Eventueller Malware-Befall durch Makrovirus in Word-Doc ("Büromarkt Böttcher")

sebastian_jr · 16.12.2015, 08:55

Guten Morgen,

wir haben gestern auf einem Firmenrechner eine Word-Datei von Büromarkt Böttcher geöffnet. Die Datei zeigte eine weiße Seite an.

Danach haben wir die Hinweise im Netz gefunden, dass es sich hierbei um eine Datei mit einem Makrovirus handelt.

Wir sind nicht sicher, ob eine Infektion stattgefunden hat - im Sicherheitscenter von Word war die Einstellung vorhanden, dass Makros eine Genehmigung einholen müssen.

Wir haben bereits Malwarebytes laufen lassen und dabei einiges gefunden und entfernt.

Im dem anderen Thread http://www.trojaner-board.de/174210-...akrovirus.html
wurde FRST empfohlen. Wir wollten deshalb dieses Tool schon ausführen, um gleich die Logdatei anzuhängen.

Beim Installieren meldete uns unser Scanner (von Trend Micro) dieses Programm als Schadsoftware und entfernte diese

Kann ich davon ausgehen, dass dies ein false positive war und sollte den Scanner zeitweise dafür deaktivieren?

Wie oben schon erwähnt, handelt es sich hier um einen gewerblich genutzten Rechner - wir sind eine kleinere Firma ohne eigene IT. Wenn ihr uns aufgrund der Foren-Bedingungen nicht unterstützen könnt - an wen können wir uns zum Beispiel wenden, der uns bei einem Scan gegen Entgeld betreut?

Viele Grüße und Danke im Voraus

Sebastian Bolt

Deathkid535 · 16.12.2015, 09:19

Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen.

Bitte beachte, dass es ein paar Regeln gibt:

Bitte lies meine Posts komplett durch bevor du sie abarbeitest
Wenn ein Problem auftauchen sollte, unterbreche deine Arbeit, poste die entstandenen Logs und schildere dieses so genau wie möglich.
Bitte kein Crossposting
Installiere oder Deinstalliere keine Software ohne Aufforderung
Bitte verwende nur die Tools welche hier im Thread erwähnt werden
Antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen

Das mit FRST ist ein Fehlalarm. Kannst du mir auch bitte das Log von MBAM posten?

Zum Thema Bereinigung von gewerblich genutzten Rechnern: -> http://www.trojaner-board.de/108423-...-anfragen.html
Wenn du damit einverstanden bist passt alles.

sebastian_jr · 16.12.2015, 10:33

Hallo Dennis,

danke für die schnelle Antwort.
Bei Malwarebytes wurde dieses Logfile erstellt:

[CODE]
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 16.12.2015
Suchlaufzeit: 08:12
Protokolldatei: malwarebytes-dj-2015-12-16.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.16.02
Rootkit-Datenbank: v2015.12.07.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Dirk

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 446386
Abgelaufene Zeit: 10 Min., 28 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 71
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9B6B03F1-16CF-4491-BBBB-E872802DD717}, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9B6B03F1-16CF-4491-BBBB-E872802DD717}, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\CLASSES\TYPELIB\{C4157F51-85C1-4087-8910-B3B6278953A0}, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C4157F51-85C1-4087-8910-B3B6278953A0}, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C4157F51-85C1-4087-8910-B3B6278953A0}, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9B6B03F1-16CF-4491-BBBB-E872802DD717}, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\CLASSES\Helper.TemplateObject, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\CLASSES\Helper.TemplateObject.1, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Helper.TemplateObject, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Helper.TemplateObject.1, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Helper.TemplateObject, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Helper.TemplateObject.1, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKU\S-1-5-21-1645522239-1614895754-725345543-1114\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9B6B03F1-16CF-4491-BBBB-E872802DD717}, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.DNSErrorHelper, HKU\S-1-5-21-1645522239-1614895754-725345543-1114\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9B6B03F1-16CF-4491-BBBB-E872802DD717}, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\AskPartnerNetwork, In Quarantäne, [07bbdbca4c3fb185d99dc7e8d131f709],
PUP.Optional.SpeedChecker.PrxySvrRST, HKLM\SOFTWARE\Speedchecker Limited, In Quarantäne, [5f632481563575c1c93f674e877b629e],
PUP.Optional.DigitalSites, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Digital Sites, Löschen bei Neustart, [c6fc84215536ad894cf5a8eb6d969e62],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, In Quarantäne, [269c1293d1ba2412f28437781be7639d],
PUP.Optional.InstallCore, HKLM\SOFTWARE\WOW6432NODE\InstallCore, In Quarantäne, [6c561a8b9cefd462835e3b63e71cc63a],
PUP.Optional.DNSErrorHelper, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaffpnfojcdkcdimoobneboagdnnenbo, In Quarantäne, [3d8555505437e056e5b8425116edb14f],
PUP.Optional.ASKPartnerNetwork, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\AAAAOJMIKEGPIEPCFDKKJAPLODKPFMLO, In Quarantäne, [279becb9622969cd851db314a45fb64a],
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\RegCleanPro_RASAPI32, In Quarantäne, [d9e9d8cd127990a6ea3b867c7c88b64a],
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\RegCleanPro_RASMANCS, In Quarantäne, [af13f1b4d3b8132368bdfa08cb3960a0],
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A00-6A76-A76A-76A7-A758B70C0F01}, In Quarantäne, [ac16a9fc8ffc65d110913394946f5ca4],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [655da0053b503cfa49ba2d92956d40c0],
PUP.Optional.APNToolBar.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\APNMCP, In Quarantäne, [5b67792ca0eb2b0b0771901f21e1d030],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, In Quarantäne, [a31fefb6fb90c076086df4bbe81a12ee],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1645522239-1614895754-725345543-1114\SOFTWARE\AskPartnerNetwork, In Quarantäne, [c101dec76a210b2b2f46a50a768c45bb],
PUP.Optional.DigitalSites, HKU\S-1-5-21-1645522239-1614895754-725345543-1114\SOFTWARE\DSiteProducts, In Quarantäne, [0db5c0e57a1181b5ab95771c51b251af],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-1645522239-1614895754-725345543-1114\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [1ba7adf8a5e6de58b34f8738aa58827e],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\TYPELIB\{9945959C-AAD8-4312-8B57-2DE11927E770}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BD125908-5F10-409F-9C01-F2207CA18887}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BD125908-5F10-409F-9C01-F2207CA18887}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{9945959C-AAD8-4312-8B57-2DE11927E770}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{9945959C-AAD8-4312-8B57-2DE11927E770}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\TYPELIB\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{80703783-E415-4EE3-AB60-D36981C5A6F1}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{80703783-E415-4EE3-AB60-D36981C5A6F1}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd.1, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\GenericAskToolbar.ToolbarWnd, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd.1, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\GenericAskToolbar.ToolbarWnd.1, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\INPROCSERVER32, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1645522239-1614895754-725345543-1114\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1645522239-1614895754-725345543-1114\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.FoxTab, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\foxtab, In Quarantäne, [744e03a2404b8bab5f2a3853a85adb25],

Registrierungswerte: 5
PUP.Optional.ASKPartnerNetwork, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaojmikegpiepcfdkkjaplodkpfmlo|path, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\CRX\ToolbarCR.crx, In Quarantäne, [279becb9622969cd851db314a45fb64a]
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A00-6A76-A76A-76A7-A758B70C0F01}|InstallSource, C:\ProgramData\APN\APN-Stub\ORJ\, In Quarantäne, [ac16a9fc8ffc65d110913394946f5ca4]
Trojan.Agent, HKU\S-1-5-21-1645522239-1614895754-725345543-1114\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|regedit32, C:\Users\Dirk\AppData\Local\Temp\3C06.tmp.mod, In Quarantäne, [04bef7aedcaf59dd65965eb1000339c7]
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{D4027C7F-154A-4066-A1AD-4243D8127440}, 0, In Quarantäne, [289a40658cfff6405cb46118877b0bf5]
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{D4027C7F-154A-4066-A1AD-4243D8127440}, 0, In Quarantäne, [289a40658cfff6405cb46118877b0bf5]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 55
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Roaming\DNSHelper Chrome, In Quarantäne, [fdc57a2b216a6cca0a92098aa55ed828],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Roaming\DNSHelper Chrome\DNSHelper, In Quarantäne, [fdc57a2b216a6cca0a92098aa55ed828],
PUP.Optional.SystemSpeedup, C:\Users\Dirk\AppData\Roaming\systweak\ssd, In Quarantäne, [f2d0357093f8e353579b611341c1728e],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [a61c43625d2e6ec86e9f69105ba7f808],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\CRX, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\CRX\42.16, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\Updater, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\Updater\Config, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\Updater\Response, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\Users\Dirk\AppData\Local\AskPartnerNetwork, In Quarantäne, [e5dd7a2beba0aa8cda3501784bb75fa1],
PUP.Optional.APNToolBar.Gen, C:\Users\Dirk\AppData\Local\AskPartnerNetwork\Toolbar, In Quarantäne, [e5dd7a2beba0aa8cda3501784bb75fa1],
PUP.Optional.APNToolBar.Gen, C:\Users\Dirk\AppData\Local\AskPartnerNetwork\Toolbar\Updater, In Quarantäne, [e5dd7a2beba0aa8cda3501784bb75fa1],
PUP.Optional.APNToolBar.Gen, C:\Users\Dirk\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC, In Quarantäne, [e5dd7a2beba0aa8cda3501784bb75fa1],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\ChromeUtils, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\CRX, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\appdata, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\appdata\Mozilla, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\appdata\Mozilla\Firefox, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\appdata\Mozilla\Firefox\Profiles, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\common appdata, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\common appdata\AskPartnerNetwork, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\common appdata\AskPartnerNetwork\Toolbar, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\ChromeUtils, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\VNT, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ORJ, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.DNSErrorHelper, C:\ProgramData\DNSErrorHelper, In Quarantäne, [962c5451d8b3c274e55695f4b151c838],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaffpnfojcdkcdimoobneboagdnnenbo, In Quarantäne, [7e44d7ce4843da5ce953f4953bc7fb05],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaffpnfojcdkcdimoobneboagdnnenbo\1.0.0_0, In Quarantäne, [7e44d7ce4843da5ce953f4953bc7fb05],
PUP.Optional.FoxTab, C:\Program Files (x86)\Foxtab\1.8.12.0, In Quarantäne, [744e03a2404b8bab5f2a3853a85adb25],
PUP.Optional.FoxTab, C:\Program Files (x86)\Foxtab\1.8.12.0\bh, In Quarantäne, [744e03a2404b8bab5f2a3853a85adb25],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup, In Quarantäne, [10b26540701b5dd9c007bfd506fc0000],
PUP.Optional.Updater, C:\Users\Dirk\AppData\Roaming\FoxTab\UpdateProc, In Quarantäne, [992954512a6177bffc96b1ee917136ca],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],

