| |
| |||||||
Log-Analyse und Auswertung: Mehrere Viren/Trojaner vorallem unter "C:\Windows\Temp\"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.04.2016, 09:04
| #1 |
 |  Mehrere Viren/Trojaner vorallem unter "C:\Windows\Temp\" Hallo liebe Gemeinde. Ich habe (zum Glück) lange kein neues Thema mehr erstellt. Doch von Zeit zur Zeit brauche ich eure Hilfe  Ich benutze das Avira Professional und habe die Erfahrung gemacht, dass durch ein zusätzliches Installieren von AdAware als "2nd line of defense" (dabei wird der Echtzeitscanner von AdAware abgeschaltet, um keine Konflikte mit Avira zu bekommen) doch noch ein paar Viren/Trojaner auf dem PC gefunden werden. Diese befinden sich vorallem im C:\Windows\Temp ordner. Manchmal ist es auch so, dass nachdem ich den Inhalt des Temp-Ordners lösche, wird dort nach einem Neustart eine neue Datei erstellt/abgelegt, die weiterhin einen Trojaner enthält. Mit mehreren Suchläufen habe ich versucht mich dieser zu entledigen. An dieser Stelle eine Frage: gibt es ein Programm, dass einen Ordner überwacht und die Zugriffe darauf aufzeichnet? Sodass man sehen kann, welche Dienste oder Programme bestimmte Dateien unter Temp erstellen. Was ich an der Zusammenarbeit von Avira und Adaware interessant finde: Wenn ich den Scan durch AdAware durchführen lasse, meldet sich Avira bei Fund (ich nehme an, dass AdAware bei der Suche bestimmte Pfade aufruft und der Echtzeitscanner dann Alarm schlägt). Nach dem Scan jedoch enthält der Bericht von Avira keine Viren/Trojaner, dessen Ereignisliste ist jedoch voll von Funden. Der Bericht von AdAware enthält ebenfalls Funde. Nach dem langen Text nun meine Bitte: kann sich jemand von den Experten meine Logs anschauen und mit mir gemeinsam sicherstellen, dass möglichst wenig Schadsoftware auf dem PC befindet? LOGs: Adaware: Code:
ATTFilter <?xml version="1.0"?>
<Summary>
<ScanInfo ScanMode="Manual" ScanType="Full" StartTime="20160417T132035.318465" EndTime="20160417T203036.318465" />
<InfectedObjects>
<InfectedObject ObjectType="File" ObjectPath="\\?\C:\ProgramData\Avira\AntiVir Desktop\INFECTED\483afc24.qua" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Downloader.YM" />
<InfectedObject ObjectType="File" ObjectPath="\\?\C:\ProgramData\Avira\AntiVir Desktop\INFECTED\50d1d3f5.qua" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="App" ThreatName="Application.Downloader.YM" />
<InfectedObject ObjectType="File" ObjectPath="\\?\C:\Users\Sascha\Downloads\crk.zip" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Trojan.Generic.8426274" />
<InfectedObject ObjectType="File" ObjectPath="\\?\E:\cm-11-20140804-SNAPSHOT-M9-i9300.zip" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Android.Riskware.SMSSend.gRUN" />
<InfectedObject ObjectType="File" ObjectPath="\\?\E:\Heli Handy\ZTE\root dir\TitaniumBackup_full\com.android.google.sync-0fb6555e61305c98958a43e8ae1fd371.apk.gz" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Android.Trojan.Agent.AM" />
<InfectedObject ObjectType="File" ObjectPath="\\?\E:\Heli Handy\ZTE\root dir\TitaniumBackup_full\com.twiter.android-94cb1fa88a18b10b0ffabd194cc71d71.apk.gz" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Android.Trojan.Fjcon.D" />
<InfectedObject ObjectType="File" ObjectPath="\\?\E:\Heli Handy\ZTE\root dir\TWRP\BACKUPS\MSM8226\2014-12-08--15-10-02 X9180_CNCommon_V9.06\system.ext4.win" ParentContainers="" InnerObject="" ObjectStatus="Moved" ThreatType="Virus" ThreatName="Android.Trojan.Fjcon.D" />
</InfectedObjects>
</Summary>
Code:
ATTFilter Exportierte Ereignisse:
17.04.2016 22:39 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/Agent.LY.Gen [virus]'
in Datei
'C:\Windows\Temp\302394c1-6061-4bb3-870b-485bfdf38f50\tmp00007b61\tmp0038d87e
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 22:36 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/Agent.LY.Gen [virus]'
in Datei
'C:\Windows\Temp\302394c1-6061-4bb3-870b-485bfdf38f50\tmp00007b61\tmp0033fcbd
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 22:35 [Echtzeit-Scanner] Malware gefunden
Muster 'PUA/DownloadSponsor.Gen [riskware]'
in Datei
'C:\Windows\Temp\302394c1-6061-4bb3-870b-485bfdf38f50\tmp00007b61\tmp0032daa7
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 22:35 [Echtzeit-Scanner] Malware gefunden
Muster 'PUA/DownloadSponsor.Gen [riskware]'
in Datei
'C:\Windows\Temp\302394c1-6061-4bb3-870b-485bfdf38f50\tmp00007b61\tmp0032daa2
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 19:29 [Echtzeit-Scanner] Malware gefunden
Muster 'PUA/DownloadSponsor.Gen [riskware]'
in Datei 'E:\Internet Download Manager - CHIP-Downloader.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 19:28 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/Agent.LY.Gen [virus]'
in Datei
'C:\Windows\Temp\99ef92a8-7628-4b99-af3f-a7187a5988de\tmp0000442a\tmp00554b1d
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 19:24 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/Agent.LY.Gen [virus]'
in Datei
'C:\Windows\Temp\99ef92a8-7628-4b99-af3f-a7187a5988de\tmp0000442a\tmp004e93e8
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 19:24 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/Agent.LY.Gen [virus]'
in Datei
'C:\Windows\Temp\99ef92a8-7628-4b99-af3f-a7187a5988de\tmp0000442a\tmp004e93e8
gefunden.
