcel\Downloads\BruteForcer - CHIP-Installer.exe C:\Users\marcel\Downloads\FreeAudioConverter_5.0.21.1212.exe C:\Users\marcel\Downloads\FreeYouTubeDownload3014.exe C:\Users\marcel\Downloads\GeoGebra - CHIP-Installer.exe C:\Users\marcel\Downloads\Hotspot Shield VPN - CHIP-Installer.exe C:\Users\marcel\Downloads\HSS-3.42-install-hss-691-conduit.exe C:\Users\marcel\Downloads\Linux Live USB Creator - CHIP-Installer.exe C:\Users\marcel\Downloads\LogMeIn Hamachi - CHIP-Installer.exe C:\Users\marcel\Downloads\Playmate Wallpaper Babi Rossi - CHIP-Installer.exe C:\Users\marcel\Downloads\Tor Browser Paket - CHIP-Installer.exe C:\Users\marcel\Downloads\USB Mouserate Switcher - CHIP-Installer.exe C:\Users\marcel\Downloads\VirtualBox - CHIP-Installer.exe C:\Users\marcel\Downloads\VLC media player Portable - CHIP-Installer.exe C:\Users\marcel\Downloads\wallpaper-miss-juni-2011 - CHIP-Installer.exe C:\Users\marcel\Downloads\Wasser Wallpaper Pack - CHIP-Installer.exe C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\tbBro0.dll C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\tbBro1.dll C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll C:\Users\mario\AppData\Local\Mozilla\Firefox\Profiles\auy7bacv.default\Cache\D\F2\5398Ad01 C:\Users\mario\AppData\LocalLow\BrotherSoft_Extreme\tbBro0.dll C:\Users\mario\Downloads\FreeYouTubeToMP3Converter_3.11.32.918.exe C:\Users\mario\Downloads\PDF24 Creator - CHIP-Installer.exe C:\Windows\Installer\40915c.msi BootExecute: autocheck autochk * ?È¥??????????????1UnatD?È¥?????????rv_XV_b9KiVy?È¥?autocheck autochk * ?È¥??È¥??????????????1_?È¥??? Emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde: Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung: Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
01.12.2015, 22:00 | #15 |
| Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt Logs kommen morgen, aber Malwarebytes hat grad beim Start von Google Chrome eine Websiteblockiert ohne, dass ich eine geöffnet hab 41.teracreative.com "Combofix" konnte nicht gefunden bla bla bla ... werden bei Combofix /Uninstall Was soll ich tun Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-11-2015 durchgeführt von marcel (2015-12-01 21:29:56) Run:1 Gestartet von C:\Users\marcel\Desktop\Malware Infektion Cleaning Geladene Profile: marcel (Verfügbare Profile: marina & marcel & mario & Gast) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** C:\Users\marcel\Documents\Downloads\Integrated_BrotherSoft_TB.exe C:\Users\marcel\Downloads\360 Total Security Essential Qihu 360 Internet Security - CHIP-Installer.exe C:\Users\marcel\Downloads\BruteForcer - CHIP-Installer.exe C:\Users\marcel\Downloads\FreeAudioConverter_5.0.21.1212.exe C:\Users\marcel\Downloads\FreeYouTubeDownload3014.exe C:\Users\marcel\Downloads\GeoGebra - CHIP-Installer.exe C:\Users\marcel\Downloads\Hotspot Shield VPN - CHIP-Installer.exe C:\Users\marcel\Downloads\HSS-3.42-install-hss-691-conduit.exe C:\Users\marcel\Downloads\Linux Live USB Creator - CHIP-Installer.exe C:\Users\marcel\Downloads\LogMeIn Hamachi - CHIP-Installer.exe C:\Users\marcel\Downloads\Playmate Wallpaper Babi Rossi - CHIP-Installer.exe C:\Users\marcel\Downloads\Tor Browser Paket - CHIP-Installer.exe C:\Users\marcel\Downloads\USB Mouserate Switcher - CHIP-Installer.exe C:\Users\marcel\Downloads\VirtualBox - CHIP-Installer.exe C:\Users\marcel\Downloads\VLC media player Portable - CHIP-Installer.exe C:\Users\marcel\Downloads\wallpaper-miss-juni-2011 - CHIP-Installer.exe C:\Users\marcel\Downloads\Wasser Wallpaper Pack - CHIP-Installer.exe C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\tbBro0.dll C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\tbBro1.dll C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll C:\Users\mario\AppData\Local\Mozilla\Firefox\Profiles\auy7bacv.default\Cache\D\F2\5398Ad01 C:\Users\mario\AppData\LocalLow\BrotherSoft_Extreme\tbBro0.dll C:\Users\mario\Downloads\FreeYouTubeToMP3Converter_3.11.32.918.exe C:\Users\mario\Downloads\PDF24 Creator - CHIP-Installer.exe C:\Windows\Installer\40915c.msi BootExecute: autocheck autochk * ?ȥ??????????????1UnatD?ȥ?????????rv_XV_b9KiVy?ȥ?autocheck autochk * ?ȥ??ȥ??????????????1_?ȥ??? Emptytemp: ***************** C:\Users\marcel\Documents\Downloads\Integrated_BrotherSoft_TB.exe => erfolgreich verschoben C:\Users\marcel\Downloads\360 Total Security Essential Qihu 360 Internet Security - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\BruteForcer - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\FreeAudioConverter_5.0.21.1212.exe => erfolgreich verschoben C:\Users\marcel\Downloads\FreeYouTubeDownload3014.exe => erfolgreich verschoben C:\Users\marcel\Downloads\GeoGebra - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\Hotspot Shield VPN - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\HSS-3.42-install-hss-691-conduit.exe => erfolgreich verschoben C:\Users\marcel\Downloads\Linux Live USB Creator - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\LogMeIn Hamachi - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\Playmate Wallpaper Babi Rossi - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\Tor Browser Paket - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\USB Mouserate Switcher - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\VirtualBox - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\VLC media player Portable - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\wallpaper-miss-juni-2011 - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marcel\Downloads\Wasser Wallpaper Pack - CHIP-Installer.exe => erfolgreich verschoben C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\tbBro0.dll => erfolgreich verschoben C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\tbBro1.dll => erfolgreich verschoben C:\Users\marina\AppData\LocalLow\BrotherSoft_Extreme\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll => erfolgreich verschoben C:\Users\mario\AppData\Local\Mozilla\Firefox\Profiles\auy7bacv.default\Cache\D\F2\5398Ad01 => erfolgreich verschoben C:\Users\mario\AppData\LocalLow\BrotherSoft_Extreme\tbBro0.dll => erfolgreich verschoben C:\Users\mario\Downloads\FreeYouTubeToMP3Converter_3.11.32.918.exe => erfolgreich verschoben C:\Users\mario\Downloads\PDF24 Creator - CHIP-Installer.exe => erfolgreich verschoben C:\Windows\Installer\40915c.msi => erfolgreich verschoben hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => Wert erfolgreich wiederhergestellt EmptyTemp: => 807.1 MB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 21:31:49 ==== |
Themen zu Netzwerkadapter deaktiviert und USB-Geräte werden nicht erkannt |
anleitung, beseitigung, chip installer, chip online installer, computer, erkannt, error_bad_command, fehler, internet, logfiles, malware, nicht erkannt, nicht mehr, online, security, software, tcp view, verbindung, virenscanner, windows |