Dateien: 129
PUP.Optional.DNSErrorHelper, C:\ProgramData\DNSErrorHelper\bho.dll, In Quarantäne, [517102a30e7dde58e2ada5af92700ff1],
PUP.Optional.InstallCore, C:\Users\Dirk\AppData\Roaming\0D0S1L2Z1P1B\Video Converter Packages\uninstaller.exe, In Quarantäne, [9131386d008bbd791ae99ca627dafd03],
PUP.Optional.RegCleanPro, C:\Windows\System32\roboot64.exe, In Quarantäne, [ac160e972b608ea8564267396f95e818],
Trojan.Agent.Gen, C:\Users\Dirk\AppData\Local\Temp\MSWQC.tmp, In Quarantäne, [01c19c09c7c4003610af23a0e61cd729],
PUP.Optional.DigitalSites, C:\Windows\System32\Tasks\Digital Sites, In Quarantäne, [f7cbedb84b4042f44af4375c4eb5a15f],
PUP.Optional.DigitalSites, C:\Windows\Tasks\Digital Sites.job, In Quarantäne, [527002a3adde9e9877c85a39788bbc44],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Roaming\DNSHelper Chrome\DNSHelper.crx, In Quarantäne, [fdc57a2b216a6cca0a92098aa55ed828],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Roaming\DNSHelper Chrome\DNSHelper.pem, In Quarantäne, [fdc57a2b216a6cca0a92098aa55ed828],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Roaming\DNSHelper Chrome\DNSHelper\background.html, In Quarantäne, [fdc57a2b216a6cca0a92098aa55ed828],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Roaming\DNSHelper Chrome\DNSHelper\bg.js, In Quarantäne, [fdc57a2b216a6cca0a92098aa55ed828],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Roaming\DNSHelper Chrome\DNSHelper\manifest.json, In Quarantäne, [fdc57a2b216a6cca0a92098aa55ed828],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Roaming\DNSHelper Chrome\DNSHelper\newtab.html, In Quarantäne, [fdc57a2b216a6cca0a92098aa55ed828],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Roaming\DNSHelper Chrome\DNSHelper\newtab.js, In Quarantäne, [fdc57a2b216a6cca0a92098aa55ed828],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, In Quarantäne, [5b67792ca0eb2b0b0771901f21e1d030],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\CRX\ToolbarCR.crx, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\CRX\42.16\Toolbar.crx, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\Updater\Config\Config.31.6.3.0-4.xml, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\Updater\Config\Config.31.6.6.0-4.xml, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\Updater\Config\Config.31.9.1.0-2.xml, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\Updater\Config\Config.31.9.1.0-3.xml, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\Updater\Response\Response.31.9.1.0-12.xml, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\Updater\Response\Response.31.9.1.0-13.xml, In Quarantäne, [11b1ddc8305b47ef58b62950e71bae52],
PUP.Optional.APNToolBar.Gen, C:\Users\Dirk\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, In Quarantäne, [e5dd7a2beba0aa8cda3501784bb75fa1],
PUP.Optional.APNToolBar.Gen, C:\Users\Dirk\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe, In Quarantäne, [e5dd7a2beba0aa8cda3501784bb75fa1],
PUP.Optional.APNToolBar.Gen, C:\Users\Dirk\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, In Quarantäne, [e5dd7a2beba0aa8cda3501784bb75fa1],
PUP.Optional.APNToolBar.Gen, C:\Users\Dirk\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, In Quarantäne, [e5dd7a2beba0aa8cda3501784bb75fa1],
PUP.Optional.APNToolBar.Gen, C:\Users\Dirk\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll, In Quarantäne, [e5dd7a2beba0aa8cda3501784bb75fa1],
PUP.Optional.APNToolBar.Gen, C:\Users\Dirk\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll, In Quarantäne, [e5dd7a2beba0aa8cda3501784bb75fa1],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\ChromeUtils\com.apn.native_messaging_host_aaaaojmikegpiepcfdkkjaplodkpfmlo.json, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ServiceLocator.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SO.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Toolbar.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ToolbarPS.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar_x64.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\1031.mst, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\1033.mst, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\1034.mst, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\1036.mst, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\1040.mst, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\1041.mst, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\1043.mst, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\1045.mst, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\1049.mst, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\2070.mst, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\AskToolbarInstaller-12.10.3_ORJ.msi, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\AskToolbarInstaller-12.10.6_ORJ.msi, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\AskToolbarInstaller-12.15.1_ORJ.msi, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar@ask.com.xpi, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\ToolbarCR.crx, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\Update.xml, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}\Toolbar.crx, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\ChromeUtils\com.apn.native_messaging_host_aaaaojmikegpiepcfdkkjaplodkpfmlo.json, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\SO.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater\ask-search.xml, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}\config.xml, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\VNT\content.zip, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\VNT\vntldr.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Source\program files\VNT\vntsrv.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ask-search.xml, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ORJ\config.xml, In Quarantäne, [289a40658cfff6405cb46118877b0bf5],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaffpnfojcdkcdimoobneboagdnnenbo\1.0.0_0\background.html, In Quarantäne, [7e44d7ce4843da5ce953f4953bc7fb05],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaffpnfojcdkcdimoobneboagdnnenbo\1.0.0_0\bg.js, In Quarantäne, [7e44d7ce4843da5ce953f4953bc7fb05],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaffpnfojcdkcdimoobneboagdnnenbo\1.0.0_0\manifest.json, In Quarantäne, [7e44d7ce4843da5ce953f4953bc7fb05],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaffpnfojcdkcdimoobneboagdnnenbo\1.0.0_0\newtab.html, In Quarantäne, [7e44d7ce4843da5ce953f4953bc7fb05],
PUP.Optional.DNSErrorHelper, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaffpnfojcdkcdimoobneboagdnnenbo\1.0.0_0\newtab.js, In Quarantäne, [7e44d7ce4843da5ce953f4953bc7fb05],
PUP.Optional.FoxTab, C:\Program Files (x86)\Foxtab\1.8.12.0\FavIcon.ico, In Quarantäne, [744e03a2404b8bab5f2a3853a85adb25],
PUP.Optional.FoxTab, C:\Program Files (x86)\Foxtab\1.8.12.0\Sqlite3.dll, In Quarantäne, [744e03a2404b8bab5f2a3853a85adb25],
PUP.Optional.FoxTab, C:\Program Files (x86)\Foxtab\1.8.12.0\uninst.dat, In Quarantäne, [744e03a2404b8bab5f2a3853a85adb25],
PUP.Optional.FoxTab, C:\Program Files (x86)\Foxtab\1.8.12.0\uninstall.exe, In Quarantäne, [744e03a2404b8bab5f2a3853a85adb25],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\DEL_UnRegisterExtensions.exe, In Quarantäne, [10b26540701b5dd9c007bfd506fc0000],
PUP.Optional.Updater, C:\Users\Dirk\AppData\Roaming\FoxTab\UpdateProc\config.dat, In Quarantäne, [992954512a6177bffc96b1ee917136ca],
PUP.Optional.Updater, C:\Users\Dirk\AppData\Roaming\FoxTab\UpdateProc\info.dat, In Quarantäne, [992954512a6177bffc96b1ee917136ca],
PUP.Optional.Updater, C:\Users\Dirk\AppData\Roaming\FoxTab\UpdateProc\STTL.DAT, In Quarantäne, [992954512a6177bffc96b1ee917136ca],
PUP.Optional.Updater, C:\Users\Dirk\AppData\Roaming\FoxTab\UpdateProc\TTL.DAT, In Quarantäne, [992954512a6177bffc96b1ee917136ca],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb593dfb64-e2b1-4603-9c11-eb2e179b614e.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Msi37ecbe48-60c9-4e96-9a99-51e7a2497d96.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Msieb9ed81a-0f10-4b51-aa0b-1f7b3158936e.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb14d1b6a0-2d01-4105-b261-8fff39f96f50.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb17c0c7d1-64f2-406c-89e5-3444440ea261.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb19f3357b-0f60-4b9f-9fbd-2a4dc31b90f6.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb2a711daa-281f-4d41-b145-9b73a35b7a1d.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb37ecbe48-60c9-4e96-9a99-51e7a2497d96.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb3cd5ebdc-21d2-4e44-aa67-36a6474b2d4f.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb42a7bafb-c270-4ffd-94c7-ac281d901042.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb510db83c-74b9-4c7d-b8da-29b16de16496.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb63c14f2a-3970-4a26-bb59-16b3a9aa3ee5.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb7a4381bc-a389-42ba-96db-ce17c6437f61.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stb979ec61c-9905-4932-9b68-392196031ca6.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stbaf1024e3-6ed2-4ed8-8047-643d3fa11e3a.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stbb070f0b0-3007-45f0-a403-25582f254e04.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stbbc9ce282-5a63-423e-9c42-34fd680bfc7f.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stbd0e2f772-90de-4b25-b56c-af61b8206524.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stbda6a8bfd-312f-4c03-80d3-44433698dd20.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stbe55f2dc1-50e8-4bc4-a74c-64fba0e9a699.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stbeb9ed81a-0f10-4b51-aa0b-1f7b3158936e.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stbf47afb0e-3e38-4f69-95ba-ebd56fa98fbf.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ\Stbfdfaaf9f-59e5-4da5-982a-d7043b3c48c3.log, In Quarantäne, [0bb77431afdc6cca6ef68d1946bc5ba5],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)

(end)