Durchgeführte Aktion: Übergeben an Scanner
17.04.2016 17:36 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:36 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:36 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:36 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:36 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:36 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:35 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Spy.60928.145 [trojan]'
in Datei
'C:\Windows\Temp\58a3678a-26ea-47de-b338-1c5b2e2c28ce\tmp000068c1\tmp001c5466
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:35 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Spy.60928.145 [trojan]'
in Datei
'C:\Windows\Temp\58a3678a-26ea-47de-b338-1c5b2e2c28ce\tmp000068c1\tmp001c54bc
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:27 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei
'C:\Windows\Temp\58a3678a-26ea-47de-b338-1c5b2e2c28ce\tmp000068c1\tmp001a95a5
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:27 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\MtkDroidTools\files\zR gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:04 [Echtzeit-Scanner] Malware gefunden
Muster 'PUA/DownloadSponsor.Gen [riskware]'
in Datei
'C:\Windows\Temp\58a3678a-26ea-47de-b338-1c5b2e2c28ce\tmp000068c1\tmp0011b8d4
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:04 [Echtzeit-Scanner] Malware gefunden
Muster 'PUA/DownloadSponsor.Gen [riskware]'
in Datei
'C:\Windows\Temp\58a3678a-26ea-47de-b338-1c5b2e2c28ce\tmp000068c1\tmp0011b8b1
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 17:04 [Echtzeit-Scanner] Malware gefunden
Muster 'PUA/DownloadSponsor.Gen [riskware]'
in Datei
'C:\Windows\Temp\58a3678a-26ea-47de-b338-1c5b2e2c28ce\tmp000068c1\tmp0011b8b1
gefunden.
Durchgeführte Aktion: Übergeben an Scanner
17.04.2016 15:50 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\30767141-97b9-43cd-8450-eb8bb8847bd2\tmp00000bbf\tmp0002d806
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 15:50 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\30767141-97b9-43cd-8450-eb8bb8847bd2\tmp00000bbf\tmp0002d806
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 12:20 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\4a7dfb66-f713-4b94-a391-020f6ad7a388\tmp00002ecb\tmp00009029
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 12:20 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\4a7dfb66-f713-4b94-a391-020f6ad7a388\tmp00002ecb\tmp00009029
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 12:18 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\4a7dfb66-f713-4b94-a391-020f6ad7a388\tmp00002ecb\tmp00008896
gefunden.
Durchgeführte Aktion: Zugriff verweigern
17.04.2016 12:18 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\4a7dfb66-f713-4b94-a391-020f6ad7a388\tmp00002ecb\tmp00008896
gefunden.
Durchgeführte Aktion: Zugriff verweigern
16.04.2016 13:57 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\675f3633-b3de-4b80-a819-1ac95686b972\tmp000025c3\tmp00037a89
gefunden.
Durchgeführte Aktion: Zugriff verweigern
16.04.2016 13:57 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\675f3633-b3de-4b80-a819-1ac95686b972\tmp000025c3\tmp00037a89
gefunden.
Durchgeführte Aktion: Zugriff verweigern
16.04.2016 13:55 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\675f3633-b3de-4b80-a819-1ac95686b972\tmp000025c3\tmp000371c1
gefunden.
Durchgeführte Aktion: Zugriff verweigern
16.04.2016 13:55 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\675f3633-b3de-4b80-a819-1ac95686b972\tmp000025c3\tmp000371c1
gefunden.
Durchgeführte Aktion: Zugriff verweigern
16.04.2016 13:54 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\675f3633-b3de-4b80-a819-1ac95686b972\tmp000025c3\tmp00037128
gefunden.
Durchgeführte Aktion: Zugriff verweigern
16.04.2016 13:54 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\675f3633-b3de-4b80-a819-1ac95686b972\tmp000025c3\tmp00037128
gefunden.
Durchgeführte Aktion: Zugriff verweigern
16.04.2016 13:36 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\675f3633-b3de-4b80-a819-1ac95686b972\tmp000025c3\tmp0002dd63
gefunden.
