|
Plagegeister aller Art und deren Bekämpfung: RoutineuntersuchungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
26.12.2015, 12:31 | #1 |
| Routineuntersuchung Ich habe vor ein Festplattenimage erstellen, und würde deshalb gern checken lassen ob der Computer sauber ist. Wenn ich versuche den Computer (ASUS X61S) in den Energiesparmodus zu versetzen, wird der Bildschirm schwarz und die Maus bekommt keinen Strom mehr (Beleuchtung geht aus). Festplatte arbeitet ebenfalls nicht mehr / nur sporadisch. Irgendwann geht der Computer einfach aus und beim Hochfahren kommt die Meldung "Windows wird nach unerwartetem Herunterfahren wieder ausgeführt". Ich vermute ganz stark, dass das mit der WLAN Karte (Atheros AR928X) zu tun hat, welche aus mir unverständlichen Gründen nicht in den Energiesparmodus geht. Nach Treiberneuinstallation funktionierte erstmal alles wieder normal, nach Neustart war es aber doch beim Alten. Das Komische ist, dass dies nur in 2 von 5 Benutzern passiert und wenn alle abgemeldet sind (ich den Energiesparmodus also von der Benutzerauswahleite starte), alles problemlos funktioniert. FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:25-12-2015 durchgeführt von Beamer (Administrator) auf SCHEFFLER-PC (26-12-2015 12:13:41) Gestartet von C:\Users\Beamer\Desktop Geladene Profile: Beamer & (Verfügbare Profile: Jeffel & Philipp & Beamer & Ellen & Manuel & Manuel) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe (DeviceVM) C:\ASUS.SYS\DVMExportService.exe (Sony Corporation) D:\Sony\PMBDeviceInfoProvider.exe (VMware, Inc.) C:\Windows\System32\vmnat.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (VMware, Inc.) D:\VMWare Player\vmware-authd.exe (VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe () C:\Program Files\ASUS\ASUS Live Update\ALU.exe (ATK) C:\Program Files\ASUS\Splendid\ACMON.exe (ASUS) C:\Program Files\ASUS\Net4Switch\Net4Switch.exe (ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe () D:\Gaming Maus\DareUMonitor.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sony Corporation) D:\Sony\PMBVolumeWatcher.exe (ATK) C:\Program Files\P4G\BatteryLife.exe () C:\Program Files\Wireless Console 2\wcourier.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Google Inc.) C:\Program Files\Google\Update\1.3.29.1\GoogleCrashHandler.exe (Sharkoon Technologies) D:\Gaming Tastatur\Monitor.EXE (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATILFE.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (ASUSTeK) C:\Windows\System32\ACEngSvr.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1549608 2009-08-17] (Synaptics Incorporated) HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS) HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS) HKLM\...\Run: [ADSMTray] => C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-06-24] (ASUSTek Computer Inc.) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-04] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Dare-U mouse] => D:\Gaming Maus\DareUMonitor.exe [786432 2012-11-19] () HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation) HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] () HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM\...\Run: [PMBVolumeWatcher] => D:\Sony\PMBVolumeWatcher.exe [2687160 2015-11-02] (Sony Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.) HKLM\...\Run: [Skiller PRO] => D:\Gaming Tastatur\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies) HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => D:\DT\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.) HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google) HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Philipp\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.) HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\MountPoints2: {1574b094-52d4-11e3-a17e-002618f9ca5d} - F:\Autorun.exe HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {1574b094-52d4-11e3-a17e-002618f9ca5d} - F:\Autorun.exe HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {1574b094-52d4-11e3-a17e-002618f9ca5d} - F:\Autorun.exe HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-644356114-2566177158-2502637254-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-644356114-2566177158-2502637254-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-644356114-2566177158-2502637254-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {1574b094-52d4-11e3-a17e-002618f9ca5d} - F:\Autorun.exe Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-11-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-11-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-11-04] (Google) ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll [2007-06-15] () ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [2007-06-01] () Startup: C:\Users\Jeffel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-10] ShortcutTarget: Dropbox.lnk -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei) Startup: C:\Users\Jeffel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-04-20] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-15] ShortcutTarget: Dropbox.lnk -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei) GroupPolicyUsers\S-1-5-21-644356114-2566177158-2502637254-1011\User: Beschränkung <======= ACHTUNG GroupPolicyUsers\S-1-5-21-644356114-2566177158-2502637254-1004\User: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.188.1 Tcpip\..\Interfaces\{27BE9621-3FAA-4E5E-B91B-230C0A34F43A}: [DhcpNameServer] 192.168.188.1 Tcpip\..\Interfaces\{D98CB3AF-FD17-49C3-973A-C8CB80814CE4}: [DhcpNameServer] 192.168.188.1 Internet Explorer: ================== HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.de/ HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/ HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/ HKU\S-1-5-21-644356114-2566177158-2502637254-1005\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs HKU\S-1-5-21-644356114-2566177158-2502637254-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com URLSearchHook: HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Kein Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - Keine Datei URLSearchHook: HKU\S-1-5-21-644356114-2566177158-2502637254-1005 - (Kein Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - Keine Datei URLSearchHook: HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Kein Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - Keine Datei SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?} SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?} SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_de SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1005 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = BHO: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21] (Oracle Corporation) BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21] (Oracle Corporation) Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei IE Session Restore: HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> ist aktiviert. Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1005 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Beamer\AppData\Roaming\Mozilla\Firefox\Profiles\8jbrone8.default-1451127886738 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-09-07] (CANON INC.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-21] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VLC Player\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Philipp\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-10-03] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ellen & Manuel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-08-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-08-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-08-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-08-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-08-12] (Apple Inc.) FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-12-25] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-25] [ist nicht signiert] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [Datei ist nicht signiert] S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-04] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-04] (Avira Operations GmbH & Co. KG) R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS) S4 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [Datei ist nicht signiert] R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG) S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433880 2015-05-28] (BlueStack Systems, Inc.) S3 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-28] (BlueStack Systems, Inc.) S3 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [806616 2015-05-28] (BlueStack Systems, Inc.) S4 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE [143424 2013-04-26] (SEIKO EPSON CORPORATION) R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert] S4 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] S4 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] () R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation) S2 MBAMService; D:\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MDES; C:\ASUS.SYS\DVMExportService.exe [307200 2008-10-21] (DeviceVM) [Datei ist nicht signiert] S4 MyPublicWiFiService; C:\Program Files\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [Datei ist nicht signiert] S4 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2104840 2015-12-23] (Electronic Arts) R2 PMBDeviceInfoProvider; D:\Sony\PMBDeviceInfoProvider.exe [495800 2015-11-02] (Sony Corporation) S4 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] () S4 ss_conn_service; D:\Samsung Kies\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) R2 VMAuthdService; D:\VMWare Player\vmware-authd.exe [87256 2015-06-24] (VMware, Inc.) R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [359128 2015-06-24] (VMware, Inc.) R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [722624 2014-08-21] (VMware, Inc.) R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [437976 2015-06-24] (VMware, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [25600 2009-07-24] (Alcor Micro, Corp.) R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [30264 2009-12-25] (ASUSTek Computer Inc) R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106968 2015-12-04] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136272 2015-12-04] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-20] (Avira Operations GmbH & Co. KG) R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [105728 2014-09-29] (AVM Berlin) R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [105728 2014-09-29] (AVM Berlin) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [55456 2015-12-04] (Avira Operations GmbH & Co. KG) R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131288 2015-05-28] (BlueStack Systems) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-21] (Disc Soft Ltd) R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [47928 2015-11-18] () R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] () S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [43968 2014-08-21] (VMware, Inc.) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( ) R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2009-06-18] (Windows (R) Win 7 DDK provider) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-13] (ASUS) R1 ndiskhaz; C:\Windows\System32\DRIVERS\ndiskhaz.sys [25416 2012-12-07] (Khalil Azzouzi) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1766592 2009-06-05] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2013-11-21] (Duplex Secure Ltd.) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-11] (Avira Operations GmbH & Co. KG) R3 stdriver; C:\Windows\System32\DRIVERS\stdriver32.sys [52312 2012-06-21] (NCH Software) S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [122752 2010-03-29] (Texas Instruments) S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [98704 2015-11-10] (Oracle Corporation) R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [26456 2015-06-24] (VMware, Inc.) R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [17104 2015-06-24] (VMware, Inc.) R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37456 2015-06-24] (VMware, Inc.) R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26968 2015-06-24] (VMware, Inc.) R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [66136 2015-06-24] (VMware, Inc.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [63824 2013-10-08] (VMware, Inc.) U3 ahvezkoi; C:\Windows\system32\Drivers\ahvezkoi.sys [0 ] (Advanced Micro Devices) <==== ACHTUNG (Null Byte Datei/Ordner) S3 ALSysIO; \??\C:\Users\Philipp\AppData\Local\Temp\ALSysIO.sys [X] U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\Users\Philipp\AppData\Local\Temp\catchme.sys [X] S3 dgderdrv; System32\drivers\dgderdrv.sys [X] S3 eapihdrv; \??\C:\Users\Philipp\AppData\Local\Temp\ehdrv.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 ipswuio; System32\DRIVERS\ipswuio.sys [X] S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-26 12:13 - 2015-12-26 12:14 - 00034716 _____ C:\Users\Beamer\Desktop\FRST.txt 2015-12-26 12:13 - 2015-12-26 12:13 - 00000000 ____D C:\FRST 2015-12-26 12:12 - 2015-12-26 12:13 - 01721856 _____ (Farbar) C:\Users\Beamer\Desktop\FRST.exe 2015-12-26 12:04 - 2015-12-26 12:04 - 00000000 ____D C:\Users\Beamer\Desktop\Alte Firefox-Daten 2015-12-26 11:40 - 2015-12-26 11:40 - 00000012 ____H C:\dvmexp.idx 2015-12-26 09:38 - 2015-12-26 09:38 - 00000000 ___HD C:\dvmexp 2015-12-25 13:10 - 2015-12-25 13:10 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\JetBrains 2015-12-25 13:08 - 2015-12-25 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm-Fotowelt 2015-12-25 13:06 - 2015-12-25 13:07 - 00000000 ____D C:\Users\Philipp\.AndroidStudio1.5 2015-12-25 13:02 - 2015-12-25 13:02 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\hps-install 2015-12-25 12:45 - 2015-12-25 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio 2015-12-25 12:24 - 2015-11-21 22:06 - 00278624 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2015-12-25 12:22 - 2015-11-21 22:06 - 00191584 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2015-12-25 12:22 - 2015-11-21 22:06 - 00191072 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2015-12-25 12:21 - 2015-12-25 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-12-25 10:16 - 2015-12-25 19:43 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-12-25 10:10 - 2015-12-25 10:10 - 00001050 _____ C:\Users\Philipp\Desktop\Notepad++.lnk 2015-12-24 20:33 - 2015-12-24 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skiller PRO 2015-12-24 13:41 - 2015-12-24 13:41 - 00384368 _____ C:\Windows\Minidump\122415-31590-01.dmp 2015-12-22 20:15 - 2015-12-22 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-12-22 20:14 - 2015-12-22 20:14 - 00000000 ____D C:\Program Files\iPod 2015-12-22 20:13 - 2015-12-22 20:15 - 00000000 ____D C:\Program Files\iTunes 2015-12-22 12:52 - 2015-12-22 12:52 - 00000000 ____D C:\Users\Manuel\AppData\Local\CEF 2015-12-22 12:50 - 2015-12-22 12:52 - 00000000 ____D C:\Users\Manuel\AppData\Local\Adobe 2015-12-22 12:50 - 2015-12-22 12:50 - 00000000 ____D C:\Users\Manuel\AppData\LocalLow\Adobe 2015-12-21 14:18 - 2015-12-21 14:19 - 00000000 ____D C:\Users\Manuel\AppData\Local\NFS Underground 2 2015-12-21 13:54 - 2015-12-21 13:54 - 00000000 ____D C:\Users\Beamer\AppData\Roaming\Dual Monitor 2015-12-21 13:46 - 2015-12-21 13:46 - 00000000 ____D C:\Users\Beamer\AppData\Roaming\Sony Corporation 2015-12-21 12:17 - 2015-12-21 12:18 - 00476520 _____ C:\Windows\Minidump\122115-25006-01.dmp 2015-12-16 17:31 - 2015-12-16 17:31 - 00000000 ____D C:\Users\Philipp\.ipython 2015-12-16 17:30 - 2015-12-16 17:30 - 00000000 ____D C:\Users\Philipp\AppData\Local\pip 2015-12-16 17:27 - 2015-12-16 17:27 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\jupyter 2015-12-16 17:25 - 2015-12-16 17:26 - 00000000 ____D C:\Users\Philipp\AppData\Local\anaconda-launcher 2015-12-16 17:23 - 2015-12-16 17:23 - 00000000 ____D C:\Users\Philipp\Documents\Python Scripts 2015-12-16 17:23 - 2015-12-16 17:23 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (32-bit) 2015-12-16 17:23 - 2015-12-16 17:23 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Continuum 2015-12-16 17:23 - 2015-12-16 17:23 - 00000000 ____D C:\Users\Philipp\.continuum 2015-12-15 19:57 - 2015-12-15 19:57 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-12-15 17:38 - 2015-12-25 11:13 - 00000580 _____ C:\Users\Philipp\Desktop\new 4.py 2015-12-15 14:58 - 2015-12-15 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI-Nspire CX Student Software 2015-12-15 14:58 - 2015-12-15 14:58 - 00000000 ____D C:\ProgramData\TI-Nspire CX 2015-12-14 18:31 - 2015-12-16 18:21 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\CyberLink 2015-12-13 18:10 - 2015-12-16 17:37 - 00000306 _____ C:\Users\Philipp\Desktop\new 2.py 2015-12-12 17:32 - 2015-12-12 17:32 - 00000000 ____D C:\Users\Philipp\Desktop\Setup Disks 2015-12-12 16:53 - 2015-12-13 20:00 - 00000117 _____ C:\Users\Philipp\Desktop\Python.py 2015-12-12 15:40 - 2015-12-12 15:45 - 00000031 _____ C:\Users\Philipp\Desktop\python_lernen.py 2015-12-12 15:28 - 2015-12-12 15:28 - 00000000 ____D C:\Users\Philipp\AppData\Local\Package Cache 2015-12-10 22:14 - 2015-12-19 19:43 - 00000000 ____D C:\Program Files\Mozilla Thunderbird 2015-12-10 18:30 - 2015-12-10 18:30 - 00000000 ____D C:\Users\Jeffel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-12-09 16:16 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-09 16:16 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-09 16:16 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-12-09 16:16 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-09 16:16 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-09 16:16 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-09 16:16 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-12-09 16:16 - 2015-11-10 01:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-12-09 16:16 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-09 16:16 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-12-09 16:16 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-12-09 16:16 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-12-09 16:16 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-12-09 16:16 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-09 16:16 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-12-09 16:16 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-12-09 16:16 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-09 16:16 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-12-09 16:16 - 2015-11-10 01:03 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-12-09 16:16 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-09 16:16 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-12-09 16:16 - 2015-11-10 00:57 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-12-09 