FRST.txt:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-12-2015
durchgeführt von Dirk (Administrator) auf DJ-PC (16-12-2015 10:04:32)
Gestartet von C:\Users\Dirk\Downloads
Geladene Profile: Dirk (Verfügbare Profile: Dirk & Administrator & Dirk Joeres)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
() C:\Users\Dirk\AppData\Local\Temp\OCS\Downloads\8895a6ff54aa6156ee6d3370468ad434\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(Matrox Graphics Inc) C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Matrox Graphics Inc.) C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe
(ActFax Communication) C:\Program Files\ActiveFax\Client\ActFaxClient.exe
(ActFax Communication) C:\Program Files\ActiveFax\Terminal\TSClientB.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Users\Dirk\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Dropbox, Inc.) C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmopChromeMsgHost32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Kerio Technologies Inc.) C:\Program Files\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-16] (Realtek Semiconductor)
HKLM\...\Run: [Matrox PowerDesk SE] => C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe [4246784 2010-02-11] (Matrox Graphics Inc.)
HKLM\...\Run: [ActiveFax Client] => C:\Program Files\ActiveFax\Client\ActFaxClient.exe [1063656 2012-11-02] (ActFax Communication)
HKLM\...\Run: [ActiveFax Terminal Server] => C:\Program Files\ActiveFax\Terminal\TSClientB.exe [560360 2012-11-02] (ActFax Communication)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [499712 2013-05-20] (Greenshot)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246264 2015-07-16] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1258496 2015-07-16] (Trend Micro Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM\...\RunOnce: [DCERegBootClean64] => C:\Windows\RegBootClean64.exe [399360 2015-12-16] (Trend Micro Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1104288 2014-09-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Amazon Music] => C:\Users\Dirk\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-11-18] ()
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [SimpleSYN.NET] => "C:\Program Files\creativbox.net\SimpleSYN\CBN.SimpleSYN.NET.exe"
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Dropbox Update] => C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\MountPoints2: {5f586495-95d1-11e5-a389-902b34396bb7} - J:\LaunchU3.exe -a
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\MountPoints2: {dddf977d-8039-11e3-a882-902b34396bb7} - J:\ShelExec.exe BMW_Welt_highRes.jpg
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-20]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.2
Tcpip\..\Interfaces\{7E85B99F-1A41-44E1-9273-4EC25CA9F7C9}: [DhcpNameServer] 192.168.0.2
Tcpip\..\Interfaces\{994054FB-FEF3-4520-8095-E873DE7CCD42}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-1645522239-1614895754-725345543-1114 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll Keine Datei
SearchScopes: HKLM-x32 -> DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1614895754-725345543-1114 -> DefaultScope {B484C34C-26B0-4923-B8A0-9A7996F8DEEE} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE739D20150629&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1614895754-725345543-1114 -> {564E71D2-F568-4128-8000-A17FBC6F4866} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=2314B362-4AF9-4453-981F-21CEB858E994&apn_sauid=73F8D315-5F3C-44C3-9108-9960C6688A1F
SearchScopes: HKU\S-1-5-21-1645522239-1614895754-725345543-1114 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1614895754-725345543-1114 -> {B484C34C-26B0-4923-B8A0-9A7996F8DEEE} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE739D20150629&p={searchTerms}
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Trend Micro Netzwerkfilter-Plug-in -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Trend Micro IE-Schutz -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2012-03-21] (Yahoo! Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Trend Micro Netzwerkfilter-Plug-in -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Trend Micro IE-Schutz -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2012-03-21] (Yahoo! Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2015-07-16] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2015-07-16] (Trend Micro Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\yk1inp4d.default-1376891213699
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE739D20150629&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-11-02] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2012-07-31] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1645522239-1614895754-725345543-1114: @tools.google.com/Google Update;version=3 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1645522239-1614895754-725345543-1114: @tools.google.com/Google Update;version=9 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1645522239-1614895754-725345543-1114: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\yk1inp4d.default-1376891213699\user.js [2014-01-19]
FF SearchPlugin: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\yk1inp4d.default-1376891213699\searchplugins\4bf093af-58ba-4029-b2ec-7f7676bb2253.xml [2013-12-30]
FF SearchPlugin: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\yk1inp4d.default-1376891213699\searchplugins\McSiteAdvisor.xml [2015-12-15]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-20]
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-04-03] [ist nicht signiert]
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension [2015-12-15]
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-12-15]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-11-09] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-11-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\Dirk\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\Dirk\AppData\Roaming\Helper [2013-12-30] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\47.0.2526.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\47.0.2526.80\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\47.0.2526.80\pdf.dll => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Dirk\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Store) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-12-14]
CHR Extension: (Google-Suche) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Store) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-12-15]
CHR Extension: (Google Mail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.FOMXGL6CW3K7JX2L6R35PA5Z2A - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AddonsHelper; C:\Users\Dirk\AppData\Local\Temp\OCS\Downloads\8895a6ff54aa6156ee6d3370468ad434\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [896512 2013-12-30] () [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [948736 2015-02-27] (Kerio Technologies Inc.) [Datei ist nicht signiert]
R2 Matrox.Pdesk.ServicesHost; C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe [344832 2010-02-11] (Matrox Graphics Inc)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1137664 2015-07-16] (Trend Micro Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-16] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTXPSER; C:\Windows\System32\DRIVERS\mtxpserm.sys [1657344 2010-06-18] (Matrox Graphics Inc.)
R1 Mtxpserx; C:\Windows\System32\DRIVERS\Mtxpserx.sys [10752 2010-06-18] (Matrox Graphics Inc.)
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2010-04-13] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2010-04-13] (Silicon Image, Inc.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [134280 2015-07-22] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [326896 2015-07-22] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [59712 2015-06-11] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [116576 2015-06-08] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [100320 2015-07-22] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [416608 2015-05-28] (Trend Micro Inc.)
R1 tmumh; C:\Windows\System32\DRIVERS\TMUMH.sys [91536 2015-06-29] (Trend Micro Inc.)
R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [116528 2015-06-26] (Trend Micro Inc.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-12-16] ()
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S1 HWiNFO32; \??\C:\Users\ADMINI~1\AppData\Local\Temp\HWiNFO64A.SYS [X]
U2 TMAgent; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-16 10:04 - 2015-12-16 10:04 - 00035834 _____ C:\Users\Dirk\Downloads\FRST.txt
2015-12-16 10:03 - 2015-12-16 10:03 - 02369536 _____ (Farbar) C:\Users\Dirk\Downloads\FRST64.exe
2015-12-16 08:39 - 2015-12-16 08:39 - 00399360 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2015-12-16 08:39 - 2015-12-16 08:39 - 00007088 _____ C:\Windows\RegBootClean64.CFG
2015-12-16 08:38 - 2015-12-16 10:04 - 00000000 ____D C:\FRST
2015-12-16 08:11 - 2015-12-16 08:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-16 08:11 - 2015-12-16 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-16 08:11 - 2015-12-16 08:11 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-16 08:11 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-16 08:11 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-15 15:05 - 2015-12-15 15:05 - 00000000 ___HD C:\TMRescueDisk
2015-12-15 15:01 - 2015-12-15 15:02 - 00001499 _____ C:\Users\Dirk\Desktop\Trend Micro Antivirus+.lnk
2015-12-15 15:01 - 2015-12-15 15:02 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Antivirus+
2015-12-15 15:00 - 2015-12-16 08:39 - 00000000 ____D C:\ProgramData\Trend Micro
2015-12-15 15:00 - 2015-12-15 15:00 - 00000059 _____ C:\Windows\system32\SupportTool.exe.bat
2015-12-15 15:00 - 2015-12-15 15:00 - 00000036 _____ C:\Users\Dirk\AppData\Local\housecall.guid.cache
2015-12-15 15:00 - 2015-12-15 15:00 - 00000000 ____D C:\Windows\SysWOW64\tmumh
2015-12-15 15:00 - 2015-12-15 15:00 - 00000000 ____D C:\Windows\system32\tmumh
2015-12-15 15:00 - 2015-12-15 15:00 - 00000000 ____D C:\Program Files\Trend Micro
2015-12-15 15:00 - 2015-07-22 02:32 - 00100320 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2015-12-15 15:00 - 2015-07-22 02:28 - 00326896 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-12-15 15:00 - 2015-07-22 02:28 - 00134280 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2015-12-15 15:00 - 2015-06-29 03:38 - 00091536 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMUMH.sys
2015-12-15 15:00 - 2015-06-26 11:20 - 00116528 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2015-12-15 15:00 - 2015-06-11 09:54 - 00059712 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2015-12-15 15:00 - 2015-06-08 06:54 - 00116576 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2015-12-15 15:00 - 2015-05-28 11:26 - 00416608 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2015-12-15 14:58 - 2015-12-15 15:40 - 00000000 ____D C:\Users\Dirk\AppData\Local\Trend Micro
2015-12-15 14:55 - 2015-12-15 14:56 - 128614000 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2015-12-15 13:47 - 2015-12-15 14:58 - 00000000 ____D C:\ProgramData\F-Secure
2015-12-15 13:47 - 2015-12-15 13:59 - 00000000 ____D C:\Users\Dirk\AppData\Local\F-Secure
2015-12-15 13:47 - 2015-12-15 13:47 - 00000000 ____D C:\Program Files (x86)\F-Secure
2015-12-14 12:17 - 2015-12-14 12:17 - 00562924 _____ C:\Users\Dirk\Downloads\CityRing_Oldtimer-Turnier-2015-Anmeldung.pdf
2015-12-14 10:24 - 2015-12-14 10:24 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 10:31 - 2015-12-09 10:31 - 00152702 _____ C:\Users\Dirk\Downloads\f30507bd-9b81-4123-aff5-72311f40b560.pdf
2015-12-09 08:02 - 2015-12-09 08:02 - 00066132 _____ C:\Users\Dirk\Downloads\Kontoauszug_77785205__Nr.0112015_vom_01.12.2015_20151209080214.pdf
2015-12-09 07:40 - 2015-12-09 07:40 - 00150326 _____ C:\Users\Dirk\Downloads\f97c01a8-d5a8-4dbf-b1d9-91b26e1b53fd.pdf
2015-12-08 07:51 - 2015-12-08 07:51 - 00007994 _____ C:\Users\Dirk\Downloads\B189852297_rech.pdf
2015-12-04 08:13 - 2015-12-16 08:30 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-12-03 10:42 - 2015-12-03 10:42 - 00143079 _____ C:\Users\Dirk\Downloads\agb(2).pdf
2015-12-03 10:41 - 2015-12-03 10:41 - 00143079 _____ C:\Users\Dirk\Downloads\agb.pdf
2015-12-03 10:41 - 2015-12-03 10:41 - 00143079 _____ C:\Users\Dirk\Downloads\agb(1).pdf
2015-12-03 10:35 - 2015-12-03 10:35 - 01760727 _____ C:\Users\Dirk\Downloads\Ausnahmegenehmigung_Sachsen_Anhalt.pdf
2015-12-03 09:55 - 2015-12-03 09:55 - 00060404 _____ C:\Users\Dirk\Downloads\Kontoauszug_844004__Nr.0112015_vom_30.11.2015_20151203095505.pdf
2015-12-03 09:53 - 2015-12-03 09:53 - 00062862 _____ C:\Users\Dirk\Downloads\Kontoauszug_50155552__Nr.0112015_vom_30.11.2015_20151203095339.pdf
2015-12-03 09:53 - 2015-12-03 09:53 - 00058144 _____ C:\Users\Dirk\Downloads\Entgeltinformationen_50155552_vom_30.11.2015_20151203095327.pdf
2015-12-02 13:40 - 2015-12-02 13:40 - 00064512 _____ C:\Users\Dirk\Desktop\Antrag_gutausbilden_Phase_1-1 geändert.xlsx
2015-12-01 12:09 - 2015-12-01 12:09 - 00283772 _____ C:\Users\Dirk\Desktop\Lions_Aufsteller_November_2015.pdf
2015-11-23 18:22 - 2015-11-23 18:22 - 00011459 _____ C:\Users\Dirk\Desktop\design112_3M-580E_Jahresverbrauch.xlsx
2015-11-20 13:26 - 2015-11-20 13:26 - 01475861 _____ C:\Users\Dirk\Desktop\CityRing-Limburg-Ideen-Neumarkt.zip
2015-11-20 13:19 - 2015-11-20 13:24 - 00000000 ____D C:\Users\Dirk\Desktop\CityRing-Limburg-Ideen-Neumarkt
2015-11-19 15:54 - 2015-11-19 15:54 - 00013867 _____ C:\Users\Dirk\Desktop\Jahresbestellmenge_d112_ORAFOL_hochreflektierend.xlsx
2015-11-17 20:00 - 2015-11-17 20:00 - 00000000 ____D C:\Users\Dirk\Desktop\Design112_Anschreiben.pages
2015-11-17 20:00 - 2015-11-17 20:00 - 00000000 ____D C:\Users\Dirk\Desktop\__MACOSX

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-16 10:04 - 2012-10-30 14:54 - 00000104 _____ C:\Windows\system32\config\netlogon.ftl
2015-12-16 10:00 - 2012-11-02 17:41 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA.job
2015-12-16 09:19 - 2015-07-16 06:55 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA1d0bf8c3f7c0c4.job
2015-12-16 09:07 - 2012-11-02 17:42 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-16 09:05 - 2015-06-16 07:00 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA.job
2015-12-16 08:45 - 2012-11-05 08:53 - 00000000 ____D C:\Users\Dirk\Documents\Outlook-Dateien
2015-12-16 08:44 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-16 08:44 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-16 08:42 - 2013-04-30 16:56 - 00000000 ____D C:\ProgramData\firebird
2015-12-16 08:42 - 2013-01-17 07:45 - 00000000 ____D C:\Users\Dirk\AppData\Local\Deployment
2015-12-16 08:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-16 08:36 - 2010-11-21 07:50 - 00700168 _____ C:\Windows\system32\perfh007.dat
2015-12-16 08:36 - 2010-11-21 07:50 - 00148964 _____ C:\Windows\system32\perfc007.dat
2015-12-16 08:36 - 2009-07-14 06:13 - 01621308 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-16 08:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-16 08:30 - 2014-03-04 13:18 - 00000000 ___RD C:\Users\Dirk\Dropbox
2015-12-16 08:30 - 2014-03-04 13:17 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Dropbox
2015-12-16 08:30 - 2012-10-22 11:05 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-12-16 08:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-16 08:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2015-12-16 08:29 - 2014-03-31 06:47 - 00000000 ____D C:\ProgramData\APN
2015-12-16 08:29 - 2014-01-19 16:16 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\FoxTab
2015-12-16 08:29 - 2014-01-19 16:15 - 00000000 ____D C:\Program Files (x86)\Foxtab
2015-12-16 08:11 - 2014-01-27 09:16 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-16 08:11 - 2014-01-27 09:16 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Malwarebytes
2015-12-16 08:11 - 2014-01-27 09:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-16 08:11 - 2014-01-27 09:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-12-16 08:05 - 2012-11-05 13:53 - 00000000 ____D C:\Users\Dirk\AppData\Local\Adobe
2015-12-15 20:18 - 2014-01-23 16:16 - 00000000 ____D C:\Users\Dirk\Documents\poin.t
2015-12-15 15:03 - 2013-02-14 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mp3 RightName
2015-12-15 15:03 - 2013-02-14 18:50 - 00000000 ____D C:\Program Files (x86)\mp3RightName
2015-12-15 15:00 - 2012-11-08 18:15 - 00000000 ____D C:\Users\Dirk\AppData\Local\CrashDumps
2015-12-15 13:51 - 2014-06-20 08:23 - 00000000 ____D C:\ProgramData\McAfee
2015-12-15 13:19 - 2012-11-02 17:41 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114Core.job
2015-12-15 11:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-12-15 09:42 - 2012-11-05 09:04 - 00000000 ____D C:\Users\Dirk\AppData\Local\CutePDF Writer
2015-12-09 17:07 - 2012-11-02 17:42 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 17:07 - 2012-11-02 17:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 17:07 - 2012-11-02 17:42 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-02 16:51 - 2012-11-02 17:45 - 00002032 ____H C:\Users\Dirk\Documents\Default.rdp
2015-12-02 13:14 - 2015-07-16 06:55 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA1d0bf8c3f7c0c4
2015-12-02 13:14 - 2012-11-02 17:41 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114Core
2015-11-28 15:53 - 2014-08-16 14:21 - 00000000 ____D C:\Users\Dirk\AppData\Local\Amazon Music
2015-11-27 08:41 - 2015-07-10 08:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-27 08:27 - 2013-10-25 15:05 - 00000000 ____D C:\Users\Dirk\AppData\Local\Greenshot
2015-11-23 12:35 - 2015-07-16 15:20 - 00014653 _____ C:\Users\Dirk\Desktop\Abrechnung_01.xlsx
2015-11-18 19:45 - 2012-12-21 14:47 - 00001456 _____ C:\Users\Dirk\AppData\Local\Adobe Für Web speichern 13.0 Prefs

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-21 17:07 - 2015-03-21 17:07 - 0000132 _____ () C:\Users\Dirk\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2015-03-17 19:39 - 2015-03-17 19:39 - 0000132 _____ () C:\Users\Dirk\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-01-19 16:16 - 2015-06-29 07:17 - 0000341 _____ () C:\Users\Dirk\AppData\Roaming\WB.CFG
2014-01-19 16:16 - 2014-01-27 08:23 - 0000005 _____ () C:\Users\Dirk\AppData\Roaming\WBPU-TTL.DAT
2012-12-04 15:30 - 2012-12-04 15:34 - 0001456 _____ () C:\Users\Dirk\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2012-12-21 14:47 - 2015-11-18 19:45 - 0001456 _____ () C:\Users\Dirk\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-01-17 16:12 - 2014-04-17 11:36 - 0005120 _____ () C:\Users\Dirk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-15 15:00 - 2015-12-15 15:00 - 0000036 _____ () C:\Users\Dirk\AppData\Local\housecall.guid.cache
2015-02-09 11:16 - 2015-02-09 11:16 - 0000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Einige Dateien in TEMP:
====================
C:\Users\Dirk\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Dirk\AppData\Local\Temp\mccspuninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-10 09:36