Durchgeführte Aktion: Zugriff verweigern
16.04.2016 13:35 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\675f3633-b3de-4b80-a819-1ac95686b972\tmp000025c3\tmp0002dd63
gefunden.
Durchgeführte Aktion: Zugriff verweigern
16.04.2016 13:35 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\675f3633-b3de-4b80-a819-1ac95686b972\tmp000025c3\tmp0002dcca
gefunden.
Durchgeführte Aktion: Zugriff verweigern
16.04.2016 13:35 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\675f3633-b3de-4b80-a819-1ac95686b972\tmp000025c3\tmp0002dcca
gefunden.
Durchgeführte Aktion: Zugriff verweigern
11.04.2016 23:00 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
11.04.2016 23:00 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
11.04.2016 23:00 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
11.04.2016 23:00 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
11.04.2016 23:00 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
11.04.2016 16:53 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
11.04.2016 16:53 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
11.04.2016 16:53 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
11.04.2016 16:52 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
11.04.2016 16:52 [Echtzeit-Scanner] Malware gefunden
Muster 'ANDROID/GetRoot.A [virus]'
in Datei 'D:\PhoneBackup_2.0.exe gefunden.
Durchgeführte Aktion: Zugriff verweigern
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 18.04.2016 Suchlaufzeit: 09:10 Protokolldatei: Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.04.18.01 Rootkit-Datenbank: v2016.04.17.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Sascha Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 385569 Abgelaufene Zeit: 35 Min., 18 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:17-04-2016
durchgeführt von Sascha (Administrator) auf SASCHA-PC (18-04-2016 08:47:42)
Gestartet von C:\Users\Sascha\Desktop
Geladene Profile: Sascha (Verfügbare Profile: Sascha & IWB)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Authentec Inc.) C:\Program Files\Protector Suite\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Fujitsu Technology Solutions) C:\Program Files\Fujitsu\DeskView\Common\FscHMCfg.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(Nitro PDF Software) D:\Program Files\Nitro\Pro 9\NitroPDFDriverService9.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Microsoft Corporation) C:\Users\Sascha\AppData\Local\Snip\Snip.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Sascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
() C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Nitro PDF Software) D:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
(Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\usrreq.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7703072 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [764528 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [IndicatorUtility] => C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47464 2009-06-22] (FUJITSU LIMITED)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975760 2015-11-03] (Cisco Systems, Inc.)
HKLM\...\Run: [FUJ02B1_Apps] => C:\Program Files\Fujitsu\FUJ02B1\CheckBatteryPack.exe [366376 2016-03-17] (FUJITSU LIMITED)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe [8007392 2016-01-28] ()
Winlogon\Notify\psfus: C:\Program Files\Protector Suite\psqlpwd.dll [2012-10-23] (Authentec Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [2598496 2013-03-10] ()
HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\Run: [Dropbox Update] => C:\Users\Sascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\Run: [Snip] => C:\Users\Sascha\AppData\Local\Snip\Snip.exe [1713312 2015-10-19] (Microsoft Corporation)
HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50676864 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\MountPoints2: {0cebd7cc-ce8f-11e2-b157-00a0d5ffffa5} - F:\Startme.exe
HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\MountPoints2: {50d5c9c3-7f73-11e4-b352-001742fd5e4f} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\autorun.exe /auto
HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\MountPoints2: {f690ec43-7c86-11e4-b1bc-fc6fd48a52bd} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\autorun.exe /auto
HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\MountPoints2: {fb8e2f6d-7ebc-11e4-9153-001742fd5e4f} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\autorun.exe /auto
HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\MountPoints2: {fb8e3063-7ebc-11e4-9153-001742fd5e4f} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\autorun.exe /auto
HKU\S-1-5-18\...\Run: [FRITZ!protect] => FwebProt.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] scecli C:\Program Files\Protector Suite\psqlpwd.dll
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => D:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlay] -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Protector Suite\farchns.dll [2012-10-23] (Authentec Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlayOpen] -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Protector Suite\farchns.dll [2012-10-23] (Authentec Inc.)
Startup: C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.exe - Verknüpfung.lnk [2013-11-22]
ShortcutTarget: ctfmon.exe - Verknüpfung.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Corporation)
Startup: C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-16]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 01 C:\Windows\system32\NLAapi.dll [52224 2012-10-03] (Microsoft Corporation) ACHTUNG: LibraryPath sollte sein "C:\Windows)\system32\NLAapi.dll"
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{69767269-0577-45C1-88DC-B1D78DE44DAF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AB78458C-7E79-49A8-8741-7B110BCDCC40}: [NameServer] 62.134.11.4 195.182.110.132塚BḈ¿ↅ䍟謓並BḈ¿
Internet Explorer:
==================
HKU\S-1-5-21-2186534646-70022557-530426099-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> D:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-09-05] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-09-05] (Adobe Systems Incorporated)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-09-05] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2186534646-70022557-530426099-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-09-05] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-03-18] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\3bkhj32i.default-1436688253094
FF Homepage: hxxp://www.google.de
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> E:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF -> D:\Program Files\Nitro\Pro 8\npnitromozilla.dll [2013-05-27] (Nitro PDF)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-09] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-09] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC 0.8.6\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Acrobat -> D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-09-26] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2186534646-70022557-530426099-1000: @torrentstream.net/tsplugin,version=2.0.8.11.1 -> C:\Users\Sascha\AppData\Roaming\TorrentStream\player\npts_plugin.dll [2014-04-25] (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll [2014-01-09] (Dassault Systèmes SolidWorks Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-04-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-04-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-04-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-04-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-04-24] (Apple Inc.)