16:16 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-12-09 16:16 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-12-09 16:16 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-09 16:16 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-12-09 16:16 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-09 16:16 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-09 16:16 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-09 16:16 - 2015-11-10 00:36 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-09 16:16 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-12-09 16:16 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-09 16:16 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-09 16:16 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-09 16:15 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-09 16:15 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-09 16:15 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-09 16:15 - 2015-11-10 19:39 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-09 16:15 - 2015-11-10 19:39 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-09 16:15 - 2015-11-10 18:40 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-09 16:15 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2015-12-09 16:15 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2015-12-09 16:15 - 2015-11-05 10:48 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-09 16:15 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2015-12-09 16:14 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2015-12-07 20:08 - 2015-12-07 20:08 - 00025561 _____ C:\Users\Jeffel\Desktop\Girokonto_5410027410_Kontoauszug_20140502-1.pdf 2015-12-06 23:07 - 2015-12-06 23:07 - 00144024 _____ C:\Windows\Minidump\120615-33540-01.dmp 2015-12-06 21:18 - 2015-12-06 21:19 - 00082110 _____ C:\Users\Jeffel\Downloads\FressnapfRechnung.pdf 2015-12-06 21:08 - 2015-12-06 21:08 - 00358797 _____ C:\Users\Jeffel\Downloads\MZ26683-20151005-CHE.jpeg 2015-12-04 18:28 - 2015-11-20 19:34 - 02956800 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-12-04 18:28 - 2015-11-20 19:34 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-12-04 18:28 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-12-04 18:28 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-12-04 18:28 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-12-04 18:28 - 2015-11-20 19:34 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-12-04 18:28 - 2015-11-20 19:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-12-04 18:28 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-12-04 18:28 - 2015-11-20 19:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-12-04 18:28 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-12-04 18:28 - 2015-11-20 19:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-12-02 19:17 - 2015-12-02 19:37 - 00000000 ____D C:\Users\Philipp\Documents\TI-Nspire 2015-12-02 19:17 - 2015-12-02 19:17 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\TI-Nspire 2015-12-02 19:16 - 2015-12-16 19:30 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Texas Instruments 2015-12-02 19:16 - 2015-12-02 19:16 - 00000000 ____D C:\ProgramData\SafeNet Sentinel 2015-12-02 19:14 - 2015-12-02 19:14 - 00000000 ____D C:\Program Files\Common Files\TI Shared 2015-12-02 19:13 - 2015-12-15 14:58 - 00000000 ____D C:\Program Files\TI Education 2015-12-02 19:13 - 2015-12-02 19:13 - 00000000 ____D C:\ProgramData\TI-Nspire CAS 2015-12-02 19:13 - 2015-12-02 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools 2015-12-02 17:29 - 2015-12-02 17:29 - 12958807 _____ C:\Users\Philipp\Desktop\TI-NspireCXCAS-4.0.3.29.tcc 2015-11-29 20:29 - 2015-11-29 20:30 - 00468904 _____ C:\Windows\Minidump\112915-29733-01.dmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-26 12:13 - 2009-07-14 03:37 - 00000000 ____D C:\Windows 2015-12-26 12:10 - 2014-12-31 16:10 - 00000917 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job 2015-12-26 12:10 - 2014-12-31 16:10 - 00000731 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job 2015-12-26 12:10 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-12-26 11:54 - 2015-06-13 13:18 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000UA.job 2015-12-26 11:50 - 2015-06-17 12:43 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1004UA.job 2015-12-26 11:40 - 2009-08-19 04:27 - 00000000 ___HD C:\temp 2015-12-26 11:39 - 2015-11-18 21:39 - 00000917 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {8E930F63-634A-4A6E-B3D4-E602BD0DCCD0}.job 2015-12-26 11:39 - 2015-11-18 21:39 - 00000731 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {8E930F63-634A-4A6E-B3D4-E602BD0DCCD0}.job 2015-12-26 11:34 - 2010-01-31 17:04 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-26 11:34 - 2010-01-31 17:04 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-26 11:27 - 2009-12-25 16:20 - 00019456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-26 11:27 - 2009-12-25 16:20 - 00019456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-26 11:20 - 2015-11-16 22:20 - 00000731 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C}.job 2015-12-26 11:19 - 2015-11-16 22:19 - 00000917 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C}.job 2015-12-26 11:19 - 2012-04-04 21:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-26 09:50 - 2015-06-17 12:43 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1004Core.job 2015-12-26 09:43 - 2015-06-16 16:05 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-12-26 09:39 - 2015-06-17 17:30 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-12-26 09:38 - 2015-11-23 17:23 - 00000000 ____D C:\ProgramData\VMware 2015-12-26 09:38 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-25 21:51 - 2009-08-26 09:29 - 00702404 _____ C:\Windows\system32\perfh007.dat 2015-12-25 21:51 - 2009-08-26 09:29 - 00151038 _____ C:\Windows\system32\perfc007.dat 2015-12-25 21:51 - 2009-08-20 04:40 - 01628962 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-25 21:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2015-12-25 21:47 - 2012-12-30 20:21 - 00000000 ___RD C:\Users\Jeffel\Dropbox 2015-12-25 21:47 - 2012-12-30 20:17 - 00000000 ____D C:\Users\Jeffel\AppData\Roaming\Dropbox 2015-12-25 21:42 - 2013-06-17 08:00 - 00000000 ____D C:\ProgramData\Origin 2015-12-25 20:31 - 2010-10-22 16:14 - 00000000 ____D C:\Users\Philipp\AppData\Local\NFS Underground 2 2015-12-25 19:48 - 2014-07-12 10:12 - 00000000 ___RD C:\Users\Philipp\Google Drive 2015-12-25 19:48 - 2010-12-01 13:28 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Dropbox 2015-12-25 19:43 - 2012-05-11 14:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-12-25 13:10 - 2014-05-18 11:07 - 00000000 ____D C:\ProgramData\tmp 2015-12-25 13:06 - 2010-10-17 10:45 - 00000000 ___RD C:\Users\Philipp 2015-12-25 12:45 - 2014-05-29 19:43 - 00000000 ____D C:\Users\Philipp\.android 2015-12-25 12:24 - 2015-10-17 10:32 - 00000000 ____D C:\Users\Philipp\.oracle_jre_usage 2015-12-25 12:22 - 2015-04-03 10:07 - 00000000 ____D C:\Program Files\Java 2015-12-25 12:21 - 2015-04-02 09:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-12-25 11:46 - 2014-05-29 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools 2015-12-24 21:17 - 2015-10-18 17:21 - 00000000 ____D C:\Users\Philipp\Documents\Euro Truck Simulator 2 2015-12-24 20:46 - 2011-05-18 19:20 - 00000000 ____D C:\Users\Philipp\Documents\Dateispeicherort für Auto-Wiederherstellen 2015-12-24 20:32 - 2009-08-19 03:15 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-12-24 19:37 - 2015-06-13 13:18 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000Core.job 2015-12-24 13:41 - 2012-07-28 21:41 - 00000000 ____D C:\Windows\Minidump 2015-12-23 15:35 - 2015-11-16 22:16 - 00000000 ____D C:\Users\Philipp\AppData\Local\ElevatedDiagnostics 2015-12-23 11:31 - 2015-11-23 17:27 - 00000000 ____D C:\Users\Philipp\AppData\Local\VMware 2015-12-23 11:31 - 2015-11-23 17:26 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\VMware 2015-12-23 07:54 - 2013-06-17 08:00 - 00000000 ____D C:\Program Files\Origin 2015-12-22 20:14 - 2011-05-27 16:37 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-12-22 12:56 - 2013-11-27 19:45 - 00000000 ____D C:\Program Files\Common Files\Steam 2015-12-22 12:50 - 2014-09-25 17:42 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Adobe 2015-12-21 13:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF 2015-12-21 13:47 - 2015-04-02 10:33 - 00180480 _____ C:\Users\Beamer\AppData\Local\GDIPFONTCACHEV1.DAT 2015-12-18 17:38 - 2015-04-04 19:15 - 00000000 ___SD C:\Windows\system32\GWX 2015-12-18 16:39 - 2015-08-02 17:01 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-12-17 13:20 - 2014-08-25 19:44 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-17 13:19 - 2015-03-05 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-16 19:31 - 2010-10-17 10:45 - 00000000 ____D C:\Users\Philipp\AppData\Local\VirtualStore 2015-12-16 17:26 - 2015-10-22 10:35 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-12-16 17:26 - 2014-09-29 14:54 - 00000000 ____D C:\Users\Philipp\AppData\Local\Deployment 2015-12-16 14:03 - 2015-09-25 19:43 - 00618400 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-12 15:06 - 2015-03-12 15:14 - 00000000 ____D C:\Users\Beamer\AppData\LocalLow\Adblock Plus for IE 2015-12-12 15:03 - 2015-03-12 16:28 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Adblock Plus for IE 2015-12-10 20:07 - 2009-11-24 19:19 - 00045056 _____ C:\Windows\system32\acovcnt.exe 2015-12-09 22:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache 2015-12-09 17:42 - 2011-08-28 08:47 - 00000000 ____D C:\Users\Beamer 2015-12-09 17:42 - 2009-12-25 16:33 - 00000000 ____D C:\Users\Jeffel 2015-12-09 17:19 - 2012-04-04 21:24 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-12-09 17:19 - 2011-06-10 18:15 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-12-09 16:38 - 2009-08-19 03:00 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-09 16:37 - 2010-06-03 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-09 16:36 - 2009-11-24 19:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-09 16:30 - 2013-07-28 22:00 - 00000000 ____D C:\Windows\system32\MRT 2015-12-09 16:18 - 2009-12-29 21:28 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-06 21:18 - 2010-01-25 17:43 - 00000000 ____D C:\Users\Jeffel\Documents\Telefon 2015-12-06 18:45 - 2009-12-25 19:17 - 00180480 _____ C:\Users\Jeffel\AppData\Local\GDIPFONTCACHEV1.DAT 2015-12-06 17:32 - 2014-09-25 17:43 - 00180480 _____ C:\Users\Manuel\AppData\Local\GDIPFONTCACHEV1.DAT 2015-12-04 18:21 - 2015-09-26 08:45 - 00180480 _____ C:\Users\Philipp\AppData\Local\GDIPFONTCACHEV1.DAT 2015-12-04 14:44 - 2013-05-08 05:52 - 00055456 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-12-04 14:44 - 2012-11-02 19:40 - 00136272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-12-04 14:44 - 2012-11-02 19:40 - 00106968 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-12-04 14:36 - 2013-11-19 19:00 - 00180480 _____ C:\Users\Ellen & Manuel\AppData\Local\GDIPFONTCACHEV1.DAT 2015-12-02 13:25 - 2009-12-06 21:05 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-11-29 09:34 - 2012-05-19 13:01 - 00000000 ____D C:\Users\Beamer\AppData\Roaming\Skype 2015-11-27 17:29 - 2013-03-30 17:22 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\.minecraft 2015-11-26 18:15 - 2015-07-04 18:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2008-05-22 08:35 - 2008-05-22 08:35 - 0051962 _____ () C:\Program Files\Common Files\banner.jpg 2009-04-08 10:31 - 2009-04-08 10:31 - 0106496 _____ () C:\Program Files\Common Files\CPInstallAction.dll 2008-08-11 21:45 - 2008-08-11 21:45 - 0155648 _____ (ASUS) C:\Program Files\Common Files\MSIactionall.dll 2015-01-04 11:55 - 2015-01-04 11:55 - 0000459 _____ () C:\Users\Beamer\AppData\Roaming\Drives Meter_Settings.ini 2012-04-23 17:17 - 2013-05-02 16:27 - 0007598 _____ () C:\Users\Beamer\AppData\Local\Resmon.ResmonCfg 2010-09-11 18:55 - 2010-09-11 18:55 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Jeffel\i2errDeu.dll Einige Dateien in TEMP: ==================== C:\Users\Beamer\AppData\Local\temp\avgnt.exe C:\Users\Ellen & Manuel\AppData\Local\temp\avgnt.exe C:\Users\Jeffel\AppData\Local\temp\avgnt.exe C:\Users\Jeffel\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf6_tnt.dll C:\Users\Jeffel\AppData\Local\temp\jre-8u66-windows-au.exe C:\Users\Manuel\AppData\Local\temp\avgnt.exe C:\Users\Philipp\AppData\Local\temp\avgnt.exe C:\Users\Philipp\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmmeuua.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-07-13 18:35 ==================== Ende vom FRST.txt ============================ |
26.12.2015, 12:32 | #2 |
| Routineuntersuchung Addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:25-12-2015 durchgeführt von Beamer (2015-12-26 12:14:52) Gestartet von C:\Users\Beamer\Desktop Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2009-12-25 16:59:54) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-644356114-2566177158-2502637254-500 - Administrator - Disabled) Beamer (S-1-5-21-644356114-2566177158-2502637254-1005 - Administrator - Enabled) => C:\Users\Beamer Ellen & Manuel (S-1-5-21-644356114-2566177158-2502637254-1008 - Limited - Enabled) => C:\Users\Ellen & Manuel Gast (S-1-5-21-644356114-2566177158-2502637254-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-644356114-2566177158-2502637254-1010 - Limited - Enabled) Jeffel (S-1-5-21-644356114-2566177158-2502637254-1000 - Administrator - Enabled) => C:\Users\Jeffel Manuel (S-1-5-21-644356114-2566177158-2502637254-1011 - Limited - Enabled) => C:\Users\Manuel Philipp (S-1-5-21-644356114-2566177158-2502637254-1004 - Administrator - Enabled) => C:\Users\Philipp ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 1&1 SmartFax (HKLM\...\1&1 SmartFax) (Version: 2.00.224 - 1&1 Internet AG) Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation) Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM\...\AmUStor) (Version: 1.4.1217.35202 - Alcor Micro Corp.) Alcor Micro USB Card Reader (Version: 1.4.1217.35202 - Alcor Micro Corp.) Hidden Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.) Apple Application Support (32-Bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ASUS CopyProtect (HKLM\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS) ASUS Data Security Manager (HKLM\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS) ASUS FancyStart (HKLM\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS MultiFrame (HKLM\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS) ASUS Power4Gear eXtreme (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.0.19 - ASUS) ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS) ASUS Touch Pad Extra (HKLM\...\{DB891739-2EB3-45A8-9CBD-941C255CECD4}) (Version: - ) ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus) Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0008 - ASUS) Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros) ATI Catalyst Install Manager (HKLM\...\{0AE24BD5-185C-436C-D93D-50574523C6C4}) (Version: 3.0.732.0 - ATI Technologies, Inc.) ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK) ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0053 - ASUS) ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS) ATKOSD2 (HKLM\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS) aTube Catcher (HKLM\...\aTube Catcher) (Version: 2.9.1462 - DsNET Corp) aTube Catcher Version 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team) Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.29 - Avanquest Software) Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - ) Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Avira Launcher (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.1.29781 - Ask.com) <==== ACHTUNG Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.1.29781 - Ask.com) <==== ACHTUNG Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.1.29781 - Ask.com) <==== ACHTUNG Bandicam (HKLM\...\Bandicam) (Version: 1.8.5.302 - Bandisoft.com) Battlefield 1942™ (HKLM\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts) BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.27.5408 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.27.5408 - BlueStack Systems, Inc.) Bob baut einen Park (HKLM\...\{367EDD83-302F-48E6-8F77-B0B056125C2D}) (Version: 1.0.0 - ) Bob der Baumeister (HKLM\...\{8F2D21F9-F428-4EF2-8111-953EF3299EFB}) (Version: 1.0.0 - ) Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - ) Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - ) Canon MP490 series Benutzerregistrierung (HKLM\...\Canon MP490 series Benutzerregistrierung) (Version: - ) Canon MP490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series) (Version: - ) Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - ) Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - ) Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - ) Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.) Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Construction-Simulator 2015 (HKLM\...\Steam App 289950) (Version: - weltenbauer. Software Entwicklung GmbH) Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman) Crusader No Remorse (HKLM\...\{2AEA735F-B393-4D89-93EF-5849CB72B4A3}) (Version: 1.0.0.2 - Electronic Arts) Cry of Fear (HKLM\...\Steam App 223710) (Version: - Team Psykskallar) CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.) CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) Diercke Globus Online (HKLM\...\Diercke Globus Online) (Version: 3.1.0 - Imagon GmbH) dm-Fotowelt (HKLM\...\dm-Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA) Dolby Control Center (HKLM\...\{0F3C61B5-3051-4DE6-8A6A-45100BCC1F41}) (Version: 1.2.0704 - Dolby) Dropbox (HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) Dropbox (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) Druckerdeinstallation für EPSON XP-312 313 315 Series (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation) Dual Monitor 1.22 (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu) Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation) EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version: - SEIKO EPSON Corporation) EPSON-Handbücher (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION) EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software) Express Gate (HKLM\...\{62CF8923-31DC-4285-A23C-17CE5AA6A679}) (Version: 1.0.3.2 - DeviceVM, Inc.) F1 2013 (HKLM\...\Steam App 223670) (Version: - Codemasters Birmingham) FIFA 09 (HKLM\...\{2315B23D-3E21-4920-837D-AE6460934ECB}) (Version: 1.0.1.1 - Electronic Arts) Firebird SQL Server - MAGIX Edition (HKLM\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG) FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin) FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Globus Fotoservice 4.4 (HKLM\...\Globus Fotoservice_is1) (Version: - ) Google Drive (HKLM\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.) Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) Hot Wheels (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{CF36DD86-81D3-4D91-8F7A-344E0C1A4BFD}) (Version: 1.00.0000 - Activision Value) Isola LEGO 2 (HKLM\...\{85967580-EBC2-11D4-AEA3-0050046A88ED}) (Version: - ) iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: 12.3.2.35 - Apple Inc.) Java 7 Update 79 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle) Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java SE Development Kit 7 Update 79 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle) Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden KingsoftOfficeXPlats 1.4 (HKLM\...\KingsoftOfficeXPlats) (Version: 1.4 - Kingsoft) LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - ) LBOTS Top mouse Driver (HKLM\...\{F1A273BD-6A9E-41D8-A111-5E56ACD286F8}) (Version: 1.0 - Togran) LEGO Racers 2 (HKLM\...\{3DD2E9EA-0544-4162-B8BE-E21E994E9F3B}) (Version: - ) Logitech Gaming Software (HKLM\...\{648F9C94-EC44-487B-9DA4-44ED72A082CC}) (Version: 4.50 - ) MAGIX Speed burnR (MSI) (HKLM\...\MX.{16884C3D-3512-486D-A2F9-39071551BFEF}) (Version: 7.0.2.6 - MAGIX AG) MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden MAGIX Video deluxe 2014 (HKLM\...\MX.{EA62B22F-AB0A-406B-80A9-8036D3CE3446}) (Version: 13.0.2.8 - MAGIX AG) MAGIX Video deluxe 2014 (Version: 13.0.2.8 - MAGIX AG) Hidden Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MergeModule_x86 (Version: 9.3.00 - Sony Corporation) Hidden Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}) (Version: 1.20.146.0 - Microsoft) Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Minigolf (HKLM\...\Minigolf_is1) (Version: - Meridian93) Monkey's Adventures (HKLM\...\Monkey's Adventures_is1) (Version: - play-publishing.com) Motorola Driver Installation 3.4.0 (HKLM\...\{81B3BEF9-5D97-4096-86E9-5B48A5BC32D0}) (Version: 3.4.0 - Motorola Inc.) Motorola Phone Tools (HKLM\...\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}) (Version: 5.0.7a 4/01/2008 - Avanquest Software) Motorola Phone Tools (Version: 4.30 - BVRP Software) Hidden Motorola Phone Tools (Version: 5.00 - BVRP Software) Hidden Mozilla Firefox 43.0.2 (x86 de) (HKLM\...\Mozilla Firefox 43.0.2 (x86 de)) (Version: 43.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.2.5833 - Mozilla) Mozilla Thunderbird 38.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version: 38.4.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyPublicWiFi 5.1 (HKLM\...\{C08D782B-9281-406B-ABCE-326DA70B8A1F}_is1) (Version: - TRUE Software) Mystery P.I. - The London Caper (HKLM\...\Mystery P.I. - The London Caper) (Version: - PopCap Games) NB Probe (HKLM\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version: - ) Net4Switch (HKLM\...\{9D6D7811-43B3-463C-BC79-5D1755269989}) (Version: 1.00.0019 - ASUS) NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - ) Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden Notepad++ (HKLM\...\Notepad++) (Version: 6.1.2 - ) Oddworld: Abe's Oddysee (HKLM\...\Steam App 15700) (Version: - Oddworld Inhabitants) OpenAL (HKLM\...\OpenAL) (Version: - ) Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.) pdfsam (HKLM\...\pdfsam) (Version: 2.2.0 - ) Peter Lustigs Verkehrsschule (HKLM\...\Verkehrsschule) (Version: - ) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) PlayMemories Home (HKLM\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.0.03.11020 - Sony Corporation) PMB_ModeEditor (Version: 9.3.00 - Sony Corporation) Hidden PMB_ServiceUploader (Version: 10.0.03 - Sony Corporation) Hidden Python 3.5.1 (32-bit) (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation) Python 3.5.1 (Anaconda3 2.4.1 32-bit) (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Python 3.5.1 (Anaconda3 2.4.1 32-bit)) (Version: 2.4.1 - Continuum Analytics, Inc.) Python 3.5.1 Core Interpreter (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Development Libraries (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Documentation (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Executables (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Launcher (32-bit) (HKLM\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation) Python 3.5.1 pip Bootstrap (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Standard Library (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Tcl/Tk Support (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Test Suite (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Utility Scripts (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden QuickTime 7 (HKLM\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Roads Of Rome (HKLM\...\Roads Of Rome_is1) (Version: - Realore Studios) Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Samsung Kies (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SimCity™ (HKLM\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts) Skiller PRO (HKLM\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies) Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.) Software Updater (HKLM\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION) <==== ACHTUNG Steam (HKLM\...\Steam) (Version: - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.1.1 - Synaptics Incorporated) TeamSpeak 3 Client (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Theme Hospital (HKLM\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts) TI-Nspire™ CAS Student Software (HKLM\...\{F03A8756-7FCB-4DCD-9AC1-12C63A6075F1}) (Version: 3.9.0.463 - Texas Instruments Inc.) TI-Nspire™ CX Student Software (HKLM\...\{99D1FC9E-5C33-4B49-ABA3-52D6CE943766}) (Version: 4.0.0.235 - Texas Instruments Inc.) TIPP10 Version 2.1.0 (HKLM\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions) TmNationsForever (HKLM\...\TmNationsForever_is1) (Version: - Nadeo) TOGGO PC-Spielebox 2 (HKLM\...\{67EECE0C-8B6C-4D09-989D-D39BC9BBCA0E}) (Version: 1.00.0000 - ) Toyland Racer (HKLM\...\Toyland Racer) (Version: - ) Unified Remote (HKLM\...\{D7930C67-5816-417B-BF28-54BB75EFDAF9}) (Version: 2.14.4.0 - Unified Remote) Unity Web Player (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: - Unity Technologies ApS) upapp (HKLM\...\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}) (Version: 0.20.0000 - Hewlett-Packard) Uplay (HKLM\...\Uplay) (Version: 12.0 - Ubisoft) USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - ) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) VMware Player (HKLM\...\VMware_Player) (Version: 6.0.7 - VMware, Inc) VMware Player (Version: 6.0.7 - VMware, Inc.) Hidden VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden VTech Download Manager (HKLM\...\VTechDownloadManager) (Version: - VTech) Werksfeuerwehr-Simulator Version 1.0 (HKLM\...\{5F7ED0CD-E04E-4441-9E03-10AFDB654E96}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH) WestwoodOnline (HKLM\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline) Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) WinFlash (HKLM\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS) WinRAR (HKLM\...\WinRAR archiver) (Version: - ) Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.10 - ATK) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{4D72E5BC-BC7C-11E0-83CA-10424824019B}\InprocServer32 -> C:\Users\Beamer\AppData\Local\ASKTOO~1\DOWNLO~1\AviraIDW.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{595EF3BD-A186-454A-810C-02015139ACDC}\InprocServer32 -> C:\Users\Beamer\AppData\Local\ASKTOO~1\DOWNLO~1\Avira.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> "C:\Users\Jeffel\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe" => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> "C:\Users\Jeffel\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe" => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> "C:\Users\Jeffel\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe" => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> "C:\Users\Jeffel\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe" => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Beamer\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}\InprocServer32 -> C:\Users\Beamer\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~1.DLL => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Beamer\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {022E57E0-C220-4A4E-AC90-D2C8DACAFB9D} - System32\Tasks\{4E4F2CAC-AA02-4AC1-8E3F-7F64288279A5} => C:\Program Files\LEGO Media\Spiele\LEGOLAND\legoland.exe [2000-05-31] (Krisalis Software Ltd.) Task: {062DB597-D745-4B4F-8444-3530722D8F45} - System32\Tasks\Core Temp Autostart => C:\Program Files\Core Temp\Core Temp.exe [2010-07-05] () Task: {08271361-89BF-4F1E-847E-1CA1ED3F6641} - System32\Tasks\{4B77430A-A839-4A8D-9AC6-DFE4CD36D283} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {0CF8F249-C5F7-475C-866F-21E7073015BD} - System32\Tasks\{EBC19F45-7508-4844-801A-11E762E37D12} => C:\Program Files\Ford Racing 2\fr2.exe Task: {0D72A5A0-375A-4832-9640-BAF16628647F} - System32\Tasks\EPSON XP-412 413 415 Series Update {0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {0FB6D721-7BEF-4B45-8E9C-A271B66DE5F2} - System32\Tasks\{07EB860E-F755-4932-9D3F-42431206EE3B} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {10DE5D12-366D-4EFB-9E1B-A5431C45ADC4} - System32\Tasks\{8AC62F6C-CFBA-4FA8-8592-D8DBAF919A41} => C:\Program Files\Ford Racing 2\fr2.exe Task: {11F32470-4328-4A83-9232-80BC5F42F305} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {5ED40A39-9E20-4A57-9853-44602CD12F7A} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {13CEC175-DFF4-4468-A045-29A526295C70} - System32\Tasks\{09EF0FB5-FFC5-4873-8A09-BA67F477983B} => C:\Program Files\Ford Racing 2\fr2.exe Task: {16A24A9E-DAB7-4860-94FD-851235C89820} - System32\Tasks\{2F3444E4-EAF5-4F9D-B44F-0359C6E1E962} => C:\Program Files\LEGO Media\Island Xtreme Stunts\FindDisc.exe Task: {16E7A595-0943-4C27-81FD-3C0F4846CBB9} - System32\Tasks\{718A9724-BA58-4A15-BA3F-28AD141B9FD7} => C:\Program Files\Logitech\Profiler\LWEmon.exe [2004-05-19] (Logitech Inc.) Task: {189C40ED-B151-444D-86FA-72B2F6B581EA} - System32\Tasks\{EEA39017-C6C8-42D6-83AD-AC789FF71125} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {1C2351DE-232B-4961-840F-EE0D68EB5EF4} - System32\Tasks\{81FAAD8E-E607-4907-9205-969E20593CF7} => C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe Task: {1C3E5FAC-1D4A-44B7-8E56-854A6F4CDE64} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {1DD33B99-F5E8-460F-BD30-B40888E8C53E} - System32\Tasks\{DB5AE33D-F764-456D-9421-62DA1F9288C7} => pcalua.exe -a "D:\DT\DAEMON Tools Lite\DTLite.exe" -d "D:\DT\DAEMON Tools Lite" Task: {1E3565F3-04AA-44DB-B8B7-F35A50CC9057} - System32\Tasks\{07FA7B80-D838-4C87-9F76-696E853348E0} => C:\Program Files\LEGO Interactive\Island Xtreme Stunts\FindDisc.exe Task: {2262B621-3FBA-4C58-8344-886110A30AF0} - System32\Tasks\{275198ED-E85E-4D37-9669-8DAC2931B05F} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {247A3341-0057-4368-A7D0-C80FC9FAFE17} - System32\Tasks\EPSON XP-412 413 415 Series Update {8E930F63-634A-4A6E-B3D4-E602BD0DCCD0} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {27685E6B-A6D7-4064-A4B9-1F485556156D} - System32\Tasks\{D1391C33-4665-4D75-B346-6737F2BFE6AE} => C:\Program Files\Janosch\Verkehr.exe [1998-04-16] (Macromedia, Inc.) Task: {279BEA6F-528A-4E59-B4D6-EF67500EC149} - System32\Tasks\{4CB1BAEC-7E20-4475-942D-B2ECD3C7BDE5} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {2C842B08-3AB4-4249-8416-A5F0C4254CBB} - System32\Tasks\{E26735BF-5210-43CB-908E-8A7923966B55} => C:\Program Files\Ford Racing 2\fr2.exe Task: {2E316E44-A20D-4E6C-8597-A4349A8F0F7B} - System32\Tasks\{0E84DB2D-E2CE-4939-A87C-0A7FEF5598A0} => C:\Program Files\LEGO Media\Island Xtreme Stunts\FindDisc.exe Task: {2EB3D3F5-13C7-448C-98A4-8E8B09A66A7C} - System32\Tasks\{1833D727-C5CA-45F6-B130-C78FC735305C} => C:\Program Files\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.) Task: {3701EA83-EDC0-434F-8AB9-FE21AAE4072D} - System32\Tasks\{08709750-B91C-4722-844A-B78F6762E37B} => C:\Program Files\EA Sports\FIFA 09\FIFA09.exe [2008-10-23] () Task: {37B9496D-79A9-4BCE-AFE4-B5463740A943} - System32\Tasks\{F9594586-61F2-41B8-A093-C8719E057E91} => C:\Program Files\Janosch\Verkehr.exe [1998-04-16] (Macromedia, Inc.) Task: {393F6F51-0E95-4952-8BAD-E1DDD5FFF5DA} - System32\Tasks\{01E58447-78A0-4CD3-BFAF-44C036E4F3F7} => C:\Program Files\Ford Racing 2\fr2.exe Task: {394592EC-79F9-49B8-A307-37950D07C1B9} - System32\Tasks\{E9474EA8-9D29-4DF8-9857-8726D1F8FCD4} => C:\Program Files\LEGO Media\Island Xtreme Stunts\FindDisc.exe Task: {3A161975-54C5-4DBB-8AB5-563F0BA63B7E} - System32\Tasks\{BBCB2F70-2DD9-4FDF-BA21-9F4AC8615359} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {3BC1FA8B-E302-4DEC-8AA9-B70DE9D839F7} - System32\Tasks\{15248D75-D51C-4771-8D5B-C56A5DC1D3F4} => C:\Program Files\OpenOffice.org 3\program\soffice.exe Task: {3DF4B1BA-C6BA-4565-9C58-0A27C06A1D4C} - System32\Tasks\{10DEF6AD-CAED-48C8-85EB-BD3A12C54209} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {3ECE4DE4-C76E-486F-A045-0713A65EC396} - System32\Tasks\{C5F0B686-DAD5-46B7-8DC1-EEF6742294DF} => C:\Program Files\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.) Task: {3EF06EA8-17AE-4451-96B0-2ED48FE15BE6} - System32\Tasks\{FFB859B9-8F39-438E-A00B-543A2BC334B5} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {4299562C-9C52-4B20-9BF8-D294B2969604} - System32\Tasks\{CE1034B1-CDF0-44ED-A78A-0E1B67A19078} => pcalua.exe -a E:\SETUP.EXE -d E:\ Task: {4A3D5C4F-7A49-48E2-BE04-A2DECC4146C2} - System32\Tasks\{4DF731FE-39D2-4735-963D-B33DC6BF1776} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {4A67723A-2FCB-49F6-A2FE-983B5EEE89A2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {4B952069-F7C4-4178-932C-D9AD6435A3EE} - System32\Tasks\{9F523BAE-9190-4380-B2B3-96FB780FE112} => pcalua.exe -a C:\Users\Philipp\Desktop\jxpiinstall.exe -d C:\Users\Philipp\Desktop Task: {4B9BA069-9E54-412A-90D7-CBB925EBF5FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated) Task: {4D2676FB-5EC2-4044-897A-45B547B13687} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {4D8CE3D9-10E6-4EF4-9C8E-39AD6D90EEEB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000UA => C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.) Task: {4E453841-EE58-4AA6-8514-3E30F217B1BE} - System32\Tasks\{E56CE78F-3DF9-4305-8336-77785549E0F4} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {542676B6-E1CE-4B5C-BDF2-C00ECFB38DBC} - System32\Tasks\{42963256-E132-413E-A4D9-4AD87B590641} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {543E71B8-E7BE-4FDA-AD19-CC490CA91848} - System32\Tasks\{09D857DD-F75F-4669-84AC-9B2B4F91002A} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs Task: {576416B1-5229-4BB5-8F5F-5EB4CE34693A} - System32\Tasks\{0AD9175A-E960-4F4A-B254-A7FFF532194A} => C:\Program Files\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.) Task: {592F7F57-9C8F-4F5D-9A75-D8444CAF5A34} - System32\Tasks\{3A608F0C-88F6-4101-A24D-5888FB4E1675} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {5B3DB1D0-2D67-4C1C-BA0C-73372A98F89C} - System32\Tasks\{8B5019D5-0BD6-4708-A1CA-DE33DAF12937} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {5CC8A7A0-EB94-45A9-8C14-10D1FA017AA5} - System32\Tasks\{D6670E02-8F5A-46ED-BFE4-8AEF911AB2FE} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {5D8E271A-4247-422B-BB0B-A0F60CD4F2EE} - System32\Tasks\{CF4F2AC7-7291-4854-8184-33979FBEEA3A} => C:\Program Files\Logitech\Profiler\LWEMon.exe [2004-05-19] (Logitech Inc.) Task: {6997CFAE-6B39-4219-A1BB-BFCA1A25B735} - System32\Tasks\ACMON => C:\Program Files\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK) Task: {6A3412A9-BC75-40BF-9F55-FA86316D3CF1} - System32\Tasks\{0C67CB2E-6FD7-4066-BB5C-E3110D04E8C5} => pcalua.exe -a C:\Users\Philipp\Desktop\setup.exe -d C:\Users\Philipp\Desktop Task: {6BCBF903-EFC8-4841-A00B-8A98F9B42040} - System32\Tasks\{5F24C263-DED9-48A3-85E4-2AF0241EDD56} => pcalua.exe -a C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\UNWISE.EXE -c C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\INSTALL.LOG Task: {6C2BAF56-D5B0-4D25-BFA4-8A03090E90F4} - System32\Tasks\{35BF4035-207B-4DDB-A7D9-DAE7569EA9A7} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {6C5770B2-BC99-471B-A8CA-DD9000A28ABF} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {6C7963B0-501B-464F-85BB-0F1A98CB0EE2} - System32\Tasks\{ACD04780-E85C-4752-806D-C7E0B65CA043} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {6FAF6F7D-1CDF-4408-A9E7-F480AFD09927} - System32\Tasks\{224E176B-C279-4E30-BFAC-74EDBD3DF2AA} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {7135554E-B506-4704-8BB8-4D0695B3D001} - System32\Tasks\{A64FB61E-6B30-4575-8E47-B986BC7611A4} => pcalua.exe -a C:\Users\Philipp\Desktop\VirtualBox-5.0.10-104061-Win.exe -d C:\Users\Philipp\Desktop Task: {71707D88-0843-4073-AFAC-21043703B9B5} - System32\Tasks\{B5BE686C-6877-4712-B359-6260EE6BAA94} => C:\Program Files\Ford Racing 2\fr2.exe Task: {72ED54C5-EAAC-4283-858E-E531B2490992} - System32\Tasks\{795C6E6E-FAAA-4431-A918-937A78C53BB2} => C:\Program Files\Ford Racing 2\fr2.exe Task: {7585CE6A-F9B1-4E6E-856F-617D6D00D54C} - System32\Tasks\Net4Switch => C:\Program Files\ASUS\Net4Switch\Net4Switch.exe [2007-11-20] (ASUS) Task: {79B505CA-4391-4F82-93B8-F6A10F007D29} - System32\Tasks\{E9F1D326-BB8E-416E-A09B-6DEFFC535CE7} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {7B9BD304-C851-42BA-B29B-8832C02B513D} - System32\Tasks\{AA91F360-BE81-48A9-9CFE-2565918BACBC} => C:\Program Files\Janosch\Verkehr.exe [1998-04-16] (Macromedia, Inc.) Task: {7BBE44D8-A420-4877-91D3-43AD4DF8740A} - System32\Tasks\{99B1E97F-436E-4429-ABA3-7E618A478667} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {805902FB-18D4-403F-9263-0624A07154E2} - System32\Tasks\{1648ED5A-2D13-4C52-AE7C-31297200C10D} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {85417455-F0F1-41C5-8316-B8DFEB8C8918} - System32\Tasks\{1A5C41D9-30DC-4783-B8B0-CEC6F0B3E839} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {86094599-821F-4E9B-8E55-9AF40185191E} - System32\Tasks\{ED62F36F-605A-4AE1-8208-FD5CA76699B4} => C:\Program Files\LEGO Media\Island Xtreme Stunts\FindDisc.exe Task: {8B3014D9-EB90-4483-B8E6-B492402A6DF0} - System32\Tasks\{12845C94-D0B6-4BDA-A9FB-5B154245A6D4} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {8DBA4AC8-B6E1-4E21-92E1-6F5BD04CBC59} - System32\Tasks\{805913F2-AD7E-416D-BA65-5BCB278D42E1} => C:\Program Files\LEGO Schach\Lego Chess.exe Task: {8FB70F6E-172F-42D9-AD4A-91E5AFF5A7B5} - System32\Tasks\{20881F0F-F213-4B1D-AC68-02FABF50C1CE} => C:\Program Files\LEGO Media\Spiele\LEGOLAND\legoland.exe [2000-05-31] (Krisalis Software Ltd.) Task: {9057296A-F885-41B1-8E01-EF575CEF376C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {90FFF327-1728-488D-BE4E-FA1232DD7BB6} - System32\Tasks\{14EDE9BC-20F9-4EFA-AC7D-6EB4C5A76C71} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {99C2E64D-3C78-4488-8CF3-672D6E3DB446} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000Core => C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.) Task: {99C91901-9432-4EA7-87F8-55A525B95ABA} - System32\Tasks\{E2D1EE7B-E7AD-4C2D-AAB0-AC383A6F07CC} => C:\Program Files\Janosch\Verkehr.exe [1998-04-16] (Macromedia, Inc.) Task: {A0215012-5C94-40CA-9A43-2F200B61A4A2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1004UA => C:\Users\Philipp\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {A0EC8CE0-03D7-4A0E-A8FA-0380AF2A1FF0} - System32\Tasks\{D884D7E7-64A4-45DE-98FD-56D8596FCD34} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {A93B8A4D-244F-453C-9B10-DB60E36A1C57} - System32\Tasks\EPSON XP-312 313 315 Series Update {5ED40A39-9E20-4A57-9853-44602CD12F7A} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {A9443690-748A-45F1-8D64-6AA0294F58AE} - System32\Tasks\{A5E9A2AB-D783-444B-ACEA-988C9C2827BD} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {B22899B8-49AC-43DA-B2BF-CCB47C542539} - System32\Tasks\{37C1FFED-5F13-4EA4-B8E0-FBC3039B59DA} => C:\Program Files\LEGO Interactive\Island Xtreme Stunts\FindDisc.exe Task: {B2FDDA94-D222-4673-A9AF-CAE32F13265A} - System32\Tasks\{57123DD4-3701-4890-8F5E-69253F2A254E} => C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe Task: {B3B4709A-B606-4F54-A90A-116F93D8512E} - System32\Tasks\ASPG => C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS) Task: {B7D4A3DB-3927-46B0-A840-174630359DE6} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS) Task: {BDC925F9-1584-4227-BF87-557F6DC13464} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1004Core => C:\Users\Philipp\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {C01F96CD-E814-4B3B-8ADB-B61746C44F27} - System32\Tasks\{47B8FC20-7DB8-48A6-83BC-E7C34E62CC8B} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {C361CDD7-C67A-4CB4-A515-59B3F225DF8C} - System32\Tasks\{6C5CE7EA-6EC5-497C-8FAE-8DDE494754CC} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {C6D305DC-A5B7-4BD2-B434-64B58E96E1B9} - System32\Tasks\{83270C1C-EFD0-435A-B354-DB444A4E64F7} => C:\Program Files\LEGO Interactive\Island Xtreme Stunts\FindDisc.exe Task: {C71C0104-D3E3-49D0-886E-850A0EA0A519} - System32\Tasks\{629DDE4B-7DAE-4321-B366-19139E71F9C4} => C:\Program Files\Ford Racing 2\fr2.exe Task: {CB2F551A-DAD5-4B49-B792-CD0C28A87319} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {CCCDE7C4-AC7C-4DD5-98AB-1DDF96CC1A00} - System32\Tasks\{5E36B9A2-EA7B-4338-B839-BA06E700C7A7} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {CFEED608-2BCD-40B0-858C-EF702ACC7888} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {8E930F63-634A-4A6E-B3D4-E602BD0DCCD0} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {D2D316AA-04AB-4C85-B4E6-0FFA7C1B5CAD} - System32\Tasks\{897420D6-2E83-4F0C-9542-4235DE3ADD9D} => C:\Program Files\Ford Racing 2\fr2.exe Task: {D428F363-CD1D-4CEC-BCFD-7895783F2746} - System32\Tasks\{740C00F2-0AF4-462D-B602-FAA959059F5E} => C:\Program Files\LEGO Media\Spiele\LEGOLAND\legoland.exe [2000-05-31] (Krisalis Software Ltd.) Task: {D943FB3E-EB45-43CD-91A6-A055E15CE059} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {DA81BBC7-677C-4A44-A056-CB90DC977864} - System32\Tasks\{0D730403-F736-400F-B631-19B8BC0E1E30} => C:\Program Files\EA Sports\FIFA 09\FIFA09.exe [2008-10-23] () Task: {DB85DFE2-B398-4D92-BA2A-821880861383} - System32\Tasks\{846920E1-73B4-4C1B-801F-BA087FE5EEF8} => C:\Program Files\LEGO Schach\Lego Chess.exe Task: {DC34DD92-92FA-4E52-A136-C3C2FC249AE5} - System32\Tasks\{9D61A73B-0DE2-48FE-A2B3-088709BD7D2C} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {DC6CEF1A-D549-42B2-87D2-274BEC35D662} - System32\Tasks\{C1FB456D-5102-4D69-A102-59FBB9C799C1} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {DE31F299-BD40-4A25-BB8A-10EC1ADC4783} - System32\Tasks\{E39103FF-9002-43CF-B483-1326522EF959} => C:\Program Files\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs Task: {E54FD084-9DE3-498A-8ECB-F723F22FAB84} - System32\Tasks\{A48CA2AC-8CD3-4B01-9BD2-E56D49ADD8F7} => C:\Program Files\EA Sports\FIFA 09\FIFA09.exe [2008-10-23] () Task: {E5AB5213-9D14-427E-BF04-B685E363ABF9} - System32\Tasks\{F8DD370C-1C9B-4B99-A221-D936EDE7FDAD} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {E61935EA-A141-496D-BA9E-CF4C3EF3795D} - System32\Tasks\{3CB8A215-9260-42B8-8D9B-FA81017EED9A} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {ECE35F5A-90AC-475C-9DA4-5E3081442D68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {EDFDEDC0-7152-4BC4-8E7A-2D96E5C6D8D7} - System32\Tasks\{6DD7CCD6-3D1C-4DA7-B895-4F4F95745358} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {EEA6A0A0-E1CD-4583-B178-0690064E5D8F} - System32\Tasks\{EE69846A-E56D-493D-B5DA-858DE7FA218B} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {F74F66A2-BA11-4AEC-A516-F153CDCD3451} - System32\Tasks\{2EF7C677-995A-413F-93CA-F39A6D35363C} => C:\Program Files\Ford Racing 2\fr2.exe Task: {F7E36632-B92F-40E5-8FDF-60225CFB5CB3} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Jeffel => C:\Program Files\Windows Calendar\WinCal.exe Task: {F8E4E8A9-959E-4214-8706-20AE311FFA86} - System32\Tasks\{D1117AB3-5D96-42EF-8AE2-EE14F8692D60} => C:\Program Files\LEGO Interactive\Island Xtreme Stunts\FindDisc.exe Task: {F8EF940F-03BD-46F5-A998-1540C6587472} - System32\Tasks\{FB7C2341-6721-4B95-A6AE-136D881A01F3} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {F9428F41-B2CF-431B-8A33-32AD9E73E88C} - System32\Tasks\{BF78135C-D9BB-42BD-8E6A-0FBBC5ACA700} => C:\Program Files\LEGO Media\Island Xtreme Stunts\FindDisc.exe Task: {FD11DEA1-27EB-480A-ADD0-60B1E33E6B31} - System32\Tasks\{DA19A5B2-B0BB-49BA-854B-43FECBBC9387} => C:\Program Files\Logitech\Profiler\LWEmon.exe [2004-05-19] (Logitech Inc.) Task: {FD3008D4-9573-44C7-B144-BA5C02B4BFCA} - System32\Tasks\{3E7DE8B7-79CA-4BC7-A84E-390073C4E375} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000Core.job => C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000UA.job => C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1004Core.job => C:\Users\Philipp\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1004UA.job => C:\Users\Philipp\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLFE.EXE Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLFE.EXE:/EXE:{5ED40A39-9E20-4A57-9853-44602CD12F7A} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {8E930F63-634A-4A6E-B3D4-E602BD0DCCD0}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE:/EXE:{0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {8E930F63-634A-4A6E-B3D4-E602BD0DCCD0}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE:/EXE:{8E930F63-634A-4A6E-B3D4-E602BD0DCCD0} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-06-24 14:28 - 2015-06-24 14:28 - 01301720 _____ () D:\VMWare Player\libxml2.dll 2007-06-15 10:28 - 2007-06-15 10:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll 2007-06-01 17:08 - 2007-06-01 17:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll 2010-01-01 11:48 - 2009-12-12 15:12 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll 2009-12-25 18:28 - 2007-11-30 11:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe 2008-09-30 23:02 - 2008-09-30 23:02 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll 2009-12-25 18:34 - 2007-07-27 15:10 - 00049152 _____ () C:\Program Files\ASUS\Net4Switch\ResItf.dll 2009-12-25 18:34 - 2009-07-03 13:04 - 00084992 _____ () C:\Program Files\ASUS\Net4Switch\cxcmrt.dll 2009-12-25 18:34 - 2009-07-03 13:13 - 00074752 _____ () C:\Program Files\ASUS\Net4Switch\ipswobj.dll 2009-12-25 18:34 - 2009-07-01 16:46 - 00461824 _____ () C:\Program Files\ASUS\Net4Switch\ipswresmgr.dll 2009-12-25 18:34 - 2009-07-03 13:12 - 00049152 _____ () C:\Program Files\ASUS\Net4Switch\ipswhlp.dll 2009-12-25 18:34 - 2009-07-08 11:24 - 00167424 _____ () C:\Program Files\ASUS\Net4Switch\ipsw_cfgmgr.dll 2009-12-25 18:34 - 2009-07-03 13:12 - 00089088 _____ () C:\Program Files\ASUS\Net4Switch\ipswds.dll 2009-12-25 18:34 - 2009-07-03 13:12 - 00065024 _____ () C:\Program Files\ASUS\Net4Switch\ipswgblset.dll 2009-12-25 18:34 - 2009-07-03 13:40 - 00085504 _____ () C:\Program Files\ASUS\Net4Switch\LogonStartup.dll 2009-12-25 18:34 - 2009-07-09 17:41 - 00222720 ____N () C:\Program Files\ASUS\Net4Switch\ipswsysmon.dll 2009-12-25 18:34 - 2009-07-03 13:21 - 00042496 _____ () C:\Program Files\ASUS\Net4Switch\iphelper.dll 2009-12-25 18:34 - 2009-07-03 13:11 - 00267264 _____ () C:\Program Files\ASUS\Net4Switch\ipswcore.dll 2009-12-25 18:34 - 2009-07-03 13:13 - 00297984 _____ () C:\Program Files\ASUS\Net4Switch\ipswui.dll 2013-12-24 19:39 - 2012-11-19 23:44 - 00786432 _____ () D:\Gaming Maus\DareUMonitor.exe 2013-12-24 19:39 - 2013-03-27 12:48 - 00057344 _____ () D:\Gaming Maus\lan.dll 2013-12-24 19:39 - 2012-04-19 17:15 - 00061440 _____ () D:\Gaming Maus\hiddriver.dll 2014-10-13 02:49 - 2014-06-20 07:42 - 00401280 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe 2014-10-13 02:49 - 2014-03-04 12:20 - 00117760 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll 2014-10-13 02:49 - 2014-04-22 03:14 - 00065536 _____ () C:\Program Files\VTech\DownloadManager\System\QHttpServer.dll 2014-10-13 02:49 - 2014-05-06 06:39 - 00861184 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\platforms\qwindows.dll 2014-10-13 02:49 - 2014-05-06 06:38 - 00021504 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qgif.dll 2014-10-13 02:49 - 2014-05-06 06:38 - 00020992 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qico.dll 2014-10-13 02:49 - 2014-05-06 06:38 - 00204800 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll 2014-10-13 02:49 - 2014-05-06 11:44 - 00218112 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qmng.dll 2014-10-13 02:49 - 2014-05-06 06:58 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll 2014-10-13 02:49 - 2014-05-06 11:44 - 00015360 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtga.dll 2014-10-13 02:49 - 2014-05-06 11:44 - 00307712 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll 2014-10-13 02:49 - 2014-05-06 11:44 - 00014848 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll 2014-10-13 02:49 - 2014-05-06 07:31 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll 2014-10-13 02:49 - 2014-05-06 06:38 - 00036352 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll 2014-10-13 02:49 - 2014-05-06 06:38 - 00038912 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll 2009-08-19 03:53 - 2007-07-06 00:53 - 01040384 _____ () C:\Program Files\Wireless Console 2\wcourier.exe 2015-12-24 20:32 - 2015-07-20 17:15 - 00057344 _____ () D:\Gaming Tastatur\lan.dll 2015-12-24 20:32 - 2012-08-14 22:41 - 00061440 _____ () D:\Gaming Tastatur\hiddriver.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2006-11-02 11:23 - 2015-06-17 17:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jeffel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-644356114-2566177158-2502637254-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Beamer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Beamer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Ellen & Manuel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-644356114-2566177158-2502637254-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.188.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: ATKGFNEXSrv => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BstHdAndroidSvc => 3 MSCONFIG\Services: BstHdLogRotatorSvc => 3 MSCONFIG\Services: BstHdUpdaterSvc => 3 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: ehRecvr => 3 MSCONFIG\Services: ehSched => 3 MSCONFIG\Services: EpsonScanSvc => 2 MSCONFIG\Services: FirebirdServerMAGIXInstance => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: IEEtwCollectorService => 3 MSCONFIG\Services: IJPLMSVC => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MDES => 2 MSCONFIG\Services: MyPublicWiFiService => 2 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: spmgr => 2 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Philipp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AlcoholAutomount => "D:\Alcohol 120\axcmd.exe" /automount MSCONFIG\startupreg: AmIcoSinglun => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ASUS Camera ScreenSaver => C:\Windows\AsScrProlog.exe MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\ASScrPro.exe MSCONFIG\startupreg: ASUSTPE => C:\Windows\system32\ASUSTPE.exe MSCONFIG\startupreg: AVMUSBFernanschluss => "C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe" MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" MSCONFIG\startupreg: DAEMON Tools Lite => "D:\DT\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: EADM => C:\Program Files\Origin\Origin.exe -AutoStart MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KiesTrayAgent => D:\Samsung Kies\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: PMBVolumeWatcher => D:\Sony\PMBVolumeWatcher.exe /SysAutoRun MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun ==================== FirewallRules (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{98B426BE-4154-48E7-A940-C28AD6AB3C7E}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{A0ED8D77-C475-4A7C-9683-E33EF6CA08AE}] => (Allow) svchost.exe FirewallRules: [{5A959ABA-B81C-408F-9BF9-A382D827ED17}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [TCP Query User{92FF86AB-5408-4239-86CD-713C52CC5E72}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [UDP Query User{756D4762-70FE-4F03-9A42-0F627F10CBF8}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [TCP Query User{F15C73F2-09B2-4D70-B6C1-FCB8C6C3077A}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [UDP Query User{3518798C-9464-4B02-B79D-33060DE82A80}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [TCP Query User{F87691B0-9C93-4349-8E2B-69BF1B0D816D}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{0756E3CD-F4D3-4373-BCB1-583FDDA22919}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{6939840F-897B-42B5-8E48-6E97937198B0}] => (Allow) svchost.exe FirewallRules: [{59E3FF2C-493B-4937-9A37-DA9D1CAAFC4B}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{A1DE6356-BBC4-48A8-B039-88DEB224609A}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{E3168A96-5F5E-4485-AD0D-7AE6A2596564}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{4AF10D0E-C4C1-40A2-936B-C6F2AB12613B}C:\program files\tmnationsforever\tmforever.exe] => (Allow) C:\program files\tmnationsforever\tmforever.exe FirewallRules: [UDP Query User{88D7FF05-F79E-4946-A853-288BD573E814}C:\program files\tmnationsforever\tmforever.exe] => (Allow) C:\program files\tmnationsforever\tmforever.exe FirewallRules: [{55E52E7C-FD6E-4517-8357-F6D71154371A}] => (Allow) C:\Users\Jeffel\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{9C447FBD-4CD0-4507-918C-C3C1FC1BC0BC}] => (Allow) C:\Users\Jeffel\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{424B5F96-6253-4B19-824F-7157B91CE53C}C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{A3FECD29-88C2-49EE-9826-78B12649C757}C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{3E55C8FD-D431-4830-8F71-22F2B69255C3}C:\program files\ea sports\fifa 09\fifa09.exe] => (Allow) C:\program files\ea sports\fifa 09\fifa09.exe FirewallRules: [UDP Query User{6B39FD39-72B8-4683-9E30-4221DEFAD5D9}C:\program files\ea sports\fifa 09\fifa09.exe] => (Allow) C:\program files\ea sports\fifa 09\fifa09.exe FirewallRules: [TCP Query User{EF7EF825-131B-4165-A892-9DEC02FC688F}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe FirewallRules: [UDP Query User{25BF93E3-CEFC-4077-972C-637BBD3D8D23}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe FirewallRules: [{BE0F663E-C815-4563-A897-646E54E5E075}] => (Block) E:\easysetupassistant\wr841n\easysetupassistant.exe FirewallRules: [{C1AD54B1-3E4E-48CD-AA59-46A81630CED6}] => (Block) E:\easysetupassistant\wr841n\easysetupassistant.exe FirewallRules: [{9E1C364E-EA27-4082-AB13-FBEBC90590BA}] => (Allow) D:\OriginGames\Battlefield 1942\BF1942.exe FirewallRules: [{2EB3B6C7-04D1-43DF-B4B0-B47348DBCD68}] => (Allow) D:\OriginGames\Battlefield 1942\BF1942.exe FirewallRules: [{DBB13B95-B032-45C2-A416-2E496104A650}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{5456B4DC-0D08-476B-B4CB-8BA97886248B}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{B3C9C811-6617-41F7-8833-D1B66AC7C967}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{122DB7AB-303C-4A23-8984-A4089D07A519}] => (Allow) D:\Steam\SteamApps\common\f12013\F1_2013.exe FirewallRules: [{BA4A4B55-61BE-49C7-B106-9CF16C1FEFCA}] => (Allow) D:\Steam\SteamApps\common\f12013\F1_2013.exe FirewallRules: [{5476BAD2-AE20-42B2-BFC6-58B987D9EC81}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{812E2119-243A-400E-B7FE-DEB6D62808AB}] => (Allow) D:\OriginGames\SimCity\SimCity\SimCity.exe FirewallRules: [{2C4E33E9-EDDF-4059-9790-647FCF83145D}] => (Allow) D:\OriginGames\SimCity\SimCity\SimCity.exe FirewallRules: [TCP Query User{60D69111-FE19-4415-B387-D97AE26AFD38}C:\program files\tmnationsforever\tmforever.exe] => (Block) C:\program files\tmnationsforever\tmforever.exe FirewallRules: [UDP Query User{F2DF262E-FF7C-484F-AA4E-63FF8880305C}C:\program files\tmnationsforever\tmforever.exe] => (Block) C:\program files\tmnationsforever\tmforever.exe FirewallRules: [{A3C3ECE5-F0B8-458B-BF51-A7F6BF8F5E0E}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{DAA3B140-1FED-47B5-9F25-FB8F35548A03}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{F14B2E24-FBC1-4546-BBB6-CCBF3E3C26CB}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe FirewallRules: [{1EBAA986-ABD7-469D-8126-C6A22AB47DCF}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe FirewallRules: [TCP Query User{DF57783D-CA97-4654-B267-AC96484B730F}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{695F1F23-F5F2-4E3A-93D3-C046C30B108D}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{18759B6E-98BA-4489-983D-ABCF93CE30A2}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{C48C23E4-CF37-4289-AC60-2FF3F377ACD4}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [{BAE39D93-BC07-4545-A838-D128E5D729B1}] => (Allow) C:\Users\Philipp\AppData\Local\Apps\2.0\AKHGTRNK.DG4\BWYE0CZZ.LL7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{BDC2FD03-237D-49E4-A6A2-8AE3211FB11A}] => (Allow) C:\Users\Philipp\AppData\Local\Apps\2.0\AKHGTRNK.DG4\BWYE0CZZ.LL7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{2A33F55E-5BBB-4A44-9852-D7FEA360081E}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{084ED6E8-0CDB-42C1-9716-21D9E1E099C3}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [TCP Query User{5A171416-5B5C-45E6-A06C-FD51ECCBBA01}C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe] => (Block) C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [UDP Query User{EC3DF4E2-12D4-4BEA-9E53-8BD42E933EE3}C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe] => (Block) C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{B3F421E8-5795-4576-A04B-678154A5D42C}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [{56B79544-76F5-4B6F-85BD-3CA9415A0BE3}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [TCP