==================== Ende von FRST.txt ============================

sebastian_jr · 16.12.2015, 10:34

Und hier noch die Additions.txt:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-12-2015
durchgeführt von Dirk (2015-12-16 10:04:46)
Gestartet von C:\Users\Dirk\Downloads
Windows 7 Professional Service Pack 1 (X64) (2012-10-30 13:52:21)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-281401910-795471596-2483555630-500 - Administrator - Disabled)
Dirk Joeres (S-1-5-21-281401910-795471596-2483555630-1000 - Administrator - Enabled) => C:\Users\Dirk Joeres
Gast (S-1-5-21-281401910-795471596-2483555630-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Trend Micro Antivirus+ (Disabled - Up to date) {8242D66F-41BD-4049-C2E6-E578E73B62A0}
AS: Trend Micro Antivirus+ (Disabled - Up to date) {3923378B-6787-4FC7-F856-DE0A9CBC281D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

!myPlan 2.0 (HKLM-x32\...\!myPlan) (Version: 2.0 - JV-Soft, Inh. Karin Vogel)
64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActiveFax (HKLM\...\ActiveFax) (Version:  - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Design Standard (HKLM-x32\...\{0327A4BF-62BF-48BB-8928-B971B749E9E1}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Amazon Amazon Music) (Version: 3.11.5.1140 - Amazon Services LLC)
AMU (HKLM-x32\...\de.a2c.bafa.antragsmanager.unternehmer) (Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle)
AMU (x32 Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avery Wizard 4.0 (HKLM\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414) (Version:  - )
connectivity.boe.ccis.cpp-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.boe.connectsrv.client.http.cpp-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.boe.connectsrv.client.httpxir3.cpp-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.connectionserver.core.helpers.cpp-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.informix.odbc.config-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.informix.odbc.config-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.informix.odbc.config-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.informix.odbc-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.jdbc.core.config-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.jdbc.core.config-4.0-de-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.jdbc.core.config-4.0-en-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.jdbc.core-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.mysql.jdbc-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.mysql.jdbc-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.mysql.jdbc-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.mysql.odbc.config-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.mysql.odbc.config-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.mysql.odbc.config-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.mysql.odbc-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.neoview.odbc.config-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.neoview.odbc.config-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.neoview.odbc.config-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.neoview.odbc-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.netezza.jdbc-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.netezza.jdbc-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.netezza.jdbc-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.netezza.odbc.config-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.netezza.odbc.config-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.netezza.odbc.config-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.netezza.odbc-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.odbc.core.config-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.odbc.core.config-4.0-de-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.odbc.core.config-4.0-en-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.odbc.core-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.progress.jdbc-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.progress.jdbc-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.progress.jdbc-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.progress.odbc.config-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.progress.odbc.config-4.0-de-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.progress.odbc.config-4.0-en-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.progress.odbc-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.sybase.ctlib.config-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.sybase.ctlib.config-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.sybase.ctlib.config-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.sybase.ctlib-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.teradata.jdbc-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.teradata.jdbc-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.teradata.jdbc-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.teradata.odbc.config-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.teradata.odbc.config-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.teradata.odbc.config-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.drivers.teradata.odbc-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.helpers.cpp-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.tools.cscheck.config-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.connectionserver.tools.cscheck-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
connectivity.connectionserver.tools.cscheck-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.connectionserver.tools.cscheck-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
connectivity.foundation.cpp-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
ContactPad (HKLM-x32\...\{19C08694-A352-4797-9992-58FF91B109A2}) (Version: 1.1.1105 - IT-Stöd Skaraborg AB)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\CopyTrans Suite) (Version: 4.002 - WindSolutions)
CorelDRAW Graphics Suite X3 (HKLM-x32\...\_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version:  - Corel Corporation)
CorelDRAW Graphics Suite X3 (x32 Version: 13.2 - Corel Corporation) Hidden
Crystal Reports 2011 SP4 (HKLM-x32\...\{39D270D0-DD9C-4B8B-A696-EBFE7CFFFC2E}) (Version: 14.0.4.738 - SAP)
crystalreports.boe.sdkplugins.java.crlov-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.boe.sdkplugins.java.managedreports-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.boe.sdkplugins.java-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.boe.sdkplugins.java-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.boe.sdkplugins.java-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.businessview.clients.crw-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.businessview.clients.crw-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.businessview.clients.crw-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.businessview.sdk-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.businessview.sdk-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.businessview.sdk-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.charthelp-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.charthelp-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.cractivexviewer-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.cractivexviewer-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.cractivexviewer-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.cslib-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.designer-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.designer-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.designer-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.erom-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.erom-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.erom-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.expmod-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dapp-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dapp-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dapp-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2ddisk-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2ddisk-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2ddisk-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dmapi-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dmapi-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dmapi-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dnotes-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dnotes-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dnotes-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dpost-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dpost-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dpost-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dvim-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dvim-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2dvim-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fcr-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fcr-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fcr-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fhtml-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fhtml-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fhtml-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fodbc-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fodbc-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fodbc-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fpdf-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fpdf-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fpdf-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2frdef-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2frdef-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2frdef-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2frec-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2frec-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2frec-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2frtf-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2frtf-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2frtf-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fsepv-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fsepv-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fsepv-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2ftext-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2ftext-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2ftext-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fwordw-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fwordw-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fwordw-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fxls-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fxls-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fxls-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fxml2-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fxml2-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fxml2-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fxml-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fxml-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.exporting.u2fxml-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.filedialog-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.filedialog-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.filedialog-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.help-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.help-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.help-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.keycode.defn-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.parameterprompt-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.parameterprompt-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.parameterprompt-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.printcontrol-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.printcontrol-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.printcontrol-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.ras.bv-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.ras.bv-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.ras.bv-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.registrywrapper-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.runtimeshare-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.runtimeshare-4.0-de-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.runtimeshare-4.0-en-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.saptoolbar-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.saptoolbar-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.saptoolbar-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.share.registry-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.cpp.share-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.share-4.0-de-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.cpp.share-4.0-en-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.crystalcommon.cpp.crlang-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.crystalcommon.cpp.crlogger-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.crystalcommon.dotnet-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.access-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.access-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.access-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.act-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.act-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.act-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.ado-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.ado-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.ado-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.adodotnetinterop-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.adoplus-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.adoplus-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.adoplus-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.btrieve-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.btrieve-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.btrieve-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.com-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.com-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.com-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.db2-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.db2-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.db2-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.ebs-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.fielddef-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.fielddef-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.fielddef-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.filesystem-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.filesystem-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.filesystem-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.informix-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.informix-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.informix-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.java-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.javabeans-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.javabeans-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.javabeans-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.jdbc-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.jdbc-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.jdbc-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.jde-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.odbc-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.odbc-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.odbc-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.olap-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.olap-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.olap-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.oracle-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.oracle-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.oracle-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2bbde-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2bbde-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2bbde-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2dbase-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2dbase-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2dbase-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2sevt-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2sevt-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2sevt-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2sexchange-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2sexchange-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2sexchange-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2slog-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2slog-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2slog-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2soutlk-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2soutlk-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.p2soutlk-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.psenterprise-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.sap-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.sap-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.sap-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.sforce-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.sforce-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.sforce-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.siebel-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.sybase-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.sybase-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.sybase-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.universe-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.universe-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.universe-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.wic-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.wic-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.wic-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.xml-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.xml-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.driver.xml-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.querybuilder-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.querybuilder-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.querybuilder-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.share.registry-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.share-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.share-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.dataaccess.share-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.designers.java.launcher-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.partner.shared.cpp.pvlmapping-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.partner.shared.cpp-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.partner.shared.cpp-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.partner.shared.cpp-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.partner.shared.java.jde-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.partner.shared.java.siebel-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.rptpubwiz.cpp.help-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.rptpubwiz.cpp-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.rptpubwiz.cpp-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.rptpubwiz.cpp-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