FF Extension: Adobe Acrobat - Create PDF - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-02] [ist nicht signiert]
FF Extension: Web Developer - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\3bkhj32i.default-1436688253094\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-07-12]
FF Extension: NoScript - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\3bkhj32i.default-1436688253094\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: DownThemAll! AntiContainer - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\3bkhj32i.default-1436688253094\extensions\anticontainer@downthemall.net.xpi [2016-04-15]
FF Extension: DownThemAll! - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\3bkhj32i.default-1436688253094\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-04-15]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\3bkhj32i.default-1436688253094\Extensions\elemhidehelper@adblockplus.org.xpi [2016-02-18]
FF Extension: uBlock Origin - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\3bkhj32i.default-1436688253094\Extensions\uBlock0@raymondhill.net.xpi [2016-04-07]
FF Extension: Adblock Plus - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\3bkhj32i.default-1436688253094\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-07-01] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-04-01] [ist nicht signiert]
FF HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Users\Sascha\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
FF Extension: TS Magic Player - C:\Users\Sascha\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org [2015-03-04] [ist nicht signiert]
FF HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - D:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - D:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-03-10]
FF HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Sascha\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Sascha\AppData\Roaming\IDM\idmmzcc5 [2016-04-16] [ist nicht signiert]
FF HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - D:\Program Files\Internet Download Manager\idmmzcc2.xpi
Chrome:
=======
CHR Profile: C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Web Developer) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2015-05-27]
CHR Extension: (kimono) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoaddaobnieaecelinfdllcgdehimih [2016-04-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-12]
CHR Extension: (AdBlock) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-12]
CHR Extension: (IDM Integration Module) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-04-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Citavi Picker) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2015-11-02]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-09-05]
CHR HKLM\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - D:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-02-11]
CHR HKLM\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - D:\Program Files\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]
Opera:
=======
StartMenuInternet: (HKLM) Opera - D:\Program Files\Opera\Opera.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ActivControl; C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe [21328 2013-04-25] (Promethean)
S3 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [593376 2013-04-11] (Intel Corporation)
R2 AntiVirFireWallService; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [1055488 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [856760 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [463720 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [463720 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1043664 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1807608 2009-07-31] (AuthenTec, Inc.)
S3 BTHSSecurityMgr; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [104240 2012-09-12] (Intel(R) Corporation)
S3 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [76328 2014-01-11] (Dassault Systèmes SolidWorks Corp.)
S3 eBeam Device Service; C:\Program Files\Luidia\eBeam Device Service\eBeamDeviceServiceMain.exe [180224 2013-06-05] (Luidia, Inc.) [Datei ist nicht signiert]
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1074480 2014-06-28] (Flexera Software LLC)
R2 FscHmCfg; C:\Program Files\Fujitsu\DeskView\Common\FscHMCfg.exe [150656 2012-11-13] (Fujitsu Technology Solutions)
R2 HPSLPSVC; C:\Users\Sascha\AppData\Local\Temp\7zS38EB\hpslpsvc32.dll [701288 2013-02-06] (Hewlett-Packard Co.)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [73528 2009-07-28] (AVM Berlin)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe [659872 2016-01-28] ()
S3 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [242928 2013-04-18] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NitroDriverReadSpool8; D:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [196616 2013-05-27] (Nitro PDF Software)
R2 NitroDriverReadSpool9; D:\Program Files\Nitro\Pro 9\NitroPDFDriverService9.exe [197128 2013-11-12] (Nitro PDF Software)
S3 NovacomD; C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe [61440 2011-06-24] (Palm) [Datei ist nicht signiert]
S3 O2Flash; C:\Windows\system32\o2flash.exe [65536 2007-02-12] (O2Micro International) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [62824 2009-07-27] (FUJITSU LIMITED)
S3 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [191112 2014-01-10] (Mentor Graphics Corporation) [Datei ist nicht signiert]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [135176 2015-02-18] (Sandboxie Holdings, LLC)
S3 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 SMARTHelperService; C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe [538928 2014-05-29] (SMART Technologies)
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-11-01] (SolidWorks) [Datei ist nicht signiert]
R2 SwiCardDetectSvc; C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe [238960 2010-12-02] (Sierra Wireless, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 TomTomHOMEService; D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-08-27] (TomTom)
S3 UDisk Monitor Z5 Phone; C:\Program Files\Android_USB_Driver_Z\Bin\MonServiceUDisk.exe [585416 2013-11-18] ()
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2009-08-04] (Intel Corporation)
S3 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [111488 2009-10-12] (CSR, plc)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [579984 2015-11-03] (Cisco Systems, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62760 2008-10-09] ()
S3 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2532592 2013-04-18] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [109248 2015-11-03] (Cisco Systems, Inc.)