Query User{A674A672-4708-4C05-A7DD-7FC78F2ABAD6}C:\program files\unified remote\remoteserver.exe] => (Allow) C:\program files\unified remote\remoteserver.exe FirewallRules: [UDP Query User{C42108C2-C11D-4BCD-848F-C882C383AFF1}C:\program files\unified remote\remoteserver.exe] => (Allow) C:\program files\unified remote\remoteserver.exe FirewallRules: [{100DFB51-03A7-409A-8436-B1ADEDE290A7}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [{3D1CFBF6-1099-4721-A86E-438E12C875EA}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [{708B5EAF-95EC-428E-9AA3-7F8A3CC499D7}] => (Allow) D:\OriginGames\Crusader No Remorse\data\Game\DOSBox\DOSBox.exe FirewallRules: [{252252F8-D1E0-473A-8A33-743C157FAAAB}] => (Allow) D:\OriginGames\Crusader No Remorse\data\Game\DOSBox\DOSBox.exe FirewallRules: [{12369EEC-4B3E-4804-8395-3B1EE1D1F377}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{23965B5B-2D1F-4BC2-82F2-4E012CDB6110}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{D67CAA53-7942-4A91-8D54-03DE16AF77AA}] => (Allow) D:\Steam\SteamApps\common\ConSim2015\ConSim2015.exe FirewallRules: [{085EB9AF-D4B4-42D7-AA85-2FF13C776871}] => (Allow) D:\Steam\SteamApps\common\ConSim2015\ConSim2015.exe FirewallRules: [{13EC435C-D4A0-4045-9736-20D5C2A52E0F}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{766D54AC-FE82-4990-81C9-4B3E62FC1D8E}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{8147F4AA-6FEE-48F5-A257-DADCA6B3D1F7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{B59D5117-8BF8-4401-A031-594855C5359E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{2405E39F-611A-4841-8667-B7FAB332ED13}D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{98A5CF53-9EE7-4592-86E6-5A255E971ED4}D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{42389642-E7E4-4FA7-99F0-D17483626C6F}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{546675B7-4D5D-41B0-A82B-3C2AE0AED9AE}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{D536C9B7-6FD7-4BED-BA38-786F6BC6F0D1}] => (Allow) D:\OriginGames\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe FirewallRules: [{E9B75711-970D-4839-8F09-E9CBD427BD8F}] => (Allow) D:\OriginGames\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe FirewallRules: [TCP Query User{C6CA08AE-77C7-4910-BA3F-F5B62104D473}D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{A01E04CC-DD4B-4DC7-BBA1-803AF9013F05}D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe FirewallRules: [{97AA36F1-5AEC-4DDC-B29F-EAFECAFED590}] => (Allow) D:\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [{64A8BDA9-3510-479E-8F38-E4F33151AD66}] => (Allow) D:\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [TCP Query User{1B771FF4-E997-4B49-85A0-0C6AD41D89EC}D:\steam\steamapps\common\cry of fear\cof.exe] => (Allow) D:\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [UDP Query User{F82652F8-36FB-4B04-8D2F-76387FCB505E}D:\steam\steamapps\common\cry of fear\cof.exe] => (Allow) D:\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [{F42F3A51-5E79-42CD-97EC-8F46AFB3AEDA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3AF441F6-2448-4E93-AF29-F00F2983A81B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7BFDFD06-3266-44D4-9B6F-9297A1D1690E}] => (Allow) D:\Steam\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe FirewallRules: [{E8E33C1D-DB89-45E0-9666-8326023F9286}] => (Allow) D:\Steam\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe FirewallRules: [{62237A5E-264E-465C-8922-D8033386151C}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{13632916-2A53-489F-A5C5-39D17391DB93}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe FirewallRules: [TCP Query User{B2B45E24-4713-429D-8843-08E49BFC3B63}D:\euro truck simulator 2\online_updater.updated] => (Allow) D:\euro truck simulator 2\online_updater.updated FirewallRules: [UDP Query User{28213BD0-890D-4BB1-BFDC-4E6A88EEC219}D:\euro truck simulator 2\online_updater.updated] => (Allow) D:\euro truck simulator 2\online_updater.updated FirewallRules: [TCP Query User{ECD37DFE-AF6A-43DE-BA80-D3F9F08FE989}C:\users\philipp\appdata\local\apps\2.0\1qlj75j7.rxm\yvl6k5v2.zkw\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe] => (Allow) C:\users\philipp\appdata\local\apps\2.0\1qlj75j7.rxm\yvl6k5v2.zkw\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe FirewallRules: [UDP Query User{A3A06301-F786-459F-BCA9-9DC58DBB3E76}C:\users\philipp\appdata\local\apps\2.0\1qlj75j7.rxm\yvl6k5v2.zkw\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe] => (Allow) C:\users\philipp\appdata\local\apps\2.0\1qlj75j7.rxm\yvl6k5v2.zkw\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe FirewallRules: [{FFD0EA99-381B-4595-B538-BE3BE97CE6EC}] => (Allow) C:\Program Files\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [{916375A1-6C52-4160-99F5-CE7FA5A90628}] => (Allow) C:\Program Files\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [TCP Query User{D3ACC891-92D6-4031-AE3C-7A745B629338}D:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe] => (Allow) D:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe FirewallRules: [UDP Query User{CC831390-5A82-4DE0-BEE0-D48FAE77D52B}D:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe] => (Allow) D:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe FirewallRules: [{7286A81F-7D5D-4AEB-B31F-66A90CBC9D73}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{DA3E399D-DB36-4822-8E60-78BEB8525DFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{E2F6A7CC-FE8A-4A25-9A67-623F3D900DDF}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe FirewallRules: [UDP Query User{923E3411-F4A5-4857-8D70-67AF9193454C}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe FirewallRules: [{755160F9-D04E-44D0-80DC-A88497A99E87}] => (Allow) D:\VMWare Player\vmware-authd.exe FirewallRules: [{09F960B8-4C8B-4BD2-BDFD-E79A39D8D667}] => (Allow) D:\VMWare Player\vmware-authd.exe FirewallRules: [TCP Query User{F079D573-851E-48A5-B7C1-1FCFB4AE8F25}C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe] => (Allow) C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe FirewallRules: [UDP Query User{0E30DFD4-300E-41D4-8A97-01347B5A8FAF}C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe] => (Allow) C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe FirewallRules: [TCP Query User{87DD0B8C-383B-4D34-A3E6-9CB6F2D07D83}C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe] => (Allow) C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe FirewallRules: [UDP Query User{7B67D38B-0BE3-402F-A850-A35157E35F9B}C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe] => (Allow) C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe FirewallRules: [{1905163A-5F4D-4FE3-9C47-C1460068F4FA}] => (Block) C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe FirewallRules: [{1DFA478E-4B1C-4292-91CE-75ECE1D50BD8}] => (Block) C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe FirewallRules: [{2044ACDF-BFD7-4169-AB2E-38B58DB9CB85}] => (Block) C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe FirewallRules: [{5D2D7735-BEC5-494D-9279-A5C49D5C7022}] => (Block) C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe FirewallRules: [{173EC70F-F71F-46CE-BFC8-5F2D1CA861CC}] => (Allow) D:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{85E4A175-2840-4EAA-A7C8-2AA3B898D998}] => (Allow) D:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{BC11EAF7-90B2-4DE4-84FC-DE5BF80EA386}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{B2C0DA43-935C-4B4C-88EF-3DA32A32568B}D:\android\android studio\bin\studio.exe] => (Allow) D:\android\android studio\bin\studio.exe FirewallRules: [UDP Query User{DFB45AD5-52BE-421D-8F19-A981BAA1462A}D:\android\android studio\bin\studio.exe] => (Allow) D:\android\android studio\bin\studio.exe FirewallRules: [{3A8BCB5C-7973-4589-83EF-0B77D5F7548E}] => (Block) D:\android\android studio\bin\studio.exe FirewallRules: [{46CD44EA-DE14-48A7-A0DE-DFA3007B91E8}] => (Block) D:\android\android studio\bin\studio.exe ==================== Wiederherstellungspunkte ========================= 24-12-2015 20:32:21 Installiert Skiller PRO 25-12-2015 12:18:13 Installed Java SE Development Kit 7 Update 79 25-12-2015 12:22:00 Installed Java 7 Update 79 25-12-2015 21:07:18 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (12/26/2015 09:39:36 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/25/2015 07:45:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/25/2015 09:55:57 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/24/2015 08:32:18 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {3babe37e-c48e-4f09-b2aa-5ed75b8b058c} Error: (12/24/2015 01:48:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2015 07:43:37 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/22/2015 12:50:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/21/2015 08:35:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/21/2015 03:39:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: googledrivesync.exe, Version: 1.26.707.2863, Zeitstempel: 0x509418e4 Name des fehlerhaften Moduls: pyexpat.pyd, Version: 0.0.0.0, Zeitstempel: 0x55b99e69 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00011160 ID des fehlerhaften Prozesses: 0x12f0 Startzeit der fehlerhaften Anwendung: 0xgoogledrivesync.exe0 Pfad der fehlerhaften Anwendung: googledrivesync.exe1 Pfad des fehlerhaften Moduls: googledrivesync.exe2 Berichtskennung: googledrivesync.exe3 Error: (12/21/2015 02:05:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: TLR.exe, Version: 0.0.0.0, Zeitstempel: 0x3d109ee7 Name des fehlerhaften Moduls: TLR.exe, Version: 0.0.0.0, Zeitstempel: 0x3d109ee7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00074941 ID des fehlerhaften Prozesses: 0x1444 Startzeit der fehlerhaften Anwendung: 0xTLR.exe0 Pfad der fehlerhaften Anwendung: TLR.exe1 Pfad des fehlerhaften Moduls: TLR.exe2 Berichtskennung: TLR.exe3 Systemfehler: ============= Error: (12/26/2015 09:39:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: VBoxNetAdp Error: (12/26/2015 09:39:48 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (12/26/2015 09:37:58 AM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (12/26/2015 09:37:58 AM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (12/25/2015 09:46:09 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agent nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten. Error: (12/25/2015 09:46:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SDRSVC erreicht. Error: (12/25/2015 09:46:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht. Error: (12/25/2015 09:45:35 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (12/25/2015 09:45:35 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht. Error: (12/25/2015 09:45:05 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active CodeIntegrity: =================================== Date: 2015-08-03 12:45:31.987 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.925 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.894 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.597 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.473 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.441 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.426 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.395 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz Prozentuale Nutzung des RAM: 46% Installierter physikalischer RAM: 3071.27 MB Verfügbarer physikalischer RAM: 1645.67 MB Summe virtueller Speicher: 6140.86 MB Verfügbarer virtueller Speicher: 4213.12 MB ==================== Laufwerke ================================ Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:20.62 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (DATA) (Fixed) (Total:137.33 GB) (Free:24.5 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 97646C29) Partition 1: (Not Active) - (Size=11.7 GB) - (Type=1C) Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=137.3 GB) - (Type=OF Extended) ==================== Ende vom Addition.txt ============================ flowerwithlo |
26.12.2015, 12:49 | #3 |
| Routineuntersuchung Addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:25-12-2015 durchgeführt von Beamer (2015-12-26 12:14:52) Gestartet von C:\Users\Beamer\Desktop Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2009-12-25 16:59:54) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-644356114-2566177158-2502637254-500 - Administrator - Disabled) Beamer (S-1-5-21-644356114-2566177158-2502637254-1005 - Administrator - Enabled) => C:\Users\Beamer Ellen & Manuel (S-1-5-21-644356114-2566177158-2502637254-1008 - Limited - Enabled) => C:\Users\Ellen & Manuel Gast (S-1-5-21-644356114-2566177158-2502637254-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-644356114-2566177158-2502637254-1010 - Limited - Enabled) Jeffel (S-1-5-21-644356114-2566177158-2502637254-1000 - Administrator - Enabled) => C:\Users\Jeffel Manuel (S-1-5-21-644356114-2566177158-2502637254-1011 - Limited - Enabled) => C:\Users\Manuel Philipp (S-1-5-21-644356114-2566177158-2502637254-1004 - Administrator - Enabled) => C:\Users\Philipp ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 1&1 SmartFax (HKLM\...\1&1 SmartFax) (Version: 2.00.224 - 1&1 Internet AG) Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation) Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM\...\AmUStor) (Version: 1.4.1217.35202 - Alcor Micro Corp.) Alcor Micro USB Card Reader (Version: 1.4.1217.35202 - Alcor Micro Corp.) Hidden Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.) Apple Application Support (32-Bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ASUS CopyProtect (HKLM\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS) ASUS Data Security Manager (HKLM\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS) ASUS FancyStart (HKLM\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS MultiFrame (HKLM\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS) ASUS Power4Gear eXtreme (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.0.19 - ASUS) ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS) ASUS Touch Pad Extra (HKLM\...\{DB891739-2EB3-45A8-9CBD-941C255CECD4}) (Version: - ) ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus) Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0008 - ASUS) Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros) ATI Catalyst Install Manager (HKLM\...\{0AE24BD5-185C-436C-D93D-50574523C6C4}) (Version: 3.0.732.0 - ATI Technologies, Inc.) ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK) ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0053 - ASUS) ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS) ATKOSD2 (HKLM\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS) aTube Catcher (HKLM\...\aTube Catcher) (Version: 2.9.1462 - DsNET Corp) aTube Catcher Version 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team) Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.29 - Avanquest Software) Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - ) Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Avira Launcher (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.1.29781 - Ask.com) <==== ACHTUNG Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.1.29781 - Ask.com) <==== ACHTUNG Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.1.29781 - Ask.com) <==== ACHTUNG Bandicam (HKLM\...\Bandicam) (Version: 1.8.5.302 - Bandisoft.com) Battlefield 1942™ (HKLM\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts) BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.27.5408 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.27.5408 - BlueStack Systems, Inc.) Bob baut einen Park (HKLM\...\{367EDD83-302F-48E6-8F77-B0B056125C2D}) (Version: 1.0.0 - ) Bob der Baumeister (HKLM\...\{8F2D21F9-F428-4EF2-8111-953EF3299EFB}) (Version: 1.0.0 - ) Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - ) Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - ) Canon MP490 series Benutzerregistrierung (HKLM\...\Canon MP490 series Benutzerregistrierung) (Version: - ) Canon MP490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series) (Version: - ) Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - ) Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - ) Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - ) Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.) Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Construction-Simulator 2015 (HKLM\...\Steam App 289950) (Version: - weltenbauer. Software Entwicklung GmbH) Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman) Crusader No Remorse (HKLM\...\{2AEA735F-B393-4D89-93EF-5849CB72B4A3}) (Version: 1.0.0.2 - Electronic Arts) Cry of Fear (HKLM\...\Steam App 223710) (Version: - Team Psykskallar) CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.) CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) Diercke Globus Online (HKLM\...\Diercke Globus Online) (Version: 3.1.0 - Imagon GmbH) dm-Fotowelt (HKLM\...\dm-Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA) Dolby Control Center (HKLM\...\{0F3C61B5-3051-4DE6-8A6A-45100BCC1F41}) (Version: 1.2.0704 - Dolby) Dropbox (HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) Dropbox (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) Druckerdeinstallation für EPSON XP-312 313 315 Series (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation) Dual Monitor 1.22 (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu) Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation) EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version: - SEIKO EPSON Corporation) EPSON-Handbücher (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION) EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software) Express Gate (HKLM\...\{62CF8923-31DC-4285-A23C-17CE5AA6A679}) (Version: 1.0.3.2 - DeviceVM, Inc.) F1 2013 (HKLM\...\Steam App 223670) (Version: - Codemasters Birmingham) FIFA 09 (HKLM\...\{2315B23D-3E21-4920-837D-AE6460934ECB}) (Version: 1.0.1.1 - Electronic Arts) Firebird SQL Server - MAGIX Edition (HKLM\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG) FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin) FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Globus Fotoservice 4.4 (HKLM\...\Globus Fotoservice_is1) (Version: - ) Google Drive (HKLM\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.) Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) Hot Wheels (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{CF36DD86-81D3-4D91-8F7A-344E0C1A4BFD}) (Version: 1.00.0000 - Activision Value) Isola LEGO 2 (HKLM\...\{85967580-EBC2-11D4-AEA3-0050046A88ED}) (Version: - ) iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: 12.3.2.35 - Apple Inc.) Java 7 Update 79 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle) Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java SE Development Kit 7 Update 79 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle) Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden KingsoftOfficeXPlats 1.4 (HKLM\...