crystalreports.sdk.java.repository-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.sdk.java.sdkcommon-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.webreporting.common-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.webreporting.common-4.0-de-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
crystalreports.webreporting.common-4.0-en-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
cvom.java.ui_helpers-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
cvom.java-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
cvom.java-4.0-de-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
cvom.java-4.0-en-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DE (x32 Version: 13.1 - Corel Corporation) Hidden
Dropbox (HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - Solvusoft Corporation)
FileZilla Client 3.7.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.0.1 - FileZilla Project)
fnc61_crviewer.msi (x32 Version: 14.0.0 - SAP) Hidden
FontNav (x32 Version: 5.0 - Corel Corporation) Hidden
foundation.bcm.cpp-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
foundation.bcm.java.bundle-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
foundation.bcm.java.classes-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
foundation.bcm.java-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
foundation.javalibs.bundle-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
foundation.javalibs.classes-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
foundation.javalibs-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
foundation.locale_fallback.cpp-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
foundation.tracelog.cpp-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
foundation.tracelog.java.classes-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
foundation.tracelog.java-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
Foxit Reader (HKLM-x32\...\{FE1EFF18-814A-42CE-8470-EC97EDDAF8FF}) (Version: 5.4.3.920 - Foxit Corporation)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
FreeFileSync 6.15 (HKLM-x32\...\FreeFileSync) (Version: 6.15 - www.FreeFileSync.org)
go1984 Desktop Client, Version 3.8.3.4 (HKLM-x32\...\go1984 Desktop Client_is1) (Version:  - )
Google Chrome (HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Greenshot 1.1.5.2643 (HKLM\...\Greenshot_is1) (Version: 1.1.5.2643 - Greenshot)
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
Image Resizer for Windows (64 bit) (Version: 3.0.4442.6002 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{9dfff2f7-5cd7-4fd4-9b75-7d53b042d94b}) (Version: 3.0.4442.6002 - Brice Lambson)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
informationengine.qt.drivers.informix.odbc.config-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
informationengine.qt.drivers.mysql.jdbc-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
informationengine.qt.drivers.mysql.odbc.config-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
informationengine.qt.drivers.neoview.odbc.config-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
informationengine.qt.drivers.netezza.jdbc-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
informationengine.qt.drivers.netezza.odbc.config-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
informationengine.qt.drivers.progress.jdbc-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
informationengine.qt.drivers.progress.odbc.config-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
informationengine.qt.drivers.sybase.ctlib.config-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
informationengine.qt.drivers.teradata.jdbc-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
informationengine.qt.drivers.teradata.odbc.config-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JTL-Wawi (HKLM-x32\...\JTL-Wawi_is1) (Version: 0.99923 - )
Kerio Outlook Connector (Offline Edition) (HKLM\...\{1413DBC0-BF83-4B1B-8A31-5382F5C3A4B9}) (Version: 8.4.4065 - Kerio Technologies Inc.)
Kerio Updater Service (HKLM-x32\...\{4FF72FBC-8A88-480B-9451-A1DDF6F5B91B}) (Version: 1.2.63669 - Kerio Technologies, Inc.) <==== ACHTUNG
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Matrox PowerDesk-SE (HKLM-x32\...\{BB3E446F-A88E-4D91-9905-9138965561E3}) (Version: 11.12.0810.0001 - Matrox Graphics Inc.)
Matrox XPDM P-Series Driver (HKLM-x32\...\Matrox XPDM P-Series Uninstaller) (Version:  - Matrox Graphics Inc.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
mp3 RightName 1.28 (HKLM-x32\...\mp3 RightName_is1) (Version:  - )
MP4 To MP3 Converter V3.0.4 (HKLM-x32\...\MP4 To MP3 Converter_is1) (Version:  - hxxp://www.MP4ToMP3Converter.net)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2 - )
olap.analysis.implementation.cpp.activex-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
olap.analysis.implementation.cpp.sofa-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
platform.client.java.helper.supportability-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.library.common.authentication.jdedwards.java-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.library.common.authentication.jdedwards-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.library.common.authentication.jdedwards-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.library.common.authentication.jdedwards-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.library.common.authentication.oracle-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.library.common.authentication.peoplesoft-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.library.common.authentication.sap-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.library.common.authentication.siebel.java-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.library.common.authentication.siebel-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.library.common.authentication.siebel-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.library.common.authentication.siebel-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.library.common.instrumentation-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.library.common-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.com.core-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.com.instrumentation-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.sdk.boe.com.slplugins.binfiles-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.com.slplugins.pinfiles-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.sdk.boe.com-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.com-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.sdk.boe.com-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.bundles-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.classes-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.jdedwards.plugins_bundle-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.jdedwards-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.oracle.plugins_bundle-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.oracle-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.pbds_full-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.pbds-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.peoplesoft.plugins_bundle-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.peoplesoft-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.sap.plugins_bundle-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.sap-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.siebel.plugins_bundle-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java.siebel-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.sdk.boe.java-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.services.ras21.clientsdk.java.pbd-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
platform.services.ras21.clientsdk.java-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.services.ras21.clientsdk_bundle-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
platform.services.ras21.clientsdk_shared_bundle-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
product.crystalreports.arp.icon-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
product.crystalreports.eula-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
product.crystalreports.langpackproperty-4.0-de-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
product.crystalreports.langpackproperty-4.0-en-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
product.shared.installiverse.reg-4.0-core-nu (x32 Version: 14.0.1.287 - SAP BusinessObjects) Hidden
product.shared.langpackreg-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6554 - Realtek Semiconductor Corp.)
repoaccess.async_scheduling-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
repoaccess.async_scheduling-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
repoaccess.async_scheduling-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
repoaccess.bo_storage-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
repoaccess.cdztools.java-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
repoaccess.cdztools.jshell-4.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
repoaccess.cdztools.oldregistry-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
repoaccess.cdztools.oldregistry-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
repoaccess.cdztools.oldregistry-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
repoaccess.cdztools-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
repoaccess.cdztools-4.0-de-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
repoaccess.cdztools-4.0-en-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
repoaccess.container.admintool.java-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
repoaccess.container.java-4.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
repoaccess.container-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
repoaccess.repo_proxy.cpp-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
repoaccess.repoaccess_plugins_webi.binfiles-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
Required Runtimes (x32 Version: 13.0.0.0 - SAP BusinessObjects) Hidden
SAP Crystal Reports runtime engine for .NET Framework (32-bit) (HKLM-x32\...\{FBAB5DC0-657B-424F-BE58-07DEFF68917C}) (Version: 13.0.5.891 - SAP)
Scribble Papers 2.9.1 (HKLM-x32\...\Scribble Papers_is1) (Version:  - Jens Hoetger)
setup.engine.sharedregistry-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
shared.library.content-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
shared.library.content-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
shared.library.content-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
shared.library.cxlib.cxlib-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
shared.library.keycode.decoder.cpp-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
shared.library.keycode.defn-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
shared.library.keycode.licmgr-4.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
shared.library.keycode.licmgr-4.0-de-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
shared.library.keycode.licmgr-4.0-en-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.15723 - TeamViewer)
TEC-IT Barcode Studio 15.1 (HKLM-x32\...\{26EE4D80-3EA8-42A7-8A28-201B49C87E7C}) (Version: 15.1.3.19677 - TEC-IT Datenverarbeitung GmbH)
tp.apache.abdera.bundle.biprs-1.1.2-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.apache.abdera.license-1.1.2-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.apache.axis-1.3-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.axis2.bundle-1.3-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.apache.axis2.classes-1.3-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.apache.axis2-1.3-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.apache.commons.java.classes-3.1-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.commons.java-3.1-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.cxf.bundle.biprs-2.3.3-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.apache.cxf.license-2.3.3-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.apache.derby.classes-10.2.2.0-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.derby-10.2.2.0-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.log4j.bundle-1.2.6_sap.1-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.log4j.classes-1.2.6_sap.1-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.log4j.nteventlogappender-1.2.6_sap.1-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.log4j-1.2.6_sap.1-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.rampart.classes-1.3-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.rampart-1.3-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.xalan.cpp-1.10.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.apache.xalan.java.classes-2.5.2-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.xalan.java-2.5.2-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.xbean-2.1.0-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.apache.xerces.cpp-2.1.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.apache.xerces.cpp-2.7.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.apache.xerces.java.classes-2.6.2-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.apache.xerces.java-2.6.2-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.azalea.fonts-5.5-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
tp.azalea-5.5-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.cup-0.11-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.curl.cpp-7.21.6-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.datadirect.cpp-6.0-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.eclipse.aspectj.classes-1.6.5-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.eclipse.aspectj-1.6.5-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.gzip-1.2.3-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.ibm.icu.cpp-3.0.1-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.ibm.icu.cpp-4.2.1-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.ibm.icu.java-3.8.1-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.libxml2-2.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.mapinfo.mapx.cpp-3.5-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.microsoft.mssdk-10.0-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.microsoft.office.stdole-11.0-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.netegrity.siteminder.cpp.smagent-6.0-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.netscape.ldap.cpp-6.0.5-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.ooc.cpp-3.3.2-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
tp.ooc.java.bundle-4.0.5-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.ooc.java.classes-4.0.5-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.ooc.java-4.0.5-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.openssl-0.9.8l-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.pervasive.db.btrieve-3.0-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.pkware.cpp-1.0-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.poco-1.3.6-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.rosette-4.2.1-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.rsa.crypto.cpp-3.2.1.2-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.rsa.crypto.java.classes-4.1-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.rsa.crypto.java-4.1-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.rsa.crypto-6.3-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.salesforce-9.0-core-nu (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
tp.sap.ljs.passport.classes-0.8.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.sap.ljs.passport-0.8.0-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.sap.ncs-720-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.sap.nwrfc-711-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.sap.rfcsdku-70-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.shared.pvlocale.pvlocale-4.0-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.sourceforge.libpng.cpp-1.0.30-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.sun.classes-1.1-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.sun.jre-1.6.0-core-32 (x32 Version: 14.0.4.738 - SAP BusinessObjects) Hidden
tp.sun-1.1-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.threedgraphics.pgsdk.cpp.chartsupport-2.50.16.busobj.1-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.threedgraphics.pgsdk.cpp.runtime-2.50.16.busobj.1-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.threedgraphics.pgsdk.cpp.runtime-2.50.16.busobj.1-de-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.threedgraphics.pgsdk.cpp.runtime-2.50.16.busobj.1-en-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.threedgraphics.pgsdk.cpp-2.50.16.busobj.1-core-32 (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.threedgraphics.pgsdk.cpp-2.50.16.busobj.1-de-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.threedgraphics.pgsdk.cpp-2.50.16.busobj.1-en-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.utexasaustin.hoard-3.7.1-core-32 (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.xpp3.bundle-1.1.3.8-core-nu (x32 Version: 14.0.3.613 - SAP BusinessObjects) Hidden
tp.xpp3.classes-1.1.3.8-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
tp.xpp3-1.1.3.8-core-nu (x32 Version: 14.0.0.760 - SAP BusinessObjects) Hidden
Trend Micro Antivirus+ (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 10.0 - Trend Micro Inc.)
Trend Micro Titanium (Version: 10.0 - Trend Micro Inc.) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
VBA (x32 Version: 6.2 - Corel Corporation) Hidden
Video Converter Packages (HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Video Converter Packages) (Version:  - ) <==== ACHTUNG
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)
WinDirStat 1.1.2 (HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
work ... for all! (HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\17fdbbdb7c98847f) (Version: 10.5.1412.3 - poin.t GmbH)
work ... for all! Arbeitsplatzinstallation (HKLM-x32\...\{5E46C44F-B866-4E8C-BCC2-D03269EF4DD8}) (Version: 9.00.4270 - poin.t GmbH)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
Zebra Font Downloader (HKLM-x32\...\Zebra Font Downloader_is1) (Version:  - Zebra Technologies Corporation)
ZebraDesigner 2 (HKLM-x32\...\ZebraDesigner 2) (Version:  - Zebra Technologies Corporation)
ZebraDesigner 2 (x32 Version: 2.2.0 - Zebra Technologies Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{0207CA76-8233-4478-9A40-607AC304C435}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{2BB2DE4F-FCDF-46F2-9723-5B1959E1BDE0}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{95775FC2-FFFA-4432-A4BC-352AB1A84581}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{BE892433-7479-4231-AB95-A313BDA3D409}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{D0E9EEAE-9AC7-4204-BA07-B72DD6077E82}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Avery\Avery Wizard 4.0\AvWizRes.dll (Avery Dennison Corporation. Envel Informationssysteme GmbH.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{D2776BCC-5F09-4068-B4E2-7EE1202F95CF}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1645522239-1614895754-725345543-1114_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Wiederherstellungspunkte =========================