S3 ACTIVhidmini; C:\Windows\System32\DRIVERS\ACTIVhidmini.sys [87296 2012-10-30] (Promethean Technologies Ltd)
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [112608 2013-04-11] (Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [112608 2013-04-11] (Windows (R) Win 7 DDK provider)
R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [92448 2014-08-15] (Avira GmbH)
R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [113024 2014-08-15] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [109016 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136272 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-08-15] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [105728 2013-06-06] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-06-06] (DT Soft Ltd)
R3 FjBtnDrv; C:\Windows\System32\DRIVERS\FjBtnDrv.sys [18816 2009-08-27] (Fujitsu America, Inc.)
R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [12712 2013-06-06] (FUJITSU LIMITED)
R2 FJSPA; C:\Program Files\Fujitsu\FJSPA\FJSPA.sys [17712 2006-12-07] (FUJITSU LIMITED)
R3 FlashDrv; C:\Windows\System32\DRIVERS\FlashDrv.sys [22344 2012-11-13] (Fujitsu Technology Solutions)
R3 FscCmos; C:\Windows\System32\DRIVERS\FscCmos.sys [17224 2012-11-13] (Fujitsu Technology Solutions)
R3 FscCpuid; C:\Windows\System32\DRIVERS\FscCpuid.sys [18248 2012-11-13] (Fujitsu Technology Solutions)
R3 FscEfDmi; C:\Windows\System32\DRIVERS\FscEfDmi.sys [18760 2012-11-13] (Fujitsu Technology Solutions)
R3 FscGabi; C:\Windows\System32\DRIVERS\FscGabi.sys [21064 2012-11-13] (Fujitsu Technology Solutions)
R3 FscTime; C:\Windows\System32\DRIVERS\FscTime.sys [20296 2012-11-13] (Fujitsu Technology Solutions)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [48552 2016-03-17] (FUJITSU LIMITED)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [42592 2014-08-25] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7523840 2012-01-23] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.)
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscr.sys [102560 2009-05-15] (O2Micro)
S3 prmvmouse; C:\Windows\System32\DRIVERS\activmouse.sys [6656 2012-10-30] (Promethean Technologies Ltd)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [90280 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [15016 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [122280 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [115880 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [26024 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [111912 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [116904 2009-05-25] (MCCI Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [161288 2015-02-18] (Sandboxie Holdings, LLC)
R3 SMARTMouseFilterx86; C:\Windows\System32\DRIVERS\SMARTMouseFilterx86.sys [8192 2014-05-29] (SMART Technologies)
R3 SMARTVHidMini2000x86; C:\Windows\System32\DRIVERS\SMARTVHidMini2000x86.sys [7680 2014-05-29] (SMART Technologies)
S3 SMARTVTabletPCx86; C:\Windows\System32\DRIVERS\SMARTVTabletPCx86.sys [15872 2014-05-29] (SMART Technologies ULC)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [27696 2015-06-22] (Avira Operations GmbH & Co. KG)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13368 2015-12-26] (SlimWare Utilities, Inc.)
S3 swiwdmbus; C:\Windows\System32\DRIVERS\swiwdmbus.sys [82048 2010-11-16] (Sierra Wireless Inc.)
S3 SWNC8U3C; C:\Windows\System32\DRIVERS\swnc8u3C.sys [231936 2010-11-16] (Sierra Wireless Inc.)
S3 SWUMX3C; C:\Windows\System32\DRIVERS\swumx3C.sys [156672 2010-11-16] (Sierra Wireless Inc.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-12-09] (BitDefender S.R.L.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [977024 2009-08-25] (Vimicro Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva-6.sys [43888 2014-08-15] (Cisco Systems, Inc.)