\KingsoftOfficeXPlats) (Version: 1.4 - Kingsoft) LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - ) LBOTS Top mouse Driver (HKLM\...\{F1A273BD-6A9E-41D8-A111-5E56ACD286F8}) (Version: 1.0 - Togran) LEGO Racers 2 (HKLM\...\{3DD2E9EA-0544-4162-B8BE-E21E994E9F3B}) (Version: - ) Logitech Gaming Software (HKLM\...\{648F9C94-EC44-487B-9DA4-44ED72A082CC}) (Version: 4.50 - ) MAGIX Speed burnR (MSI) (HKLM\...\MX.{16884C3D-3512-486D-A2F9-39071551BFEF}) (Version: 7.0.2.6 - MAGIX AG) MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden MAGIX Video deluxe 2014 (HKLM\...\MX.{EA62B22F-AB0A-406B-80A9-8036D3CE3446}) (Version: 13.0.2.8 - MAGIX AG) MAGIX Video deluxe 2014 (Version: 13.0.2.8 - MAGIX AG) Hidden Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MergeModule_x86 (Version: 9.3.00 - Sony Corporation) Hidden Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}) (Version: 1.20.146.0 - Microsoft) Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Minigolf (HKLM\...\Minigolf_is1) (Version: - Meridian93) Monkey's Adventures (HKLM\...\Monkey's Adventures_is1) (Version: - play-publishing.com) Motorola Driver Installation 3.4.0 (HKLM\...\{81B3BEF9-5D97-4096-86E9-5B48A5BC32D0}) (Version: 3.4.0 - Motorola Inc.) Motorola Phone Tools (HKLM\...\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}) (Version: 5.0.7a 4/01/2008 - Avanquest Software) Motorola Phone Tools (Version: 4.30 - BVRP Software) Hidden Motorola Phone Tools (Version: 5.00 - BVRP Software) Hidden Mozilla Firefox 43.0.2 (x86 de) (HKLM\...\Mozilla Firefox 43.0.2 (x86 de)) (Version: 43.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.2.5833 - Mozilla) Mozilla Thunderbird 38.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version: 38.4.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyPublicWiFi 5.1 (HKLM\...\{C08D782B-9281-406B-ABCE-326DA70B8A1F}_is1) (Version: - TRUE Software) Mystery P.I. - The London Caper (HKLM\...\Mystery P.I. - The London Caper) (Version: - PopCap Games) NB Probe (HKLM\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version: - ) Net4Switch (HKLM\...\{9D6D7811-43B3-463C-BC79-5D1755269989}) (Version: 1.00.0019 - ASUS) NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - ) Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden Notepad++ (HKLM\...\Notepad++) (Version: 6.1.2 - ) Oddworld: Abe's Oddysee (HKLM\...\Steam App 15700) (Version: - Oddworld Inhabitants) OpenAL (HKLM\...\OpenAL) (Version: - ) Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.) pdfsam (HKLM\...\pdfsam) (Version: 2.2.0 - ) Peter Lustigs Verkehrsschule (HKLM\...\Verkehrsschule) (Version: - ) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) PlayMemories Home (HKLM\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.0.03.11020 - Sony Corporation) PMB_ModeEditor (Version: 9.3.00 - Sony Corporation) Hidden PMB_ServiceUploader (Version: 10.0.03 - Sony Corporation) Hidden Python 3.5.1 (32-bit) (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation) Python 3.5.1 (Anaconda3 2.4.1 32-bit) (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Python 3.5.1 (Anaconda3 2.4.1 32-bit)) (Version: 2.4.1 - Continuum Analytics, Inc.) Python 3.5.1 Core Interpreter (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Development Libraries (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Documentation (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Executables (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Launcher (32-bit) (HKLM\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation) Python 3.5.1 pip Bootstrap (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Standard Library (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Tcl/Tk Support (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Test Suite (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Utility Scripts (32-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden QuickTime 7 (HKLM\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Roads Of Rome (HKLM\...\Roads Of Rome_is1) (Version: - Realore Studios) Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Samsung Kies (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SimCity™ (HKLM\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts) Skiller PRO (HKLM\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies) Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.) Software Updater (HKLM\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION) <==== ACHTUNG Steam (HKLM\...\Steam) (Version: - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.1.1 - Synaptics Incorporated) TeamSpeak 3 Client (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Theme Hospital (HKLM\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts) TI-Nspire™ CAS Student Software (HKLM\...\{F03A8756-7FCB-4DCD-9AC1-12C63A6075F1}) (Version: 3.9.0.463 - Texas Instruments Inc.) TI-Nspire™ CX Student Software (HKLM\...\{99D1FC9E-5C33-4B49-ABA3-52D6CE943766}) (Version: 4.0.0.235 - Texas Instruments Inc.) TIPP10 Version 2.1.0 (HKLM\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions) TmNationsForever (HKLM\...\TmNationsForever_is1) (Version: - Nadeo) TOGGO PC-Spielebox 2 (HKLM\...\{67EECE0C-8B6C-4D09-989D-D39BC9BBCA0E}) (Version: 1.00.0000 - ) Toyland Racer (HKLM\...\Toyland Racer) (Version: - ) Unified Remote (HKLM\...\{D7930C67-5816-417B-BF28-54BB75EFDAF9}) (Version: 2.14.4.0 - Unified Remote) Unity Web Player (HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: - Unity Technologies ApS) upapp (HKLM\...\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}) (Version: 0.20.0000 - Hewlett-Packard) Uplay (HKLM\...\Uplay) (Version: 12.0 - Ubisoft) USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - ) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) VMware Player (HKLM\...\VMware_Player) (Version: 6.0.7 - VMware, Inc) VMware Player (Version: 6.0.7 - VMware, Inc.) Hidden VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden VTech Download Manager (HKLM\...\VTechDownloadManager) (Version: - VTech) Werksfeuerwehr-Simulator Version 1.0 (HKLM\...\{5F7ED0CD-E04E-4441-9E03-10AFDB654E96}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH) WestwoodOnline (HKLM\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline) Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) WinFlash (HKLM\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS) WinRAR (HKLM\...\WinRAR archiver) (Version: - ) Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.10 - ATK) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{4D72E5BC-BC7C-11E0-83CA-10424824019B}\InprocServer32 -> C:\Users\Beamer\AppData\Local\ASKTOO~1\DOWNLO~1\AviraIDW.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{595EF3BD-A186-454A-810C-02015139ACDC}\InprocServer32 -> C:\Users\Beamer\AppData\Local\ASKTOO~1\DOWNLO~1\Avira.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> "C:\Users\Jeffel\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe" => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> "C:\Users\Jeffel\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe" => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> "C:\Users\Jeffel\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe" => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> "C:\Users\Jeffel\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe" => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Beamer\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}\InprocServer32 -> C:\Users\Beamer\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~1.DLL => Keine Datei CustomCLSID: HKU\S-1-5-21-644356114-2566177158-2502637254-1005_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Beamer\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {022E57E0-C220-4A4E-AC90-D2C8DACAFB9D} - System32\Tasks\{4E4F2CAC-AA02-4AC1-8E3F-7F64288279A5} => C:\Program Files\LEGO Media\Spiele\LEGOLAND\legoland.exe [2000-05-31] (Krisalis Software Ltd.) Task: {062DB597-D745-4B4F-8444-3530722D8F45} - System32\Tasks\Core Temp Autostart => C:\Program Files\Core Temp\Core Temp.exe [2010-07-05] () Task: {08271361-89BF-4F1E-847E-1CA1ED3F6641} - System32\Tasks\{4B77430A-A839-4A8D-9AC6-DFE4CD36D283} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {0CF8F249-C5F7-475C-866F-21E7073015BD} - System32\Tasks\{EBC19F45-7508-4844-801A-11E762E37D12} => C:\Program Files\Ford Racing 2\fr2.exe Task: {0D72A5A0-375A-4832-9640-BAF16628647F} - System32\Tasks\EPSON XP-412 413 415 Series Update {0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {0FB6D721-7BEF-4B45-8E9C-A271B66DE5F2} - System32\Tasks\{07EB860E-F755-4932-9D3F-42431206EE3B} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {10DE5D12-366D-4EFB-9E1B-A5431C45ADC4} - System32\Tasks\{8AC62F6C-CFBA-4FA8-8592-D8DBAF919A41} => C:\Program Files\Ford Racing 2\fr2.exe Task: {11F32470-4328-4A83-9232-80BC5F42F305} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {5ED40A39-9E20-4A57-9853-44602CD12F7A} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {13CEC175-DFF4-4468-A045-29A526295C70} - System32\Tasks\{09EF0FB5-FFC5-4873-8A09-BA67F477983B} => C:\Program Files\Ford Racing 2\fr2.exe Task: {16A24A9E-DAB7-4860-94FD-851235C89820} - System32\Tasks\{2F3444E4-EAF5-4F9D-B44F-0359C6E1E962} => C:\Program Files\LEGO Media\Island Xtreme Stunts\FindDisc.exe Task: {16E7A595-0943-4C27-81FD-3C0F4846CBB9} - System32\Tasks\{718A9724-BA58-4A15-BA3F-28AD141B9FD7} => C:\Program Files\Logitech\Profiler\LWEmon.exe [2004-05-19] (Logitech Inc.) Task: {189C40ED-B151-444D-86FA-72B2F6B581EA} - System32\Tasks\{EEA39017-C6C8-42D6-83AD-AC789FF71125} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {1C2351DE-232B-4961-840F-EE0D68EB5EF4} - System32\Tasks\{81FAAD8E-E607-4907-9205-969E20593CF7} => C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe Task: {1C3E5FAC-1D4A-44B7-8E56-854A6F4CDE64} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {1DD33B99-F5E8-460F-BD30-B40888E8C53E} - System32\Tasks\{DB5AE33D-F764-456D-9421-62DA1F9288C7} => pcalua.exe -a "D:\DT\DAEMON Tools Lite\DTLite.exe" -d "D:\DT\DAEMON Tools Lite" Task: {1E3565F3-04AA-44DB-B8B7-F35A50CC9057} - System32\Tasks\{07FA7B80-D838-4C87-9F76-696E853348E0} => C:\Program Files\LEGO Interactive\Island Xtreme Stunts\FindDisc.exe Task: {2262B621-3FBA-4C58-8344-886110A30AF0} - System32\Tasks\{275198ED-E85E-4D37-9669-8DAC2931B05F} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {247A3341-0057-4368-A7D0-C80FC9FAFE17} - System32\Tasks\EPSON XP-412 413 415 Series Update {8E930F63-634A-4A6E-B3D4-E602BD0DCCD0} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {27685E6B-A6D7-4064-A4B9-1F485556156D} - System32\Tasks\{D1391C33-4665-4D75-B346-6737F2BFE6AE} => C:\Program Files\Janosch\Verkehr.exe [1998-04-16] (Macromedia, Inc.) Task: {279BEA6F-528A-4E59-B4D6-EF67500EC149} - System32\Tasks\{4CB1BAEC-7E20-4475-942D-B2ECD3C7BDE5} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {2C842B08-3AB4-4249-8416-A5F0C4254CBB} - System32\Tasks\{E26735BF-5210-43CB-908E-8A7923966B55} => C:\Program Files\Ford Racing 2\fr2.exe Task: {2E316E44-A20D-4E6C-8597-A4349A8F0F7B} - System32\Tasks\{0E84DB2D-E2CE-4939-A87C-0A7FEF5598A0} => C:\Program Files\LEGO Media\Island Xtreme Stunts\FindDisc.exe Task: {2EB3D3F5-13C7-448C-98A4-8E8B09A66A7C} - System32\Tasks\{1833D727-C5CA-45F6-B130-C78FC735305C} => C:\Program Files\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.) Task: {3701EA83-EDC0-434F-8AB9-FE21AAE4072D} - System32\Tasks\{08709750-B91C-4722-844A-B78F6762E37B} => C:\Program Files\EA Sports\FIFA 09\FIFA09.exe [2008-10-23] () Task: {37B9496D-79A9-4BCE-AFE4-B5463740A943} - System32\Tasks\{F9594586-61F2-41B8-A093-C8719E057E91} => C:\Program Files\Janosch\Verkehr.exe [1998-04-16] (Macromedia, Inc.) Task: {393F6F51-0E95-4952-8BAD-E1DDD5FFF5DA} - System32\Tasks\{01E58447-78A0-4CD3-BFAF-44C036E4F3F7} => C:\Program Files\Ford Racing 2\fr2.exe Task: {394592EC-79F9-49B8-A307-37950D07C1B9} - System32\Tasks\{E9474EA8-9D29-4DF8-9857-8726D1F8FCD4} => C:\Program Files\LEGO Media\Island Xtreme Stunts\FindDisc.exe Task: {3A161975-54C5-4DBB-8AB5-563F0BA63B7E} - System32\Tasks\{BBCB2F70-2DD9-4FDF-BA21-9F4AC8615359} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {3BC1FA8B-E302-4DEC-8AA9-B70DE9D839F7} - System32\Tasks\{15248D75-D51C-4771-8D5B-C56A5DC1D3F4} => C:\Program Files\OpenOffice.org 3\program\soffice.exe Task: {3DF4B1BA-C6BA-4565-9C58-0A27C06A1D4C} - System32\Tasks\{10DEF6AD-CAED-48C8-85EB-BD3A12C54209} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {3ECE4DE4-C76E-486F-A045-0713A65EC396} - System32\Tasks\{C5F0B686-DAD5-46B7-8DC1-EEF6742294DF} => C:\Program Files\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.) Task: {3EF06EA8-17AE-4451-96B0-2ED48FE15BE6} - System32\Tasks\{FFB859B9-8F39-438E-A00B-543A2BC334B5} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {4299562C-9C52-4B20-9BF8-D294B2969604} - System32\Tasks\{CE1034B1-CDF0-44ED-A78A-0E1B67A19078} => pcalua.exe -a E:\SETUP.EXE -d E:\ Task: {4A3D5C4F-7A49-48E2-BE04-A2DECC4146C2} - System32\Tasks\{4DF731FE-39D2-4735-963D-B33DC6BF1776} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {4A67723A-2FCB-49F6-A2FE-983B5EEE89A2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {4B952069-F7C4-4178-932C-D9AD6435A3EE} - System32\Tasks\{9F523BAE-9190-4380-B2B3-96FB780FE112} => pcalua.exe -a C:\Users\Philipp\Desktop\jxpiinstall.exe -d C:\Users\Philipp\Desktop Task: {4B9BA069-9E54-412A-90D7-CBB925EBF5FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated) Task: {4D2676FB-5EC2-4044-897A-45B547B13687} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {4D8CE3D9-10E6-4EF4-9C8E-39AD6D90EEEB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000UA => C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.) Task: {4E453841-EE58-4AA6-8514-3E30F217B1BE} - System32\Tasks\{E56CE78F-3DF9-4305-8336-77785549E0F4} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {542676B6-E1CE-4B5C-BDF2-C00ECFB38DBC} - System32\Tasks\{42963256-E132-413E-A4D9-4AD87B590641} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {543E71B8-E7BE-4FDA-AD19-CC490CA91848} - System32\Tasks\{09D857DD-F75F-4669-84AC-9B2B4F91002A} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs Task: {576416B1-5229-4BB5-8F5F-5EB4CE34693A} - System32\Tasks\{0AD9175A-E960-4F4A-B254-A7FFF532194A} => C:\Program Files\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.) Task: {592F7F57-9C8F-4F5D-9A75-D8444CAF5A34} - System32\Tasks\{3A608F0C-88F6-4101-A24D-5888FB4E1675} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {5B3DB1D0-2D67-4C1C-BA0C-73372A98F89C} - System32\Tasks\{8B5019D5-0BD6-4708-A1CA-DE33DAF12937} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {5CC8A7A0-EB94-45A9-8C14-10D1FA017AA5} - System32\Tasks\{D6670E02-8F5A-46ED-BFE4-8AEF911AB2FE} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {5D8E271A-4247-422B-BB0B-A0F60CD4F2EE} - System32\Tasks\{CF4F2AC7-7291-4854-8184-33979FBEEA3A} => C:\Program Files\Logitech\Profiler\LWEMon.exe [2004-05-19] (Logitech Inc.) Task: {6997CFAE-6B39-4219-A1BB-BFCA1A25B735} - System32\Tasks\ACMON => C:\Program Files\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK) Task: {6A3412A9-BC75-40BF-9F55-FA86316D3CF1} - System32\Tasks\{0C67CB2E-6FD7-4066-BB5C-E3110D04E8C5} => pcalua.exe -a C:\Users\Philipp\Desktop\setup.exe -d C:\Users\Philipp\Desktop Task: {6BCBF903-EFC8-4841-A00B-8A98F9B42040} - System32\Tasks\{5F24C263-DED9-48A3-85E4-2AF0241EDD56} => pcalua.exe -a C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\UNWISE.EXE -c C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\INSTALL.LOG Task: {6C2BAF56-D5B0-4D25-BFA4-8A03090E90F4} - System32\Tasks\{35BF4035-207B-4DDB-A7D9-DAE7569EA9A7} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {6C5770B2-BC99-471B-A8CA-DD9000A28ABF} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {6C7963B0-501B-464F-85BB-0F1A98CB0EE2} - System32\Tasks\{ACD04780-E85C-4752-806D-C7E0B65CA043} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {6FAF6F7D-1CDF-4408-A9E7-F480AFD09927} - System32\Tasks\{224E176B-C279-4E30-BFAC-74EDBD3DF2AA} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {7135554E-B506-4704-8BB8-4D0695B3D001} - System32\Tasks\{A64FB61E-6B30-4575-8E47-B986BC7611A4} => pcalua.exe -a C:\Users\Philipp\Desktop\VirtualBox-5.0.10-104061-Win.exe -d C:\Users\Philipp\Desktop Task: {71707D88-0843-4073-AFAC-21043703B9B5} - System32\Tasks\{B5BE686C-6877-4712-B359-6260EE6BAA94} => C:\Program Files\Ford Racing 2\fr2.exe Task: {72ED54C5-EAAC-4283-858E-E531B2490992} - System32\Tasks\{795C6E6E-FAAA-4431-A918-937A78C53BB2} => C:\Program Files\Ford Racing 2\fr2.exe Task: {7585CE6A-F9B1-4E6E-856F-617D6D00D54C} - System32\Tasks\Net4Switch => C:\Program Files\ASUS\Net4Switch\Net4Switch.exe [2007-11-20] (ASUS) Task: {79B505CA-4391-4F82-93B8-F6A10F007D29} - System32\Tasks\{E9F1D326-BB8E-416E-A09B-6DEFFC535CE7} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {7B9BD304-C851-42BA-B29B-8832C02B513D} - System32\Tasks\{AA91F360-BE81-48A9-9CFE-2565918BACBC} => C:\Program Files\Janosch\Verkehr.exe [1998-04-16] (Macromedia, Inc.) Task: {7BBE44D8-A420-4877-91D3-43AD4DF8740A} - System32\Tasks\{99B1E97F-436E-4429-ABA3-7E618A478667} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {805902FB-18D4-403F-9263-0624A07154E2} - System32\Tasks\{1648ED5A-2D13-4C52-AE7C-31297200C10D} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {85417455-F0F1-41C5-8316-B8DFEB8C8918} - System32\Tasks\{1A5C41D9-30DC-4783-B8B0-CEC6F0B3E839} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {86094599-821F-4E9B-8E55-9AF40185191E} - System32\Tasks\{ED62F36F-605A-4AE1-8208-FD5CA76699B4} => C:\Program Files\LEGO Media\Island Xtreme Stunts\FindDisc.exe Task: {8B3014D9-EB90-4483-B8E6-B492402A6DF0} - System32\Tasks\{12845C94-D0B6-4BDA-A9FB-5B154245A6D4} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {8DBA4AC8-B6E1-4E21-92E1-6F5BD04CBC59} - System32\Tasks\{805913F2-AD7E-416D-BA65-5BCB278D42E1} => C:\Program Files\LEGO Schach\Lego Chess.exe Task: {8FB70F6E-172F-42D9-AD4A-91E5AFF5A7B5} - System32\Tasks\{20881F0F-F213-4B1D-AC68-02FABF50C1CE} => C:\Program Files\LEGO Media\Spiele\LEGOLAND\legoland.exe [2000-05-31] (Krisalis Software Ltd.) Task: {9057296A-F885-41B1-8E01-EF575CEF376C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {90FFF327-1728-488D-BE4E-FA1232DD7BB6} - System32\Tasks\{14EDE9BC-20F9-4EFA-AC7D-6EB4C5A76C71} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {99C2E64D-3C78-4488-8CF3-672D6E3DB446} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000Core => C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.) Task: {99C91901-9432-4EA7-87F8-55A525B95ABA} - System32\Tasks\{E2D1EE7B-E7AD-4C2D-AAB0-AC383A6F07CC} => C:\Program Files\Janosch\Verkehr.exe [1998-04-16] (Macromedia, Inc.) Task: {A0215012-5C94-40CA-9A43-2F200B61A4A2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1004UA => C:\Users\Philipp\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {A0EC8CE0-03D7-4A0E-A8FA-0380AF2A1FF0} - System32\Tasks\{D884D7E7-64A4-45DE-98FD-56D8596FCD34} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {A93B8A4D-244F-453C-9B10-DB60E36A1C57} - System32\Tasks\EPSON XP-312 313 315 Series Update {5ED40A39-9E20-4A57-9853-44602CD12F7A} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {A9443690-748A-45F1-8D64-6AA0294F58AE} - System32\Tasks\{A5E9A2AB-D783-444B-ACEA-988C9C2827BD} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {B22899B8-49AC-43DA-B2BF-CCB47C542539} - System32\Tasks\{37C1FFED-5F13-4EA4-B8E0-FBC3039B59DA} => C:\Program Files\LEGO Interactive\Island Xtreme Stunts\FindDisc.exe Task: {B2FDDA94-D222-4673-A9AF-CAE32F13265A} - System32\Tasks\{57123DD4-3701-4890-8F5E-69253F2A254E} => C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe Task: {B3B4709A-B606-4F54-A90A-116F93D8512E} - System32\Tasks\ASPG => C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS) Task: {B7D4A3DB-3927-46B0-A840-174630359DE6} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS) Task: {BDC925F9-1584-4227-BF87-557F6DC13464} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1004Core => C:\Users\Philipp\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {C01F96CD-E814-4B3B-8ADB-B61746C44F27} - System32\Tasks\{47B8FC20-7DB8-48A6-83BC-E7C34E62CC8B} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {C361CDD7-C67A-4CB4-A515-59B3F225DF8C} - System32\Tasks\{6C5CE7EA-6EC5-497C-8FAE-8DDE494754CC} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {C6D305DC-A5B7-4BD2-B434-64B58E96E1B9} - System32\Tasks\{83270C1C-EFD0-435A-B354-DB444A4E64F7} => C:\Program Files\LEGO Interactive\Island Xtreme Stunts\FindDisc.exe Task: {C71C0104-D3E3-49D0-886E-850A0EA0A519} - System32\Tasks\{629DDE4B-7DAE-4321-B366-19139E71F9C4} => C:\Program Files\Ford Racing 2\fr2.exe Task: {CB2F551A-DAD5-4B49-B792-CD0C28A87319} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {CCCDE7C4-AC7C-4DD5-98AB-1DDF96CC1A00} - System32\Tasks\{5E36B9A2-EA7B-4338-B839-BA06E700C7A7} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {CFEED608-2BCD-40B0-858C-EF702ACC7888} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {8E930F63-634A-4A6E-B3D4-E602BD0DCCD0} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {D2D316AA-04AB-4C85-B4E6-0FFA7C1B5CAD} - System32\Tasks\{897420D6-2E83-4F0C-9542-4235DE3ADD9D} => C:\Program Files\Ford Racing 2\fr2.exe Task: {D428F363-CD1D-4CEC-BCFD-7895783F2746} - System32\Tasks\{740C00F2-0AF4-462D-B602-FAA959059F5E} => C:\Program Files\LEGO Media\Spiele\LEGOLAND\legoland.exe [2000-05-31] (Krisalis Software Ltd.) Task: {D943FB3E-EB45-43CD-91A6-A055E15CE059} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {DA81BBC7-677C-4A44-A056-CB90DC977864} - System32\Tasks\{0D730403-F736-400F-B631-19B8BC0E1E30} => C:\Program Files\EA Sports\FIFA 09\FIFA09.exe [2008-10-23] () Task: {DB85DFE2-B398-4D92-BA2A-821880861383} - System32\Tasks\{846920E1-73B4-4C1B-801F-BA087FE5EEF8} => C:\Program Files\LEGO Schach\Lego Chess.exe Task: {DC34DD92-92FA-4E52-A136-C3C2FC249AE5} - System32\Tasks\{9D61A73B-0DE2-48FE-A2B3-088709BD7D2C} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {DC6CEF1A-D549-42B2-87D2-274BEC35D662} - System32\Tasks\{C1FB456D-5102-4D69-A102-59FBB9C799C1} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {DE31F299-BD40-4A25-BB8A-10EC1ADC4783} - System32\Tasks\{E39103FF-9002-43CF-B483-1326522EF959} => C:\Program Files\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs Task: {E54FD084-9DE3-498A-8ECB-F723F22FAB84} - System32\Tasks\{A48CA2AC-8CD3-4B01-9BD2-E56D49ADD8F7} => C:\Program Files\EA Sports\FIFA 09\FIFA09.exe [2008-10-23] () Task: {E5AB5213-9D14-427E-BF04-B685E363ABF9} - System32\Tasks\{F8DD370C-1C9B-4B99-A221-D936EDE7FDAD} => C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe Task: {E61935EA-A141-496D-BA9E-CF4C3EF3795D} - System32\Tasks\{3CB8A215-9260-42B8-8D9B-FA81017EED9A} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {ECE35F5A-90AC-475C-9DA4-5E3081442D68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {EDFDEDC0-7152-4BC4-8E7A-2D96E5C6D8D7} - System32\Tasks\{6DD7CCD6-3D1C-4DA7-B895-4F4F95745358} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {EEA6A0A0-E1CD-4583-B178-0690064E5D8F} - System32\Tasks\{EE69846A-E56D-493D-B5DA-858DE7FA218B} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {F74F66A2-BA11-4AEC-A516-F153CDCD3451} - System32\Tasks\{2EF7C677-995A-413F-93CA-F39A6D35363C} => C:\Program Files\Ford Racing 2\fr2.exe Task: {F7E36632-B92F-40E5-8FDF-60225CFB5CB3} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Jeffel => C:\Program Files\Windows Calendar\WinCal.exe Task: {F8E4E8A9-959E-4214-8706-20AE311FFA86} - System32\Tasks\{D1117AB3-5D96-42EF-8AE2-EE14F8692D60} => C:\Program Files\LEGO Interactive\Island Xtreme Stunts\FindDisc.exe Task: {F8EF940F-03BD-46F5-A998-1540C6587472} - System32\Tasks\{FB7C2341-6721-4B95-A6AE-136D881A01F3} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe Task: {F9428F41-B2CF-431B-8A33-32AD9E73E88C} - System32\Tasks\{BF78135C-D9BB-42BD-8E6A-0FBBC5ACA700} => C:\Program Files\LEGO Media\Island Xtreme Stunts\FindDisc.exe Task: {FD11DEA1-27EB-480A-ADD0-60B1E33E6B31} - System32\Tasks\{DA19A5B2-B0BB-49BA-854B-43FECBBC9387} => C:\Program Files\Logitech\Profiler\LWEmon.exe [2004-05-19] (Logitech Inc.) Task: {FD3008D4-9573-44C7-B144-BA5C02B4BFCA} - System32\Tasks\{3E7DE8B7-79CA-4BC7-A84E-390073C4E375} => C:\Program Files\LEGO Media\Games\LEGO Schach\Lego Chess.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000Core.job => C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000UA.job => C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1004Core.job => C:\Users\Philipp\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1004UA.job => C:\Users\Philipp\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLFE.EXE Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLFE.EXE:/EXE:{5ED40A39-9E20-4A57-9853-44602CD12F7A} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {8E930F63-634A-4A6E-B3D4-E602BD0DCCD0}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE:/EXE:{0511BFCD-0B62-46C4-87C3-E5EF40F7FB7C} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {8E930F63-634A-4A6E-B3D4-E602BD0DCCD0}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE:/EXE:{8E930F63-634A-4A6E-B3D4-E602BD0DCCD0} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-06-24 14:28 - 2015-06-24 14:28 - 01301720 _____ () D:\VMWare Player\libxml2.dll 2007-06-15 10:28 - 2007-06-15 10:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll 2007-06-01 17:08 - 2007-06-01 17:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll 2010-01-01 11:48 - 2009-12-12 15:12 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll 2009-12-25 18:28 - 2007-11-30 11:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe 2008-09-30 23:02 - 2008-09-30 23:02 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll 2009-12-25 18:34 - 2007-07-27 15:10 - 00049152 _____ () C:\Program Files\ASUS\Net4Switch\ResItf.dll 2009-12-25 18:34 - 2009-07-03 13:04 - 00084992 _____ () C:\Program Files\ASUS\Net4Switch\cxcmrt.dll 2009-12-25 18:34 - 2009-07-03 13:13 - 00074752 _____ () C:\Program Files\ASUS\Net4Switch\ipswobj.dll 2009-12-25 18:34 - 2009-07-01 16:46 - 00461824 _____ () C:\Program Files\ASUS\Net4Switch\ipswresmgr.dll 2009-12-25 18:34 - 2009-07-03 13:12 - 00049152 _____ () C:\Program Files\ASUS\Net4Switch\ipswhlp.dll 2009-12-25 18:34 - 2009-07-08 11:24 - 00167424 _____ () C:\Program Files\ASUS\Net4Switch\ipsw_cfgmgr.dll 2009-12-25 18:34 - 2009-07-03 13:12 - 00089088 _____ () C:\Program Files\ASUS\Net4Switch\ipswds.dll 2009-12-25 18:34 - 2009-07-03 13:12 - 00065024 _____ () C:\Program Files\ASUS\Net4Switch\ipswgblset.dll 2009-12-25 18:34 - 2009-07-03 13:40 - 00085504 _____ () C:\Program Files\ASUS\Net4Switch\LogonStartup.dll 2009-12-25 18:34 - 2009-07-09 17:41 - 00222720 ____N () C:\Program Files\ASUS\Net4Switch\ipswsysmon.dll 2009-12-25 18:34 - 2009-07-03 13:21 - 00042496 _____ () C:\Program Files\ASUS\Net4Switch\iphelper.dll 2009-12-25 18:34 - 2009-07-03 13:11 - 00267264 _____ () C:\Program Files\ASUS\Net4Switch\ipswcore.dll 2009-12-25 18:34 - 2009-07-03 13:13 - 00297984 _____ () C:\Program Files\ASUS\Net4Switch\ipswui.dll 2013-12-24 19:39 - 2012-11-19 23:44 - 00786432 _____ () D:\Gaming Maus\DareUMonitor.exe 2013-12-24 19:39 - 2013-03-27 12:48 - 00057344 _____ () D:\Gaming Maus\lan.dll 2013-12-24 19:39 - 2012-04-19 17:15 - 00061440 _____ () D:\Gaming Maus\hiddriver.dll 2014-10-13 02:49 - 2014-06-20 07:42 - 00401280 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe 2014-10-13 02:49 - 2014-03-04 12:20 - 00117760 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll 2014-10-13 02:49 - 2014-04-22 03:14 - 00065536 _____ () C:\Program Files\VTech\DownloadManager\System\QHttpServer.dll 2014-10-13 02:49 - 2014-05-06 06:39 - 00861184 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\platforms\qwindows.dll 2014-10-13 02:49 - 2014-05-06 06:38 - 00021504 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qgif.dll 2014-10-13 02:49 - 2014-05-06 06:38 - 00020992 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qico.dll 2014-10-13 02:49 - 2014-05-06 06:38 - 00204800 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll 2014-10-13 02:49 - 2014-05-06 11:44 - 00218112 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qmng.dll 2014-10-13 02:49 - 2014-05-06 06:58 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll 2014-10-13 02:49 - 2014-05-06 11:44 - 00015360 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtga.dll 2014-10-13 02:49 - 2014-05-06 11:44 - 00307712 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll 2014-10-13 02:49 - 2014-05-06 11:44 - 00014848 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll 2014-10-13 02:49 - 2014-05-06 07:31 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll 2014-10-13 02:49 - 2014-05-06 06:38 - 00036352 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll 2014-10-13 02:49 - 2014-05-06 06:38 - 00038912 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll 2009-08-19 03:53 - 2007-07-06 00:53 - 01040384 _____ () C:\Program Files\Wireless Console 2\wcourier.exe 2015-12-24 20:32 - 2015-07-20 17:15 - 00057344 _____ () D:\Gaming Tastatur\lan.dll 2015-12-24 20:32 - 2012-08-14 22:41 - 00061440 _____ () D:\Gaming Tastatur\hiddriver.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2006-11-02 11:23 - 2015-06-17 17:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-644356114-2566177158-2502637254-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jeffel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-644356114-2566177158-2502637254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-644356114-2566177158-2502637254-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Beamer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-644356114-2566177158-2502637254-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Beamer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-644356114-2566177158-2502637254-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Ellen & Manuel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-644356114-2566177158-2502637254-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.188.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: ATKGFNEXSrv => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BstHdAndroidSvc => 3 MSCONFIG\Services: BstHdLogRotatorSvc => 3 MSCONFIG\Services: BstHdUpdaterSvc => 3 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: ehRecvr => 3 MSCONFIG\Services: ehSched => 3 MSCONFIG\Services: EpsonScanSvc => 2 MSCONFIG\Services: FirebirdServerMAGIXInstance => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: IEEtwCollectorService => 3 MSCONFIG\Services: IJPLMSVC => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MDES => 2 MSCONFIG\Services: MyPublicWiFiService => 2 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: spmgr => 2 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Philipp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AlcoholAutomount => "D:\Alcohol 120\axcmd.exe" /automount MSCONFIG\startupreg: AmIcoSinglun => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ASUS Camera ScreenSaver => C:\Windows\AsScrProlog.exe MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\ASScrPro.exe MSCONFIG\startupreg: ASUSTPE => C:\Windows\system32\ASUSTPE.exe MSCONFIG\startupreg: AVMUSBFernanschluss => "C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe" MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" MSCONFIG\startupreg: DAEMON Tools Lite => "D:\DT\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: EADM => C:\Program Files\Origin\Origin.exe -AutoStart MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KiesTrayAgent => D:\Samsung Kies\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: PMBVolumeWatcher => D:\Sony\PMBVolumeWatcher.exe /SysAutoRun MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun ==================== FirewallRules (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{98B426BE-4154-48E7-A940-C28AD6AB3C7E}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{A0ED8D77-C475-4A7C-9683-E33EF6CA08AE}] => (Allow) svchost.exe FirewallRules: [{5A959ABA-B81C-408F-9BF9-A382D827ED17}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [TCP Query User{92FF86AB-5408-4239-86CD-713C52CC5E72}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [UDP Query User{756D4762-70FE-4F03-9A42-0F627F10CBF8}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [TCP Query User{F15C73F2-09B2-4D70-B6C1-FCB8C6C3077A}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [UDP Query User{3518798C-9464-4B02-B79D-33060DE82A80}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [TCP Query User{F87691B0-9C93-4349-8E2B-69BF1B0D816D}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{0756E3CD-F4D3-4373-BCB1-583FDDA22919}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{6939840F-897B-42B5-8E48-6E97937198B0}] => (Allow) svchost.exe FirewallRules: [{59E3FF2C-493B-4937-9A37-DA9D1CAAFC4B}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{A1DE6356-BBC4-48A8-B039-88DEB224609A}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{E3168A96-5F5E-4485-AD0D-7AE6A2596564}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{4AF10D0E-C4C1-40A2-936B-C6F2AB12613B}C:\program files\tmnationsforever\tmforever.exe] => (Allow) C:\program files\tmnationsforever\tmforever.exe FirewallRules: [UDP Query User{88D7FF05-F79E-4946-A853-288BD573E814}C:\program files\tmnationsforever\tmforever.exe] => (Allow) C:\program files\tmnationsforever\tmforever.exe FirewallRules: [{55E52E7C-FD6E-4517-8357-F6D71154371A}] => (Allow) C:\Users\Jeffel\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{9C447FBD-4CD0-4507-918C-C3C1FC1BC0BC}] => (Allow) C:\Users\Jeffel\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{424B5F96-6253-4B19-824F-7157B91CE53C}C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{A3FECD29-88C2-49EE-9826-78B12649C757}C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{3E55C8FD-D431-4830-8F71-22F2B69255C3}C:\program files\ea sports\fifa 09\fifa09.exe] => (Allow) C:\program files\ea sports\fifa 09\fifa09.exe FirewallRules: [UDP Query User{6B39FD39-72B8-4683-9E30-4221DEFAD5D9}C:\program files\ea sports\fifa 09\fifa09.exe] => (Allow) C:\program files\ea sports\fifa 09\fifa09.exe FirewallRules: [TCP Query User{EF7EF825-131B-4165-A892-9DEC02FC688F}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe FirewallRules: [UDP Query User{25BF93E3-CEFC-4077-972C-637BBD3D8D23}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe FirewallRules: [{BE0F663E-C815-4563-A897-646E54E5E075}] => (Block) E:\easysetupassistant\wr841n\easysetupassistant.exe FirewallRules: [{C1AD54B1-3E4E-48CD-AA59-46A81630CED6}] => (Block) E:\easysetupassistant\wr841n\easysetupassistant.exe FirewallRules: [{9E1C364E-EA27-4082-AB13-FBEBC90590BA}] => (Allow) D:\OriginGames\Battlefield 1942\BF1942.exe FirewallRules: [{2EB3B6C7-04D1-43DF-B4B0-B47348DBCD68}] => (Allow) D:\OriginGames\Battlefield 1942\BF1942.exe FirewallRules: [{DBB13B95-B032-45C2-A416-2E496104A650}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{5456B4DC-0D08-476B-B4CB-8BA97886248B}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{B3C9C811-6617-41F7-8833-D1B66AC7C967}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{122DB7AB-303C-4A23-8984-A4089D07A519}] => (Allow) D:\Steam\SteamApps\common\f12013\F1_2013.exe FirewallRules: [{BA4A4B55-61BE-49C7-B106-9CF16C1FEFCA}] => (Allow) D:\Steam\SteamApps\common\f12013\F1_2013.exe FirewallRules: [{5476BAD2-AE20-42B2-BFC6-58B987D9EC81}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{812E2119-243A-400E-B7FE-DEB6D62808AB}] => (Allow) D:\OriginGames\SimCity\SimCity\SimCity.exe FirewallRules: [{2C4E33E9-EDDF-4059-9790-647FCF83145D}] => (Allow) D:\OriginGames\SimCity\SimCity\SimCity.exe FirewallRules: [TCP Query User{60D69111-FE19-4415-B387-D97AE26AFD38}C:\program files\tmnationsforever\tmforever.exe] => (Block) C:\program files\tmnationsforever\tmforever.exe FirewallRules: [UDP Query User{F2DF262E-FF7C-484F-AA4E-63FF8880305C}C:\program files\tmnationsforever\tmforever.exe] => (Block) C:\program files\tmnationsforever\tmforever.exe FirewallRules: [{A3C3ECE5-F0B8-458B-BF51-A7F6BF8F5E0E}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{DAA3B140-1FED-47B5-9F25-FB8F35548A03}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{F14B2E24-FBC1-4546-BBB6-CCBF3E3C26CB}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe FirewallRules: [{1EBAA986-ABD7-469D-8126-C6A22AB47DCF}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe FirewallRules: [TCP Query User{DF57783D-CA97-4654-B267-AC96484B730F}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{695F1F23-F5F2-4E3A-93D3-C046C30B108D}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{18759B6E-98BA-4489-983D-ABCF93CE30A2}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{C48C23E4-CF37-4289-AC60-2FF3F377ACD4}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [{BAE39D93-BC07-4545-A838-D128E5D729B1}] => (Allow) C:\Users\Philipp\AppData\Local\Apps\2.0\AKHGTRNK.DG4\BWYE0CZZ.LL7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{BDC2FD03-237D-49E4-A6A2-8AE3211FB11A}] => (Allow) C:\Users\Philipp\AppData\Local\Apps\2.0\AKHGTRNK.DG4\BWYE0CZZ.LL7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{2A33F55E-5BBB-4A44-9852-D7FEA360081E}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{084ED6E8-0CDB-42C1-9716-21D9E1E099C3}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [TCP Query User{5A171416-5B5C-45E6-A06C-FD51ECCBBA01}C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe] => (Block) C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [UDP Query User{EC3DF4E2-12D4-4BEA-9E53-8BD42E933EE3}C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe] => (Block) C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{B3F421E8-5795-4576-A04B-678154A5D42C}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [{56B79544-76F5-4B6F-85BD-3CA9415A0BE3}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [TCP