07-12-2015 07:46:39 Windows-Sicherung
14-12-2015 08:19:36 Windows-Sicherung
15-12-2015 14:58:00 Removed F-Secure

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05DEDEE9-AF06-45BF-9636-AAB47B3B5DDA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA1d0bf8c3f7c0c4 => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {4744C64B-2C4A-4592-8DDD-8803CB61CD24} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114Core => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {539CF530-5E43-4FCF-84F7-5E8E1F4E14B3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114Core1d0c2dc2c0bba8 => C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {59F699E4-5E22-410A-B9F9-6C94C575C7ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {7713DE35-A9DD-45F6-8FD9-E02DA920C3BF} - System32\Tasks\AdobeAAMUpdater-1.0-JR-Dirk => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {795A95B3-5D97-4095-B0F2-9563320FCCC0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {9611E1A9-FAB3-41C0-8493-8692612D75BC} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {AA6C5D5F-59A5-49D9-BF91-59B124A30E0C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA => C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {EB10F0D2-57CD-41B8-97C2-BBA21022BFB9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {ED8BC4A5-674A-47E8-85C2-EEBDD676F749} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114Core1d0c2dc2c0bba8.job => C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA.job => C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114Core.job => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA.job => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA1d0bf8c3f7c0c4.job => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-01-22 15:06 - 2011-01-22 14:06 - 00014848 _____ () C:\Windows\System32\KOAZXAAL.dll
2012-11-02 17:50 - 2012-10-04 19:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2015-12-15 15:00 - 2015-03-31 12:08 - 00026408 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_57.dll
2015-12-15 15:00 - 2015-03-31 12:08 - 00058320 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_57.dll
2015-12-15 15:00 - 2015-03-31 12:09 - 00686608 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2015-12-15 15:00 - 2015-03-31 12:08 - 00110320 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_57.dll
2015-12-15 15:00 - 2015-03-31 12:08 - 00036160 _____ () C:\Program Files\Trend Micro\AMSP\boost_chrono-vc110-mt-1_57.dll
2015-12-15 15:00 - 2015-03-31 12:09 - 01314920 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2015-12-15 14:56 - 2015-07-16 19:31 - 00168544 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2013-12-30 13:29 - 2013-12-30 13:30 - 00896512 ____N () C:\Users\Dirk\AppData\Local\Temp\OCS\Downloads\8895a6ff54aa6156ee6d3370468ad434\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-09 15:26 - 2012-02-09 15:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 15:26 - 2012-02-09 15:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 15:26 - 2012-02-09 15:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2015-12-15 15:00 - 2015-07-16 19:31 - 00089088 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_thread-vc110-mt-1_52.dll
2015-12-15 15:00 - 2015-07-16 19:31 - 00018944 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_system-vc110-mt-1_52.dll
2015-12-15 15:00 - 2015-07-16 19:31 - 00049664 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_date_time-vc110-mt-1_52.dll
2015-12-15 15:00 - 2015-07-16 19:31 - 00761856 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_regex-vc110-mt-1_52.dll
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-12-15 14:56 - 2015-07-16 19:31 - 00065520 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2014-08-16 14:21 - 2015-11-18 22:36 - 05890368 _____ () C:\Users\Dirk\AppData\Local\Amazon Music\Amazon Music Helper.exe
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-02-27 16:27 - 2015-02-27 16:27 - 00104448 _____ () C:\Program Files\Kerio\Outlook Connector (Offline Edition)\ktzlib100x64_1.2.3.dll
2014-09-04 05:50 - 2014-09-04 05:50 - 03445656 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\X64\AdobePDFMakerX.dll
2014-09-04 13:51 - 2014-09-04 13:51 - 01446400 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2010-12-21 04:30 - 2010-12-21 04:30 - 01549664 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-02-27 16:54 - 2015-02-27 16:54 - 00348160 _____ () C:\Program Files\Kerio\Outlook Connector (Offline Edition)\gmime.dll
2015-02-27 16:48 - 2015-02-27 16:48 - 00086016 _____ () C:\Program Files (x86)\Kerio\UpdaterService\ktzlib100_1.2.3.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-14 10:24 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-14 10:24 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-14 10:24 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-14 10:24 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-14 10:24 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-14 10:24 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-14 10:24 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-14 10:24 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-14 10:24 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-14 10:24 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-14 10:24 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-14 10:24 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-14 10:24 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 07:43 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Dirk\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-09-04 13:51 - 2014-09-04 13:51 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2012-11-03 12:13 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2013-05-10 19:56 - 2013-05-10 19:56 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2012-10-22 11:58 - 2012-10-22 11:58 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\4a000739ab9060c0e8dd0e2ec6d69e36\IsdiInterop.ni.dll
2012-10-22 10:46 - 2011-11-29 19:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-10-22 10:44 - 2011-12-16 09:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-30 10:10 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-30 10:10 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-12-15 14:56 - 2015-07-16 19:31 - 00024312 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_system-vc110-mt-1_57.dll
2015-12-15 14:56 - 2015-07-16 19:31 - 00049544 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc110-mt-1_57.dll
2015-12-15 14:56 - 2015-07-16 19:31 - 00092792 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc110-mt-1_57.dll
2015-12-15 14:56 - 2015-07-16 19:31 - 00032552 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_chrono-vc110-mt-1_57.dll
2015-10-23 22:27 - 2015-10-23 22:27 - 21344952 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2015-03-17 00:34 - 2015-03-17 00:34 - 00322208 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2015-07-03 06:09 - 2015-07-03 06:09 - 45080248 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1645522239-1614895754-725345543-1114\Control Panel\Desktop\\Wallpaper -> C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{FA24F7A7-CBBA-444D-A1EF-371B84321781}C:\program files\activefax\client\actfaxclient.exe] => (Allow) C:\program files\activefax\client\actfaxclient.exe
FirewallRules: [UDP Query User{3B63FA24-C211-493A-BE4C-57646B9B74E6}C:\program files\activefax\client\actfaxclient.exe] => (Allow) C:\program files\activefax\client\actfaxclient.exe
FirewallRules: [{7B0E911F-496F-4F0F-851C-51DCCEBBA022}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{33BF4F9F-CBEB-4597-BE57-E3D1466C20E8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{36DB8BFC-9FB0-4B2F-A38B-923B4ED5DA49}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{B6D7F859-B746-4653-8933-16DE52A53A41}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{13CEC50B-E829-4752-85D1-3038BE3F8A8C}C:\program files (x86)\it-stöd\contactpad\contactpad.exe] => (Allow) C:\program files (x86)\it-stöd\contactpad\contactpad.exe
FirewallRules: [UDP Query User{D91040FF-F3AD-481E-B73D-8AEBB1045BB9}C:\program files (x86)\it-stöd\contactpad\contactpad.exe] => (Allow) C:\program files (x86)\it-stöd\contactpad\contactpad.exe
FirewallRules: [{69ADD3EF-A546-49FF-A89A-6333B90BF2F0}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{BF216021-1CAB-40BE-8823-14535F530CBA}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{30621E59-C968-4A77-B2B0-3347DB136F9A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FE885BA8-EE65-4979-A8DB-9EAFC3B3348E}] => (Allow) LPort=2869
FirewallRules: [{3CC0A1A6-72AB-4132-BCE8-605A8DCE9595}] => (Allow) LPort=1900
FirewallRules: [{FB15F37C-2E12-478A-9605-956AC674A571}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{57F24186-EEF8-47B2-BB17-DAD03FAEE7F1}] => (Allow) C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3AC17DE1-6035-4914-A489-53E38786202A}] => (Allow) C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7EB9C735-19F6-4D08-A8BD-5A1364914048}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DDC57CD-0280-4671-AFB1-A900B1098B85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{23CB4EBB-B19A-48EF-A9C5-6B6CF359B376}] => (Allow) C:\Program Files\CodeTwo\CodeTwo Public Folders Syncing Master\C2PublicFoldersServer.exe
FirewallRules: [TCP Query User{C9E4F44F-FC0B-4A8A-88D8-A3FD6C403CCE}C:\users\dirk\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\dirk\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{2B2112F5-87BC-4895-A348-AFD1D8BF178F}C:\users\dirk\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\dirk\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{F80708AC-6A9C-4505-9F1A-1EE200BE266A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8A4C3926-2FD7-49AF-BA77-C98194E3ABC0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A6A0FF16-DAD2-42CB-BD69-5CDE589F4A18}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{883F2A90-5E8D-4A7D-979D-6278AF36E647}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FAF380C9-DB0C-4EAF-AD3E-C7B4539AB516}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6C37A37E-D4AF-4142-AC5F-BF6A3A24ED46}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{43DC6028-4712-462F-8D02-7F1E9F8288CE}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{4D8171DA-9BB5-42A3-9663-C4FC59839521}] => (Allow) C:\Windows\Explorer.EXE

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: HWiNFO32/64 Kernel Driver
Description: HWiNFO32/64 Kernel Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HWiNFO32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/16/2015 08:43:47 AM) (Source: Windows Search Service) (EventID: 3050) (User: )
Description: Nicht besuchte Elemente können nach einer vollständigen Aktualisierung nicht vom Verlauf gelöscht werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (12/16/2015 08:32:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2015 08:30:17 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/16/2015 07:56:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2015 07:54:46 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/15/2015 08:26:10 PM) (Source: Windows Search Service) (EventID: 3050) (User: )
Description: Nicht besuchte Elemente können nach einer vollständigen Aktualisierung nicht vom Verlauf gelöscht werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (12/15/2015 07:38:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2015 07:36:32 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/15/2015 05:21:09 PM) (Source: Windows Search Service) (EventID: 3050) (User: )
Description: Nicht besuchte Elemente können nach einer vollständigen Aktualisierung nicht vom Verlauf gelöscht werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (12/15/2015 05:21:09 PM) (Source: Windows Search Service) (EventID: 3050) (User: )
Description: Nicht besuchte Elemente können nach einer vollständigen Aktualisierung nicht vom Verlauf gelöscht werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)


Systemfehler:
=============
Error: (12/16/2015 09:22:36 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{7E85B99F-1A41-44E1-9273-4EC25CA9F7C9}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (12/16/2015 08:30:21 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HWiNFO32

Error: (12/16/2015 08:09:06 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{7E85B99F-1A41-44E1-9273-4EC25CA9F7C9}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (12/16/2015 07:54:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HWiNFO32

Error: (12/16/2015 07:54:48 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.

Error: (12/16/2015 07:54:45 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne JR aufgrund der folgenden
Ursache nicht einrichten: 
%%1311

Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.



ZUSÄTZLICHE INFORMATIONEN

Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.

Error: (12/15/2015 07:39:06 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{7E85B99F-1A41-44E1-9273-4EC25CA9F7C9}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (12/15/2015 07:36:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HWiNFO32

Error: (12/15/2015 05:24:35 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{7E85B99F-1A41-44E1-9273-4EC25CA9F7C9}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (12/15/2015 05:10:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HWiNFO32


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 16271.37 MB
Verfügbarer physikalischer RAM: 12615.34 MB
Summe virtueller Speicher: 32540.93 MB
Verfügbarer virtueller Speicher: 28471.63 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:119.02 GB) (Free:3.42 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:126 GB) NTFS
Drive k: (Volume) (Network) (Total:3725.8 GB) (Free:1057.05 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: C6AB80D9)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F622365F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Deathkid535 · 16.12.2015, 11:21

Hi,

Schritt # 1: AdwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt # 2: FRST

Bitte noch ein frisches FRST-Log.

Schritt # 3: Bitte Posten

Das Log von AdwCleaner
Das frische FRST-Log

sebastian_jr · 16.12.2015, 13:15

Hallo Dennis,

hier die beiden Logs nach der Ausführung von AdwCleaner:

AdwCleaner:
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v5.025 - Bericht erstellt am 16/12/2015 um 13:05:55
# Aktualisiert am 13/12/2015 von Xplode
# Datenbank : 2015-12-13.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Dirk - DJ-PC
# Gestartet von : C:\Users\Dirk\Desktop\AdwCleaner_5.025.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : AddonsHelper
[-] Dienst Gelöscht : YahooAUService

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files\FileViewPro
[-] Ordner Gelöscht : C:\Program Files (x86)\FoxTab
[-] Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
[-] Ordner Gelöscht : C:\Program Files (x86)\Yahoo!\Companion
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\Ask
[-] Ordner Gelöscht : C:\ProgramData\Yahoo! Companion
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Local\genienext
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Local\Mobogenie
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Local\FileViewPro
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Local\Temp\OCS
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\LocalLow\AskToolbar
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\LocalLow\Yahoo! Companion
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\LocalLow\Yahoo!\Companion
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\DesktopIconForAmazon
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\DigitalSites
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\FoxTab
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\OCS
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\Solvusoft
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\Systweak
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\RHEng
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\Yahoo!\Companion
[-] Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter
[-] Ordner Gelöscht : C:\Users\Dirk\Documents\Mobogenie

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Dirk\daemonprocess.txt
[-] Datei Gelöscht : C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\yk1inp4d.default-1376891213699\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileViewPro_is1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{564E71D2-F568-4128-8000-A17FBC6F4866}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12175 Bytes] ##########

--- --- ---

Frisches FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-12-2015 01
durchgeführt von Dirk (Administrator) auf DJ-PC (16-12-2015 13:09:18)
Gestartet von C:\Users\Dirk\Downloads
Geladene Profile: Dirk (Verfügbare Profile: Dirk & Administrator & Dirk Joeres)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(Matrox Graphics Inc) C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Matrox Graphics Inc.) C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe
(ActFax Communication) C:\Program Files\ActiveFax\Client\ActFaxClient.exe
(ActFax Communication) C:\Program Files\ActiveFax\Terminal\TSClientB.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Users\Dirk\AppData\Local\Amazon Music\Amazon Music Helper.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmopChromeMsgHost32.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\chrome_extension2\host\chrome_native_msg_host.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-16] (Realtek Semiconductor)
HKLM\...\Run: [Matrox PowerDesk SE] => C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe [4246784 2010-02-11] (Matrox Graphics Inc.)
HKLM\...\Run: [ActiveFax Client] => C:\Program Files\ActiveFax\Client\ActFaxClient.exe [1063656 2012-11-02] (ActFax Communication)
HKLM\...\Run: [ActiveFax Terminal Server] => C:\Program Files\ActiveFax\Terminal\TSClientB.exe [560360 2012-11-02] (ActFax Communication)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [499712 2013-05-20] (Greenshot)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246264 2015-07-16] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1258496 2015-07-16] (Trend Micro Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1104288 2014-09-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Amazon Music] => C:\Users\Dirk\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-11-18] ()
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [SimpleSYN.NET] => "C:\Program Files\creativbox.net\SimpleSYN\CBN.SimpleSYN.NET.exe"
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Dropbox Update] => C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\MountPoints2: {5f586495-95d1-11e5-a389-902b34396bb7} - J:\LaunchU3.exe -a
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\MountPoints2: {dddf977d-8039-11e3-a882-902b34396bb7} - J:\ShelExec.exe BMW_Welt_highRes.jpg
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-20]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.2
Tcpip\..\Interfaces\{7E85B99F-1A41-44E1-9273-4EC25CA9F7C9}: [DhcpNameServer] 192.168.0.2
Tcpip\..\Interfaces\{994054FB-FEF3-4520-8095-E873DE7CCD42}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1645522239-1614895754-725345543-1114 -> DefaultScope {B484C34C-26B0-4923-B8A0-9A7996F8DEEE} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE739D20150629&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1614895754-725345543-1114 -> {B484C34C-26B0-4923-B8A0-9A7996F8DEEE} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE739D20150629&p={searchTerms}
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Trend Micro Netzwerkfilter-Plug-in -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Trend Micro IE-Schutz -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Trend Micro Netzwerkfilter-Plug-in -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Trend Micro IE-Schutz -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2015-07-16] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2015-07-16] (Trend Micro Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\yk1inp4d.default-1376891213699
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE739D20150629&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-11-02] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2012-07-31] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1645522239-1614895754-725345543-1114: @tools.google.com/Google Update;version=3 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1645522239-1614895754-725345543-1114: @tools.google.com/Google Update;version=9 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1645522239-1614895754-725345543-1114: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\yk1inp4d.default-1376891213699\searchplugins\4bf093af-58ba-4029-b2ec-7f7676bb2253.xml [2013-12-30]
FF SearchPlugin: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\yk1inp4d.default-1376891213699\searchplugins\McSiteAdvisor.xml [2015-12-15]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-20]
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-04-03] [ist nicht signiert]
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension [2015-12-15]
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-12-15]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-11-09] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-11-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\47.0.2526.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\47.0.2526.80\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\47.0.2526.80\pdf.dll => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Dirk\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Store) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-12-14]
CHR Extension: (Google-Suche) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Store) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-12-15]
CHR Extension: (Google Mail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.FOMXGL6CW3K7JX2L6R35PA5Z2A - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe

Deathkid535 · 16.12.2015, 16:18

Hi,

das FRST-Log ist unvollständig. Bitte nochmal posten

Fragen:

1. Gibts noch Probleme?

2. Ist das Yahoo-Zeugs absichtlich drauf?

3. Sagt dir die IP-Adresse was?

Code:

ATTFilter

Tcpip\..\Interfaces\{994054FB-FEF3-4520-8095-E873DE7CCD42}: [DhcpNameServer] 172.20.10.1

sebastian_jr · 17.12.2015, 08:30

Hallo,

ja, sorry, das Log war anscheinend abgeschnitten. Hier ist jetzt eins von heute Morgen, da ist die Schlusszeile mit dran.