R3 vvftav323; C:\Windows\System32\drivers\vvftav323.sys [475136 2007-03-19] (Vimicro Corporation)
R3 WISDPen; C:\Windows\System32\DRIVERS\wisdpen.sys [36648 2009-08-24] (Wacom Technology)
S3 FscBapi; system32\DRIVERS\FscBapi.sys [X]
S3 OemF0211; system32\DRIVERS\OemF0211.sys [X]
S3 SWUMX20; system32\DRIVERS\swumx20.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-18 08:47 - 2016-04-18 08:48 - 00033204 _____ C:\Users\Sascha\Desktop\FRST.txt
2016-04-18 08:47 - 2016-04-18 08:47 - 00000000 ____D C:\FRST
2016-04-18 08:42 - 2016-04-18 08:42 - 01726464 _____ (Farbar) C:\Users\Sascha\Desktop\FRST.exe
2016-04-17 22:41 - 2016-04-17 22:41 - 00001892 _____ C:\Users\Sascha\Desktop\Ad-Aware_Report_Full_Manual_2016-04-17T22-30-36.318465.xml
2016-04-16 16:08 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-16 16:08 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-16 16:08 - 2016-03-31 02:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-16 16:08 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-16 16:08 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-16 16:08 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-16 16:08 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-16 16:08 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-16 16:08 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-16 16:08 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-16 16:08 - 2016-03-31 01:45 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-16 16:08 - 2016-03-31 01:41 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-16 16:08 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-16 16:08 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-16 16:08 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-16 16:08 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-16 16:08 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-16 16:08 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-16 16:08 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-16 16:08 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-16 16:08 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-16 16:08 - 2016-03-31 01:23 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-16 16:08 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-16 16:08 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-16 16:08 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-16 16:08 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-16 16:07 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-16 16:07 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-16 16:07 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-16 16:07 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-16 16:07 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-16 16:07 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-16 16:07 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-16 16:07 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-16 16:07 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-16 16:07 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-16 13:44 - 2016-04-16 13:44 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Lavasoft
2016-04-16 13:10 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-04-16 13:10 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-16 13:10 - 2016-03-18 00:36 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-16 13:10 - 2016-03-18 00:36 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-16 13:10 - 2016-03-18 00:33 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-16 13:10 - 2016-03-18 00:30 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-16 13:10 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-16 13:10 - 2016-03-18 00:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-16 13:10 - 2016-03-18 00:30 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-16 13:10 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-16 13:10 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-16 13:10 - 2016-03-18 00:29 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-16 13:10 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-16 13:10 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-16 13:10 - 2016-03-18 00:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-16 13:10 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-16 13:10 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-16 13:10 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-16 13:10 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-16 13:10 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-16 13:10 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-16 13:10 - 2016-03-18 00:26 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-16 13:10 - 2016-03-18 00:26 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-16 13:10 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-16 13:10 - 2016-03-18 00:26 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-16 13:10 - 2016-03-18 00:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-16 13:10 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-16 13:10 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-16 13:10 - 2016-03-17 23:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-16 13:10 - 2016-03-17 23:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-16 13:10 - 2016-03-17 23:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-16 13:10 - 2016-03-17 23:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-16 13:10 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-16 13:10 - 2016-03-17 23:36 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-16 13:10 - 2016-03-17 23:35 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-16 13:10 - 2016-03-17 23:30 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-16 13:10 - 2016-03-17 23:30 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-16 13:10 - 2016-03-17 23:30 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-16 13:10 - 2016-03-17 23:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-16 13:10 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-16 13:10 - 2016-03-17 23:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-16 13:10 - 2016-03-17 23:29 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-16 13:10 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-16 13:10 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-16 13:10 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-16 13:10 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-16 13:08 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-16 13:08 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-16 13:04 - 2016-03-29 19:35 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-16 13:03 - 2016-04-16 13:03 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\LavasoftStatistics