Query User{A674A672-4708-4C05-A7DD-7FC78F2ABAD6}C:\program files\unified remote\remoteserver.exe] => (Allow) C:\program files\unified remote\remoteserver.exe FirewallRules: [UDP Query User{C42108C2-C11D-4BCD-848F-C882C383AFF1}C:\program files\unified remote\remoteserver.exe] => (Allow) C:\program files\unified remote\remoteserver.exe FirewallRules: [{100DFB51-03A7-409A-8436-B1ADEDE290A7}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [{3D1CFBF6-1099-4721-A86E-438E12C875EA}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [{708B5EAF-95EC-428E-9AA3-7F8A3CC499D7}] => (Allow) D:\OriginGames\Crusader No Remorse\data\Game\DOSBox\DOSBox.exe FirewallRules: [{252252F8-D1E0-473A-8A33-743C157FAAAB}] => (Allow) D:\OriginGames\Crusader No Remorse\data\Game\DOSBox\DOSBox.exe FirewallRules: [{12369EEC-4B3E-4804-8395-3B1EE1D1F377}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{23965B5B-2D1F-4BC2-82F2-4E012CDB6110}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{D67CAA53-7942-4A91-8D54-03DE16AF77AA}] => (Allow) D:\Steam\SteamApps\common\ConSim2015\ConSim2015.exe FirewallRules: [{085EB9AF-D4B4-42D7-AA85-2FF13C776871}] => (Allow) D:\Steam\SteamApps\common\ConSim2015\ConSim2015.exe FirewallRules: [{13EC435C-D4A0-4045-9736-20D5C2A52E0F}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{766D54AC-FE82-4990-81C9-4B3E62FC1D8E}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe FirewallRules: [{8147F4AA-6FEE-48F5-A257-DADCA6B3D1F7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{B59D5117-8BF8-4401-A031-594855C5359E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{2405E39F-611A-4841-8667-B7FAB332ED13}D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{98A5CF53-9EE7-4592-86E6-5A255E971ED4}D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{42389642-E7E4-4FA7-99F0-D17483626C6F}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{546675B7-4D5D-41B0-A82B-3C2AE0AED9AE}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{D536C9B7-6FD7-4BED-BA38-786F6BC6F0D1}] => (Allow) D:\OriginGames\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe FirewallRules: [{E9B75711-970D-4839-8F09-E9CBD427BD8F}] => (Allow) D:\OriginGames\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe FirewallRules: [TCP Query User{C6CA08AE-77C7-4910-BA3F-F5B62104D473}D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{A01E04CC-DD4B-4DC7-BBA1-803AF9013F05}D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe FirewallRules: [{97AA36F1-5AEC-4DDC-B29F-EAFECAFED590}] => (Allow) D:\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [{64A8BDA9-3510-479E-8F38-E4F33151AD66}] => (Allow) D:\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [TCP Query User{1B771FF4-E997-4B49-85A0-0C6AD41D89EC}D:\steam\steamapps\common\cry of fear\cof.exe] => (Allow) D:\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [UDP Query User{F82652F8-36FB-4B04-8D2F-76387FCB505E}D:\steam\steamapps\common\cry of fear\cof.exe] => (Allow) D:\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [{F42F3A51-5E79-42CD-97EC-8F46AFB3AEDA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3AF441F6-2448-4E93-AF29-F00F2983A81B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7BFDFD06-3266-44D4-9B6F-9297A1D1690E}] => (Allow) D:\Steam\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe FirewallRules: [{E8E33C1D-DB89-45E0-9666-8326023F9286}] => (Allow) D:\Steam\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe FirewallRules: [{62237A5E-264E-465C-8922-D8033386151C}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{13632916-2A53-489F-A5C5-39D17391DB93}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe FirewallRules: [TCP Query User{B2B45E24-4713-429D-8843-08E49BFC3B63}D:\euro truck simulator 2\online_updater.updated] => (Allow) D:\euro truck simulator 2\online_updater.updated FirewallRules: [UDP Query User{28213BD0-890D-4BB1-BFDC-4E6A88EEC219}D:\euro truck simulator 2\online_updater.updated] => (Allow) D:\euro truck simulator 2\online_updater.updated FirewallRules: [TCP Query User{ECD37DFE-AF6A-43DE-BA80-D3F9F08FE989}C:\users\philipp\appdata\local\apps\2.0\1qlj75j7.rxm\yvl6k5v2.zkw\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe] => (Allow) C:\users\philipp\appdata\local\apps\2.0\1qlj75j7.rxm\yvl6k5v2.zkw\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe FirewallRules: [UDP Query User{A3A06301-F786-459F-BCA9-9DC58DBB3E76}C:\users\philipp\appdata\local\apps\2.0\1qlj75j7.rxm\yvl6k5v2.zkw\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe] => (Allow) C:\users\philipp\appdata\local\apps\2.0\1qlj75j7.rxm\yvl6k5v2.zkw\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe FirewallRules: [{FFD0EA99-381B-4595-B538-BE3BE97CE6EC}] => (Allow) C:\Program Files\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [{916375A1-6C52-4160-99F5-CE7FA5A90628}] => (Allow) C:\Program Files\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [TCP Query User{D3ACC891-92D6-4031-AE3C-7A745B629338}D:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe] => (Allow) D:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe FirewallRules: [UDP Query User{CC831390-5A82-4DE0-BEE0-D48FAE77D52B}D:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe] => (Allow) D:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe FirewallRules: [{7286A81F-7D5D-4AEB-B31F-66A90CBC9D73}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{DA3E399D-DB36-4822-8E60-78BEB8525DFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{E2F6A7CC-FE8A-4A25-9A67-623F3D900DDF}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe FirewallRules: [UDP Query User{923E3411-F4A5-4857-8D70-67AF9193454C}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe FirewallRules: [{755160F9-D04E-44D0-80DC-A88497A99E87}] => (Allow) D:\VMWare Player\vmware-authd.exe FirewallRules: [{09F960B8-4C8B-4BD2-BDFD-E79A39D8D667}] => (Allow) D:\VMWare Player\vmware-authd.exe FirewallRules: [TCP Query User{F079D573-851E-48A5-B7C1-1FCFB4AE8F25}C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe] => (Allow) C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe FirewallRules: [UDP Query User{0E30DFD4-300E-41D4-8A97-01347B5A8FAF}C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe] => (Allow) C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe FirewallRules: [TCP Query User{87DD0B8C-383B-4D34-A3E6-9CB6F2D07D83}C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe] => (Allow) C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe FirewallRules: [UDP Query User{7B67D38B-0BE3-402F-A850-A35157E35F9B}C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe] => (Allow) C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe FirewallRules: [{1905163A-5F4D-4FE3-9C47-C1460068F4FA}] => (Block) C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe FirewallRules: [{1DFA478E-4B1C-4292-91CE-75ECE1D50BD8}] => (Block) C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe FirewallRules: [{2044ACDF-BFD7-4169-AB2E-38B58DB9CB85}] => (Block) C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe FirewallRules: [{5D2D7735-BEC5-494D-9279-A5C49D5C7022}] => (Block) C:\program files\ti education\ti-nspire cas student software\jre\bin\java.exe FirewallRules: [{173EC70F-F71F-46CE-BFC8-5F2D1CA861CC}] => (Allow) D:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{85E4A175-2840-4EAA-A7C8-2AA3B898D998}] => (Allow) D:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{BC11EAF7-90B2-4DE4-84FC-DE5BF80EA386}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{B2C0DA43-935C-4B4C-88EF-3DA32A32568B}D:\android\android studio\bin\studio.exe] => (Allow) D:\android\android studio\bin\studio.exe FirewallRules: [UDP Query User{DFB45AD5-52BE-421D-8F19-A981BAA1462A}D:\android\android studio\bin\studio.exe] => (Allow) D:\android\android studio\bin\studio.exe FirewallRules: [{3A8BCB5C-7973-4589-83EF-0B77D5F7548E}] => (Block) D:\android\android studio\bin\studio.exe FirewallRules: [{46CD44EA-DE14-48A7-A0DE-DFA3007B91E8}] => (Block) D:\android\android studio\bin\studio.exe ==================== Wiederherstellungspunkte ========================= 24-12-2015 20:32:21 Installiert Skiller PRO 25-12-2015 12:18:13 Installed Java SE Development Kit 7 Update 79 25-12-2015 12:22:00 Installed Java 7 Update 79 25-12-2015 21:07:18 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (12/26/2015 09:39:36 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/25/2015 07:45:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/25/2015 09:55:57 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/24/2015 08:32:18 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {3babe37e-c48e-4f09-b2aa-5ed75b8b058c} Error: (12/24/2015 01:48:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2015 07:43:37 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/22/2015 12:50:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/21/2015 08:35:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/21/2015 03:39:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: googledrivesync.exe, Version: 1.26.707.2863, Zeitstempel: 0x509418e4 Name des fehlerhaften Moduls: pyexpat.pyd, Version: 0.0.0.0, Zeitstempel: 0x55b99e69 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00011160 ID des fehlerhaften Prozesses: 0x12f0 Startzeit der fehlerhaften Anwendung: 0xgoogledrivesync.exe0 Pfad der fehlerhaften Anwendung: googledrivesync.exe1 Pfad des fehlerhaften Moduls: googledrivesync.exe2 Berichtskennung: googledrivesync.exe3 Error: (12/21/2015 02:05:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: TLR.exe, Version: 0.0.0.0, Zeitstempel: 0x3d109ee7 Name des fehlerhaften Moduls: TLR.exe, Version: 0.0.0.0, Zeitstempel: 0x3d109ee7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00074941 ID des fehlerhaften Prozesses: 0x1444 Startzeit der fehlerhaften Anwendung: 0xTLR.exe0 Pfad der fehlerhaften Anwendung: TLR.exe1 Pfad des fehlerhaften Moduls: TLR.exe2 Berichtskennung: TLR.exe3 Systemfehler: ============= Error: (12/26/2015 09:39:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: VBoxNetAdp Error: (12/26/2015 09:39:48 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (12/26/2015 09:37:58 AM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (12/26/2015 09:37:58 AM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (12/25/2015 09:46:09 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agent nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten. Error: (12/25/2015 09:46:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SDRSVC erreicht. Error: (12/25/2015 09:46:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht. Error: (12/25/2015 09:45:35 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (12/25/2015 09:45:35 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht. Error: (12/25/2015 09:45:05 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active CodeIntegrity: =================================== Date: 2015-08-03 12:45:31.987 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.925 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.894 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.597 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.473 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.441 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.426 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-08-03 12:45:31.395 Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz Prozentuale Nutzung des RAM: 46% Installierter physikalischer RAM: 3071.27 MB Verfügbarer physikalischer RAM: 1645.67 MB Summe virtueller Speicher: 6140.86 MB Verfügbarer virtueller Speicher: 4213.12 MB ==================== Laufwerke ================================ Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:20.62 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (DATA) (Fixed) (Total:137.33 GB) (Free:24.5 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 97646C29) Partition 1: (Not Active) - (Size=11.7 GB) - (Type=1C) Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=137.3 GB) - (Type=OF Extended) ==================== Ende vom Addition.txt ============================ Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 26.12.2015 Suchlaufzeit: 09:43 Protokolldatei: Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.26.01 Rootkit-Datenbank: v2015.12.18.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Beamer Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 537062 Abgelaufene Zeit: 1 Std., 31 Min., 42 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Tiefer Rootkit-Suchlauf: Aktiviert Heuristik: Aktiviert PUP: Warnen PUM: Warnen Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Aber keine Funde, nur Warnungen (konnte auf ca. 1800 Dateien nicht zugreifen) LG flowerwithlo Geändert von flowerwithlo (26.12.2015 um 12:57 Uhr) |
29.12.2015, 21:51 | #4 |
/// TB-Ausbilder /// Anleitungs-Guru | RoutineuntersuchungMein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
Hinweis: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst. Los geht's: Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
30.12.2015, 19:32 | #5 |
| Routineuntersuchung Hallo Jürgen, danke dass du mir bei der Bereinigung hilfst. Anbei das Logfile: Code:
ATTFilter # AdwCleaner v5.027 - Bericht erstellt am 30/12/2015 um 19:25:15 # Aktualisiert am 30/12/2015 von Xplode # Datenbank : 2015-12-30.1 [Server] # Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86) # Benutzername : Beamer - SCHEFFLER-PC # Gestartet von : C:\Users\Beamer\Desktop\adwcleaner_5.027.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Users\Philipp\AppData\Local\DownloadManager ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\invalidprefs.js [-] Datei Gelöscht : C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\searchplugins\avira-safesearch.xml [-] Datei Gelöscht : C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\foxydeal.sqlite [-] Datei Gelöscht : C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\invalidprefs.js ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] [-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}] [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKCU\Software\PIP [-] Schlüssel Gelöscht : HKCU\Software\Softonic [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} ***** [ Internetbrowser ] ***** [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("avira.safe_search.installed", "[\"safesearch\"]"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultenginename", "Avira SafeSearch"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...] [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"e80543783e0f3b7a591ef18f0134103cd606efbc\""); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"77aaaeb5fafe36d616a03216a0a27ef0f93cfdf6\""); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.install", "1434744889535"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.MP_DISTINCT_ID", "e80543783e0f3b7a591ef18f0134103cd606efbc"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.initialSettingsApplied", "true"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.install", "1434744889535"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.migration_1_2_1", true); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.overrideNewTab", true); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.baseURI", "resource://safesearch-at-avira-dot-com/"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.domain", "safesearch-at-avira-dot-com"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.load.reason", "startup"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.rootURI", "jar:file:///C:/Users/Jeffel/AppData/Roaming/Mozilla/Firefox/Profiles/bv31z8w8.default/extensions/safesearch@avira.com.xpi!/"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.version", "1.3.1.208"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.search_offer_disabled", true); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.settings_offer_default_search_chosen", "true"); [-] [C:\Users\Jeffel\AppData\Roaming\Mozilla\Firefox\Profiles\bv31z8w8.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.settings_offer_newtab_chosen", "true"); [-] [C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.aniweather.timeShifted", 1052900); ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5984 Bytes] ########## |
30.12.2015, 21:53 | #6 |
/// TB-Ausbilder /// Anleitungs-Guru | Routineuntersuchung Jetzt bitte Suchscan durchführen: Schritt 1 ESET Online Scanner
__________________ --> Routineuntersuchung |
31.12.2015, 17:13 | #7 |
| Routineuntersuchung ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=c0c7fff54a27634f9d2006f27ed8248f # end=init # utc_time=2015-12-31 10:47:45 # local_time=2015-12-31 11:47:45 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 Update Init Update Download Update Finalize Updated modules version: 27438 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=c0c7fff54a27634f9d2006f27ed8248f # end=updated # utc_time=2015-12-31 10:52:10 # local_time=2015-12-31 11:52:10 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=c0c7fff54a27634f9d2006f27ed8248f # engine=27438 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-12-31 04:12:24 # local_time=2015-12-31 05:12:24 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 149711 203209535 0 0 # scanned=443913 # found=0 # cleaned=0 # scan_time=19213 |
31.12.2015, 17:37 | #8 |
/// TB-Ausbilder /// Anleitungs-Guru | Routineuntersuchung Sieht gut aus...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
01.01.2016, 15:09 | #9 |
| Routineuntersuchung Erstmal ein frohes Neues wünsche ich dir Die Probleme sind leider immer noch nicht weg, ich hab dazu hier mal ein Video gemacht: https://youtu.be/urDviJeMaFM Hoffe das hilft zumindest ein wenig... LG flowerwithlo PS: kann die URL leider nicht als Link posten, der Link wird anschließend direkt wieder in Text umgewandelt... :/ Geändert von flowerwithlo (01.01.2016 um 15:21 Uhr) |
01.01.2016, 15:42 | #10 |
/// TB-Ausbilder /// Anleitungs-Guru | Routineuntersuchung Danke, gleichfalls. Die Probleme sind aber offensichtliche keine "Malware-Probleme". Und ich bin nur Malware-Fuzzy.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
01.01.2016, 20:08 | #11 | |
| RoutineuntersuchungZitat:
Hast du eine Ahnung wer sich hier im TB mit sowas auskennt? |
02.01.2016, 10:41 | #12 |
/// TB-Ausbilder /// Anleitungs-Guru | Routineuntersuchung Einfach mal im Windows-Bereich nen Thread aufmachen.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
02.01.2016, 13:37 | #13 |
| Routineuntersuchung Dann danke ich dir für deine Hilfe!! Darf ich mit der Bereinigung beginnen? LG flowerwithlo |
02.01.2016, 18:38 | #14 |
/// TB-Ausbilder /// Anleitungs-Guru | Routineuntersuchung
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
04.01.2016, 16:02 | #15 |
| Routineuntersuchung Ja, ich denk schon. Falls ich nochmal was brauch, kann ichs mir ja einfach nochmal runterladen. |
Themen zu Routineuntersuchung |
bluestacks, dnsapi.dll, routine, routinecheck, routineuntersuchung, unerwartetem |