Der yahoo-Messenger wurde vor längerer Zeit genutzt, jetzt aber nicht mehr. Da kann also alles weg, was damit zu tun hat. Ist das auch ein Hinweis auf unerwünschte Programme?

Die IP sagt uns nichts.

Probleme gibt es aktuell keine - wir hatten vor unserer Anfrage hier noch zwei Effekte: der Mediaplayer wollte beim Systemstart eine Datei 555f.tmp abspielen und es kam ein Systemfenster mit einem Fehler von rundll, dass ein Modul nicht gefunden wurde. Wir haben dann über HijackThis etwas verändert - danach tauchten beide Symptome nicht mehr auf.

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
durchgeführt von Dirk (Administrator) auf DJ-PC (17-12-2015 08:20:15)
Gestartet von C:\Users\Dirk\Downloads
Geladene Profile: Dirk (Verfügbare Profile: Dirk & Administrator & Dirk Joeres)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(Matrox Graphics Inc) C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Matrox Graphics Inc.) C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe
(ActFax Communication) C:\Program Files\ActiveFax\Client\ActFaxClient.exe
(ActFax Communication) C:\Program Files\ActiveFax\Terminal\TSClientB.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Users\Dirk\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Kerio Technologies Inc.) C:\Program Files\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmopChromeMsgHost32.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\chrome_extension2\host\chrome_native_msg_host.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
(Google Inc.) C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-16] (Realtek Semiconductor)
HKLM\...\Run: [Matrox PowerDesk SE] => C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe [4246784 2010-02-11] (Matrox Graphics Inc.)
HKLM\...\Run: [ActiveFax Client] => C:\Program Files\ActiveFax\Client\ActFaxClient.exe [1063656 2012-11-02] (ActFax Communication)
HKLM\...\Run: [ActiveFax Terminal Server] => C:\Program Files\ActiveFax\Terminal\TSClientB.exe [560360 2012-11-02] (ActFax Communication)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [499712 2013-05-20] (Greenshot)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246264 2015-07-16] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1258496 2015-07-16] (Trend Micro Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1104288 2014-09-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Amazon Music] => C:\Users\Dirk\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-11-18] ()
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [SimpleSYN.NET] => "C:\Program Files\creativbox.net\SimpleSYN\CBN.SimpleSYN.NET.exe"
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\Run: [Dropbox Update] => C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\MountPoints2: {5f586495-95d1-11e5-a389-902b34396bb7} - J:\LaunchU3.exe -a
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\...\MountPoints2: {dddf977d-8039-11e3-a882-902b34396bb7} - J:\ShelExec.exe BMW_Welt_highRes.jpg
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-20]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.2
Tcpip\..\Interfaces\{7E85B99F-1A41-44E1-9273-4EC25CA9F7C9}: [DhcpNameServer] 192.168.0.2
Tcpip\..\Interfaces\{994054FB-FEF3-4520-8095-E873DE7CCD42}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1645522239-1614895754-725345543-1114\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1645522239-1614895754-725345543-1114 -> DefaultScope {B484C34C-26B0-4923-B8A0-9A7996F8DEEE} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE739D20150629&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1614895754-725345543-1114 -> {B484C34C-26B0-4923-B8A0-9A7996F8DEEE} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE739D20150629&p={searchTerms}
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Trend Micro Netzwerkfilter-Plug-in -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Trend Micro IE-Schutz -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Trend Micro Netzwerkfilter-Plug-in -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Trend Micro IE-Schutz -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2015-07-16] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2015-07-16] (Trend Micro Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\yk1inp4d.default-1376891213699
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE739D20150629&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-11-02] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2012-07-31] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1645522239-1614895754-725345543-1114: @tools.google.com/Google Update;version=3 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1645522239-1614895754-725345543-1114: @tools.google.com/Google Update;version=9 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1645522239-1614895754-725345543-1114: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\yk1inp4d.default-1376891213699\searchplugins\4bf093af-58ba-4029-b2ec-7f7676bb2253.xml [2013-12-30]
FF SearchPlugin: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\yk1inp4d.default-1376891213699\searchplugins\McSiteAdvisor.xml [2015-12-15]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-20]
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-04-03] [ist nicht signiert]
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension [2015-12-15]
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-12-15]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-11-09] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-11-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\47.0.2526.106\pdf.dll => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Dirk\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Store) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-12-14]
CHR Extension: (Google-Suche) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Store) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-12-15]
CHR Extension: (Google Mail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.FOMXGL6CW3K7JX2L6R35PA5Z2A - C:\Users\Dirk\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [948736 2015-02-27] (Kerio Technologies Inc.) [Datei ist nicht signiert]
R2 Matrox.Pdesk.ServicesHost; C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe [344832 2010-02-11] (Matrox Graphics Inc)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1137664 2015-07-16] (Trend Micro Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=60000 -ad -bt=0 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-17] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTXPSER; C:\Windows\System32\DRIVERS\mtxpserm.sys [1657344 2010-06-18] (Matrox Graphics Inc.)
R1 Mtxpserx; C:\Windows\System32\DRIVERS\Mtxpserx.sys [10752 2010-06-18] (Matrox Graphics Inc.)
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2010-04-13] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2010-04-13] (Silicon Image, Inc.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [134280 2015-07-22] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [326896 2015-07-22] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [59712 2015-06-11] (Trend Micro Inc.)
R2 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [116576 2015-06-08] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [100320 2015-07-22] (Trend Micro Inc.)
R2 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [416608 2015-05-28] (Trend Micro Inc.)
R1 tmumh; C:\Windows\System32\DRIVERS\TMUMH.sys [91536 2015-06-29] (Trend Micro Inc.)
R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [116528 2015-06-26] (Trend Micro Inc.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-12-17] ()
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S1 HWiNFO32; \??\C:\Users\ADMINI~1\AppData\Local\Temp\HWiNFO64A.SYS [X]
U2 TMAgent; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-17 08:20 - 2015-12-17 08:20 - 02370048 _____ (Farbar) C:\Users\Dirk\Downloads\FRST64.exe
2015-12-16 13:09 - 2015-12-16 13:09 - 00000000 ____D C:\Users\Dirk\Downloads\FRST-OlderVersion
2015-12-16 13:05 - 2015-12-16 13:05 - 00000000 ____D C:\AdwCleaner
2015-12-16 13:02 - 2015-12-16 11:33 - 01740288 _____ C:\Users\Dirk\Desktop\AdwCleaner_5.025.exe
2015-12-16 10:04 - 2015-12-17 08:20 - 00033504 _____ C:\Users\Dirk\Downloads\FRST.txt
2015-12-16 10:04 - 2015-12-16 10:05 - 00099592 _____ C:\Users\Dirk\Downloads\Addition.txt
2015-12-16 08:39 - 2015-12-16 08:39 - 00399360 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2015-12-16 08:38 - 2015-12-17 08:20 - 00000000 ____D C:\FRST
2015-12-16 08:11 - 2015-12-17 07:24 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-16 08:11 - 2015-12-16 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-16 08:11 - 2015-12-16 08:11 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-16 08:11 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-16 08:11 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-15 15:05 - 2015-12-15 15:05 - 00000000 ___HD C:\TMRescueDisk
2015-12-15 15:01 - 2015-12-15 15:02 - 00001499 _____ C:\Users\Dirk\Desktop\Trend Micro Antivirus+.lnk
2015-12-15 15:01 - 2015-12-15 15:02 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Antivirus+
2015-12-15 15:00 - 2015-12-16 08:39 - 00000000 ____D C:\ProgramData\Trend Micro
2015-12-15 15:00 - 2015-12-15 15:00 - 00000059 _____ C:\Windows\system32\SupportTool.exe.bat
2015-12-15 15:00 - 2015-12-15 15:00 - 00000036 _____ C:\Users\Dirk\AppData\Local\housecall.guid.cache
2015-12-15 15:00 - 2015-12-15 15:00 - 00000000 ____D C:\Windows\SysWOW64\tmumh
2015-12-15 15:00 - 2015-12-15 15:00 - 00000000 ____D C:\Windows\system32\tmumh
2015-12-15 15:00 - 2015-12-15 15:00 - 00000000 ____D C:\Program Files\Trend Micro
2015-12-15 15:00 - 2015-07-22 02:32 - 00100320 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2015-12-15 15:00 - 2015-07-22 02:28 - 00326896 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-12-15 15:00 - 2015-07-22 02:28 - 00134280 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2015-12-15 15:00 - 2015-06-29 03:38 - 00091536 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMUMH.sys
2015-12-15 15:00 - 2015-06-26 11:20 - 00116528 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2015-12-15 15:00 - 2015-06-11 09:54 - 00059712 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2015-12-15 15:00 - 2015-06-08 06:54 - 00116576 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2015-12-15 15:00 - 2015-05-28 11:26 - 00416608 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2015-12-15 14:58 - 2015-12-15 15:40 - 00000000 ____D C:\Users\Dirk\AppData\Local\Trend Micro
2015-12-15 14:55 - 2015-12-15 14:56 - 128614000 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2015-12-15 13:47 - 2015-12-15 14:58 - 00000000 ____D C:\ProgramData\F-Secure
2015-12-15 13:47 - 2015-12-15 13:59 - 00000000 ____D C:\Users\Dirk\AppData\Local\F-Secure
2015-12-15 13:47 - 2015-12-15 13:47 - 00000000 ____D C:\Program Files (x86)\F-Secure
2015-12-14 12:17 - 2015-12-14 12:17 - 00562924 _____ C:\Users\Dirk\Downloads\CityRing_Oldtimer-Turnier-2015-Anmeldung.pdf
2015-12-14 10:24 - 2015-12-14 10:24 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 10:31 - 2015-12-09 10:31 - 00152702 _____ C:\Users\Dirk\Downloads\f30507bd-9b81-4123-aff5-72311f40b560.pdf
2015-12-09 08:02 - 2015-12-09 08:02 - 00066132 _____ C:\Users\Dirk\Downloads\Kontoauszug_77785205__Nr.0112015_vom_01.12.2015_20151209080214.pdf
2015-12-09 07:40 - 2015-12-09 07:40 - 00150326 _____ C:\Users\Dirk\Downloads\f97c01a8-d5a8-4dbf-b1d9-91b26e1b53fd.pdf
2015-12-08 07:51 - 2015-12-08 07:51 - 00007994 _____ C:\Users\Dirk\Downloads\B189852297_rech.pdf
2015-12-04 08:13 - 2015-12-17 07:22 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-12-03 10:42 - 2015-12-03 10:42 - 00143079 _____ C:\Users\Dirk\Downloads\agb(2).pdf
2015-12-03 10:41 - 2015-12-03 10:41 - 00143079 _____ C:\Users\Dirk\Downloads\agb.pdf
2015-12-03 10:41 - 2015-12-03 10:41 - 00143079 _____ C:\Users\Dirk\Downloads\agb(1).pdf
2015-12-03 10:35 - 2015-12-03 10:35 - 01760727 _____ C:\Users\Dirk\Downloads\Ausnahmegenehmigung_Sachsen_Anhalt.pdf
2015-12-03 09:55 - 2015-12-03 09:55 - 00060404 _____ C:\Users\Dirk\Downloads\Kontoauszug_844004__Nr.0112015_vom_30.11.2015_20151203095505.pdf
2015-12-03 09:53 - 2015-12-03 09:53 - 00062862 _____ C:\Users\Dirk\Downloads\Kontoauszug_50155552__Nr.0112015_vom_30.11.2015_20151203095339.pdf
2015-12-03 09:53 - 2015-12-03 09:53 - 00058144 _____ C:\Users\Dirk\Downloads\Entgeltinformationen_50155552_vom_30.11.2015_20151203095327.pdf
2015-12-02 13:40 - 2015-12-02 13:40 - 00064512 _____ C:\Users\Dirk\Desktop\Antrag_gutausbilden_Phase_1-1 geändert.xlsx
2015-12-01 12:09 - 2015-12-01 12:09 - 00283772 _____ C:\Users\Dirk\Desktop\Lions_Aufsteller_November_2015.pdf
2015-11-23 18:22 - 2015-11-23 18:22 - 00011459 _____ C:\Users\Dirk\Desktop\design112_3M-580E_Jahresverbrauch.xlsx
2015-11-20 13:26 - 2015-11-20 13:26 - 01475861 _____ C:\Users\Dirk\Desktop\CityRing-Limburg-Ideen-Neumarkt.zip
2015-11-20 13:19 - 2015-11-20 13:24 - 00000000 ____D C:\Users\Dirk\Desktop\CityRing-Limburg-Ideen-Neumarkt
2015-11-19 15:54 - 2015-11-19 15:54 - 00013867 _____ C:\Users\Dirk\Desktop\Jahresbestellmenge_d112_ORAFOL_hochreflektierend.xlsx
2015-11-17 20:00 - 2015-11-17 20:00 - 00000000 ____D C:\Users\Dirk\Desktop\Design112_Anschreiben.pages
2015-11-17 20:00 - 2015-11-17 20:00 - 00000000 ____D C:\Users\Dirk\Desktop\__MACOSX