2016-04-16 13:03 - 2016-04-16 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-04-16 13:03 - 2016-04-16 13:03 - 00000000 ____D C:\Program Files\Lavasoft
2016-04-16 13:02 - 2016-04-16 13:02 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2016-04-16 13:01 - 2016-04-16 13:01 - 00000000 ____D C:\ProgramData\Lavasoft
2016-04-16 12:58 - 2016-04-16 12:58 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-15 01:24 - 2016-03-16 01:53 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-15 01:24 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-14 00:18 - 2016-04-14 00:18 - 01695703 _____ C:\Users\Sascha\Desktop\1366_269-13.pdf
2016-04-12 21:36 - 2016-04-13 09:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-11 17:02 - 2016-04-11 17:02 - 61815001 _____ C:\Users\Sascha\Desktop\d9722cf018848242e0bb565de93b5dc1.mp4
2016-04-11 16:46 - 2016-04-16 13:52 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\IDM
2016-04-11 16:46 - 2016-04-11 16:46 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-04-11 16:46 - 2016-04-11 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-04-11 16:42 - 2016-04-11 16:42 - 00000000 ____D C:\Users\Sascha\Desktop\IDM_6.25_Build_14_Fix_exe___Serials
2016-04-10 22:08 - 2016-04-10 22:08 - 00000000 ____D C:\php
2016-04-10 22:07 - 2016-04-10 22:07 - 21790696 _____ C:\Users\Sascha\Desktop\php-7.0.5-nts-Win32-VC14-x86.zip
2016-04-05 11:47 - 2016-03-25 20:36 - 00034024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-05 11:47 - 2016-03-25 20:25 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-05 11:47 - 2016-03-23 16:02 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-05 11:47 - 2016-03-23 16:02 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-05 11:47 - 2016-03-17 20:04 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-05 11:47 - 2016-03-17 20:04 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-05 11:47 - 2016-03-17 20:04 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-05 11:47 - 2016-03-17 20:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-05 11:47 - 2016-02-02 20:48 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-05 11:47 - 2016-02-01 21:02 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-04-05 11:47 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-04-05 11:47 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-04-05 11:47 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-04-05 11:47 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-04-05 11:47 - 2016-02-01 20:44 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-04-05 11:47 - 2016-01-21 02:51 - 00057280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-05 11:46 - 2016-02-05 20:44 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-05 11:46 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-04-05 11:46 - 2015-06-03 22:22 - 00355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-04-05 11:33 - 2016-04-05 11:33 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-03-24 16:38 - 2016-03-24 16:38 - 00000000 ____D C:\Program Files\Common Files\Java
2016-03-24 12:48 - 2016-03-24 12:48 - 01474560 _____ C:\Users\Sascha\Desktop\vmscsi-1.2.0.4.flp
2016-03-24 12:12 - 2016-04-12 00:27 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\VMware
2016-03-24 12:12 - 2016-04-10 22:31 - 00000000 ____D C:\Users\Sascha\AppData\Local\VMware
2016-03-24 12:03 - 2016-04-12 00:33 - 00000000 ____D C:\ProgramData\VMware
2016-03-24 12:03 - 2016-04-12 00:33 - 00000000 ____D C:\Program Files\Common Files\VMware
2016-03-23 23:44 - 2016-03-23 23:44 - 00000000 ____D C:\ProgramData\Dell
2016-03-23 20:27 - 2009-07-21 01:48 - 00485920 _____ (NVIDIA Corporation) C:\Windows\system32\NVUNINST.EXE
2016-03-23 19:17 - 2016-04-18 08:19 - 00000000 ____D C:\Users\Sascha\Desktop\VMware-convertercd-4.1.1-206170
2016-03-22 14:04 - 2016-03-22 14:04 - 00000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-03-22 14:04 - 2016-03-22 14:04 - 00000877 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-03-22 13:09 - 2016-03-22 13:22 - 345040098 _____ C:\Users\Sascha\Downloads\Weka.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-18 08:39 - 2014-01-17 19:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-18 08:24 - 2015-09-25 22:13 - 00000000 ____D C:\Users\Sascha\Desktop\Family
2016-04-18 08:22 - 2015-09-25 22:06 - 00000000 ____D C:\Users\Sascha\Desktop\Rechnungen + Reisen
2016-04-18 08:22 - 2009-07-14 06:34 - 00022048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-18 08:22 - 2009-07-14 06:34 - 00022048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-18 08:21 - 2015-11-17 00:21 - 00000000 ____D C:\Users\Sascha\Desktop\Work
2016-04-18 08:21 - 2015-06-08 13:52 - 00000000 ____D C:\Users\Sascha\Desktop\Uni
2016-04-18 08:17 - 2015-08-30 21:27 - 00323261 _____ C:\Users\Sascha\AppData\Local\Snip.txt
2016-04-18 08:12 - 2015-10-28 12:47 - 00215388 _____ C:\Users\Sascha\AppData\Local\SnipUsages.txt
2016-04-18 08:11 - 2013-10-14 14:47 - 00000000 ____D C:\Users\Sascha\.rainlendar2
2016-04-18 08:11 - 2013-06-11 17:55 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\WTablet
2016-04-18 08:10 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-18 00:01 - 2015-06-16 09:50 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2186534646-70022557-530426099-1000UA.job