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-17 08:19 - 2015-07-16 06:55 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA1d0bf8c3f7c0c4.job
2015-12-17 08:07 - 2012-11-02 17:42 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-17 08:05 - 2015-06-16 07:00 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA.job
2015-12-17 08:02 - 2012-11-02 17:41 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA.job
2015-12-17 07:46 - 2012-11-05 08:53 - 00000000 ____D C:\Users\Dirk\Documents\Outlook-Dateien
2015-12-17 07:43 - 2013-04-30 16:56 - 00000000 ____D C:\ProgramData\firebird
2015-12-17 07:43 - 2013-01-17 07:45 - 00000000 ____D C:\Users\Dirk\AppData\Local\Deployment
2015-12-17 07:32 - 2012-11-05 13:53 - 00000000 ____D C:\Users\Dirk\AppData\Local\Adobe
2015-12-17 07:29 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-17 07:29 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-17 07:28 - 2010-11-21 07:50 - 00700168 _____ C:\Windows\system32\perfh007.dat
2015-12-17 07:28 - 2010-11-21 07:50 - 00148964 _____ C:\Windows\system32\perfc007.dat
2015-12-17 07:28 - 2009-07-14 06:13 - 01621308 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-17 07:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-17 07:22 - 2014-03-04 13:18 - 00000000 ___RD C:\Users\Dirk\Dropbox
2015-12-17 07:22 - 2014-03-04 13:17 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Dropbox
2015-12-17 07:22 - 2012-10-30 14:54 - 00000104 _____ C:\Windows\system32\config\netlogon.ftl
2015-12-17 07:22 - 2012-10-22 11:05 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-12-17 07:22 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-16 13:57 - 2014-01-23 16:16 - 00000000 ____D C:\Users\Dirk\Documents\poin.t
2015-12-16 13:19 - 2012-11-02 17:41 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114Core.job
2015-12-16 13:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-16 13:06 - 2012-10-30 14:57 - 00005906 __RSH C:\ProgramData\ntuser.pol
2015-12-16 13:05 - 2012-11-03 12:13 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Yahoo!
2015-12-16 13:05 - 2012-11-03 12:13 - 00000000 ____D C:\Users\Dirk\AppData\LocalLow\Yahoo!
2015-12-16 13:05 - 2012-11-03 12:08 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-12-16 13:05 - 2012-10-30 17:07 - 00000000 ____D C:\Users\Dirk
2015-12-16 08:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2015-12-16 08:11 - 2014-01-27 09:16 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-16 08:11 - 2014-01-27 09:16 - 00000000 ____D C:\Users\Dirk\AppData\Roaming\Malwarebytes
2015-12-16 08:11 - 2014-01-27 09:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-16 08:11 - 2014-01-27 09:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-12-15 15:03 - 2013-02-14 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mp3 RightName
2015-12-15 15:03 - 2013-02-14 18:50 - 00000000 ____D C:\Program Files (x86)\mp3RightName
2015-12-15 15:00 - 2012-11-08 18:15 - 00000000 ____D C:\Users\Dirk\AppData\Local\CrashDumps
2015-12-15 13:51 - 2014-06-20 08:23 - 00000000 ____D C:\ProgramData\McAfee
2015-12-15 11:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-12-15 09:42 - 2012-11-05 09:04 - 00000000 ____D C:\Users\Dirk\AppData\Local\CutePDF Writer
2015-12-09 17:07 - 2012-11-02 17:42 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 17:07 - 2012-11-02 17:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 17:07 - 2012-11-02 17:42 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-02 16:51 - 2012-11-02 17:45 - 00002032 ____H C:\Users\Dirk\Documents\Default.rdp
2015-12-02 13:14 - 2015-07-16 06:55 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114UA1d0bf8c3f7c0c4
2015-12-02 13:14 - 2012-11-02 17:41 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1614895754-725345543-1114Core
2015-11-28 15:53 - 2014-08-16 14:21 - 00000000 ____D C:\Users\Dirk\AppData\Local\Amazon Music
2015-11-27 08:41 - 2015-07-10 08:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-27 08:27 - 2013-10-25 15:05 - 00000000 ____D C:\Users\Dirk\AppData\Local\Greenshot
2015-11-23 12:35 - 2015-07-16 15:20 - 00014653 _____ C:\Users\Dirk\Desktop\Abrechnung_01.xlsx
2015-11-18 19:45 - 2012-12-21 14:47 - 00001456 _____ C:\Users\Dirk\AppData\Local\Adobe Für Web speichern 13.0 Prefs

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-21 17:07 - 2015-03-21 17:07 - 0000132 _____ () C:\Users\Dirk\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2015-03-17 19:39 - 2015-03-17 19:39 - 0000132 _____ () C:\Users\Dirk\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-01-19 16:16 - 2015-06-29 07:17 - 0000341 _____ () C:\Users\Dirk\AppData\Roaming\WB.CFG
2014-01-19 16:16 - 2014-01-27 08:23 - 0000005 _____ () C:\Users\Dirk\AppData\Roaming\WBPU-TTL.DAT
2012-12-04 15:30 - 2012-12-04 15:34 - 0001456 _____ () C:\Users\Dirk\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2012-12-21 14:47 - 2015-11-18 19:45 - 0001456 _____ () C:\Users\Dirk\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-01-17 16:12 - 2014-04-17 11:36 - 0005120 _____ () C:\Users\Dirk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-15 15:00 - 2015-12-15 15:00 - 0000036 _____ () C:\Users\Dirk\AppData\Local\housecall.guid.cache
2015-02-09 11:16 - 2015-02-09 11:16 - 0000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Einige Dateien in TEMP:
====================
C:\Users\Dirk\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Dirk\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Dirk\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-10 09:36

==================== Ende von FRST.txt ============================

--- --- ---

Deathkid535 · 17.12.2015, 10:06

Hi,

bitte dein Java updaten.

Wenns keine Probleme mehr gibt, na dann

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Tcpip\..\Interfaces\{994054FB-FEF3-4520-8095-E873DE7CCD42}: [DhcpNameServer] 172.20.10.1
HKLM-x32\...\Run: [] => [X]
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Dann wären wir hier durch. Deine Logs sind sauber

Falls du deine Passwörter nicht regelmäßig änderst - jetzt ist der Zeitpunkt dafür!

Schritt # 1: Entfernen unserer Tools

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Abschließend noch ein paar Tipps von mir:

Schritt # 2: Empfohlene Software

Habe immer ein aktuelles Antivirenprogramm deiner Wahl installiert und aktiviere die automatischen Updates (standardmäßig eingeschaltet).

Ich empfehle:

Emsisoft Anti-Malware. (-25% für TB-Mitglieder)
Microsoft Security Essentials (Ab Windows 8 Microsoft Defender)

Verwende nach Möglichkeit nicht den Internet Explorer, da dieser viele Sicherheitslücken enthält. Achte aber darauf, dass er immer up to date bleibt, weil viele Programme diesen zum Anzeigen von Websites benutzen.

Alternativ kannst du verwenden:

Dazu sind folgende Add-ons empfehlenswert:

uBlock Origin (Chrome) --> Blockiert Werbung. Werbung kann sehr nervig sein, aber auch auf schädliche Links verweisen. uBlock ist effizienter als der Konkurrent AdblockPlus.

Ghostery --> Blockiert Tracker und Cookies, welche dich im Internet nachverfolgen können. Stelle jedoch bei der Installation sicher, dass du Ghostrank nicht zustimmst.

Du kannst auch

Malwarebytes Anti-Exploit verwenden, um aktuelle Sicherheitslücken zu stopfen.

Halte immer deine Plug-ins und Software aktuell, vor allem:

Deinen Browser
Flash Player
Java
PDF Reader

Du kannst diese komfortabel regelmäßig hiermit überprüfen:

PluginCheck
Filehippo App Manager

Schritt # 3: Tipps um eine Neuinfektion zu vermeiden

Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal wie FilePony.de. Von Downloadern wie die von Chip, Softonic und Sourceforge raten wir ab: CHIP-Installer - was ist das? - Anleitungen

Auch versuchen sich immer mehr Programme durch Installationsroutinen auf den PC "durchzumogeln". Das klappt ganz gut, weil viele Anwender sich diese nicht genau durchlesen und schnell durchklicken. Manchmal steht auch in den Lizenzvereinbarungen, dass ein Programm, was eigentlich als Freeware angepriesen wird, nur genutzt werden kann, wenn man sich bestimmte Toolbars oder andere Programme mitinstallieren lässt.
Da hilft es nur aufmerksam zu sein.

Ein Tool, welches dich dabei gut unterstützen kann, ist:

Unchecky. Dieses überwacht im Hintergrund Installationsprozesse und hakt automatisch nervige Adwarekomponenten wie Toolbars ab. Falls man etwas übersieht, warnt noch ein Pop-up, bevor man fortfahren kann.

Wir raten von jeglichen Optimizern, Cleanern, SpeedUps und Ähnlichem ab, da diese Softwareprodukte meist keinen Performancegewinn bringen. Du kannst jedoch regelmäßig deinen PC mit der windowsinternen Datenträgerbereinigung behandeln.

Überprüfe regelmäßig (mind. 1x pro Monat) deinen PC mit

Malwarebytes Anti-Malware und

ESET.

Falls du dir unsicher bist, ob ein Download wirklich sauber ist, kannst du immer https://www.virustotal.com/ zurate ziehen.

Schritt # 4: Unterstütze uns!

Wenn du uns mit einer kleinen Spende unterstützen möchtest, so kannst du dies hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html

Es reicht aber auch schon ein simples

hier, wenn du mit uns zufrieden warst.

unsere Facebook-Seite!

Bitte gib mir bescheid, wenn du das alles gelesen hast und alles klar ist, damit ich dieses Thema aus meinen Abos löschen kann.

sebastian_jr · 17.12.2015, 10:33

Hallo,

die letzten Schritte wurden durchgeführt, JAVA upgedated und FRST ausgeführt, hier das fixlog:

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-12-2015
durchgeführt von Dirk (2015-12-17 10:21:26) Run:1
Gestartet von C:\Users\Dirk\Downloads
Geladene Profile: Dirk (Verfügbare Profile: Dirk & Administrator & Dirk Joeres)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Tcpip\..\Interfaces\{994054FB-FEF3-4520-8095-E873DE7CCD42}: [DhcpNameServer] 172.20.10.1
HKLM-x32\...\Run: [] => [X]
EmptyTemp:
*****************

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{994054FB-FEF3-4520-8095-E873DE7CCD42}\\DhcpNameServer => Wert erfolgreich entfernt
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
EmptyTemp: => 1 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 10:21:44 ====

DelFix ist auch erfolgreich durchgelaufen.

Vielen, vielen Dank für Deine Bemühungen - wir werden die Ratschläge für die zukünftige Absicherung beherzigen!

Viele Grüße

Sebastian

Deathkid535 · 17.12.2015, 11:10

Gerne

17.12.2015, 11:10	#11
Deathkid535 /// Malwareteam	Eventueller Malware-Befall durch Makrovirus in Word-Doc ("Büromarkt Böttcher") Gerne __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

Eventueller Malware-Befall durch Makrovirus in Word-Doc ("Büromarkt Böttcher")

Plagegeister aller Art und deren Bekämpfung: Eventueller Malware-Befall durch Makrovirus in Word-Doc ("Büromarkt Böttcher")