2016-04-17 23:46 - 2013-06-06 11:18 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Skype
2016-04-17 11:48 - 2011-04-12 03:30 - 00699342 _____ C:\Windows\system32\perfh007.dat
2016-04-17 11:48 - 2011-04-12 03:30 - 00149450 _____ C:\Windows\system32\perfc007.dat
2016-04-17 11:48 - 2010-11-20 23:01 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-17 11:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-04-17 11:42 - 2009-07-14 06:33 - 00489496 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-17 01:26 - 2015-01-26 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-04-16 14:27 - 2013-07-12 10:44 - 00000000 ____D C:\Windows\system32\MRT
2016-04-16 14:13 - 2013-06-06 00:10 - 132539272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-16 14:08 - 2013-06-30 12:32 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\DMCache
2016-04-16 12:59 - 2013-07-01 21:54 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Dropbox
2016-04-15 01:16 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-13 10:01 - 2015-06-16 09:50 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2186534646-70022557-530426099-1000Core.job
2016-04-13 09:49 - 2013-07-03 07:24 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-13 01:57 - 2013-07-01 11:41 - 00000000 ____D C:\Users\Sascha\.VirtualBox
2016-04-13 00:32 - 2013-06-30 12:32 - 00000000 ____D C:\Users\Sascha\Downloads\Video
2016-04-13 00:16 - 2013-06-06 18:37 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\vlc
2016-04-12 00:38 - 2013-06-06 22:30 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\DAEMON Tools Lite
2016-04-11 23:01 - 2013-06-06 23:55 - 00000000 ____D C:\Windows\pss
2016-04-11 22:32 - 2013-06-06 21:32 - 01952155 _____ C:\Users\Sascha\DesktopStCenter.txt
2016-04-11 15:43 - 2015-06-27 11:11 - 00036218 _____ C:\Users\Sascha\Desktop\Geld zurück Aktionen_stand 27.06.xlsx
2016-04-11 15:36 - 2015-08-30 21:27 - 00000000 ____D C:\Users\Sascha\Documents\My Snips
2016-04-11 14:44 - 2013-06-12 09:04 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Nitro PDF
2016-04-11 14:17 - 2013-06-06 09:33 - 00000000 ____D C:\Users\Sascha\AppData\Local\Deployment
2016-04-11 13:09 - 2015-06-24 01:12 - 00000000 ____D C:\Users\Sascha\Desktop\Coupons&Aktionen
2016-04-10 13:37 - 2013-06-08 11:02 - 00000000 ____D C:\Users\Sascha\Desktop\scan
2016-04-10 10:15 - 2016-02-04 15:18 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Kodi
2016-04-08 21:39 - 2013-12-15 14:28 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-08 21:39 - 2013-12-15 14:28 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-07 19:39 - 2016-02-05 23:13 - 00000405 ____H C:\Users\Sascha\.swfinfo
2016-04-05 13:30 - 2015-04-21 10:03 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-05 11:34 - 2013-06-06 11:18 - 00000000 ____D C:\ProgramData\Skype
2016-04-05 11:33 - 2015-12-30 23:11 - 00000000 ___RD C:\Program Files\Skype
2016-03-26 15:32 - 2016-03-16 11:03 - 00000000 ____D C:\Users\Sascha\Desktop\qipu
2016-03-24 16:47 - 2013-12-14 00:43 - 00000000 ____D C:\ProgramData\Oracle
2016-03-24 16:46 - 2016-01-16 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-24 16:46 - 2014-10-30 19:08 - 00000000 ____D C:\Program Files\Java
2016-03-24 16:38 - 2016-01-16 16:02 - 00000000 ____D C:\Users\Sascha\.oracle_jre_usage
2016-03-24 16:37 - 2016-01-16 16:02 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-03-24 01:32 - 2014-08-25 09:55 - 00000628 __RSH C:\ProgramData\ntuser.pol
2016-03-24 01:10 - 2013-06-10 14:56 - 00000000 ____D C:\WTablet
2016-03-23 22:30 - 2014-11-01 10:48 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-23 19:08 - 2014-11-29 16:00 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-23 19:03 - 2013-06-06 09:01 - 00134600 _____ C:\Users\Sascha\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-22 14:05 - 2014-12-18 23:13 - 00000000 ____D C:\Program Files\TeamViewer
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-06-06 09:02 - 2015-08-02 20:47 - 0003540 _____ () C:\Users\Sascha\AppData\Roaming\FjMenu1.XML
2006-12-11 20:13 - 2006-12-11 20:13 - 0097336 _____ (Un4seen Developments) C:\Users\Sascha\AppData\Local\bass.dll
2006-12-11 20:13 - 2006-12-11 20:13 - 0013872 _____ (Un4seen Developments) C:\Users\Sascha\AppData\Local\basscd.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 0102912 _____ (Albert L Faber) C:\Users\Sascha\AppData\Local\CDRip.dll
2014-06-26 10:04 - 2014-06-26 10:04 - 0003909 ____H () C:\Users\Sascha\AppData\Local\cimiekki.ini
2014-05-09 13:42 - 2016-01-04 02:42 - 0001194 _____ () C:\Users\Sascha\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2013-07-11 22:09 - 2013-07-11 22:19 - 0004608 _____ () C:\Users\Sascha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-01 18:54 - 2013-12-01 18:57 - 0004096 ____H () C:\Users\Sascha\AppData\Local\keyfile3.drm
2007-08-13 18:46 - 2007-08-13 18:46 - 0155136 _____ () C:\Users\Sascha\AppData\Local\lame_enc.dll
2007-01-18 22:09 - 2007-01-18 22:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Sascha\AppData\Local\No23 Recorder.exe
2005-08-23 23:34 - 2005-08-23 23:34 - 0029184 _____ () C:\Users\Sascha\AppData\Local\no23xwrapper.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0015872 _____ () C:\Users\Sascha\AppData\Local\ogg.dll
2013-12-22 21:37 - 2013-12-22 21:37 - 0001448 _____ () C:\Users\Sascha\AppData\Local\RecConfig.xml
2015-10-01 15:04 - 2015-10-01 15:04 - 0002112 _____ () C:\Users\Sascha\AppData\Local\recently-used.xbel
2015-08-30 21:27 - 2016-04-18 08:17 - 0323261 _____ () C:\Users\Sascha\AppData\Local\Snip.txt
2015-10-28 12:47 - 2016-04-18 08:12 - 0215388 _____ () C:\Users\Sascha\AppData\Local\SnipUsages.txt
2014-11-03 17:03 - 2014-12-01 21:58 - 0000000 _____ () C:\Users\Sascha\AppData\Local\Temptable.xml
2006-10-26 02:06 - 2006-10-26 02:06 - 0143872 _____ () C:\Users\Sascha\AppData\Local\vorbis.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0064000 _____ () C:\Users\Sascha\AppData\Local\vorbisenc.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0019456 _____ () C:\Users\Sascha\AppData\Local\vorbisfile.dll
2013-07-01 18:12 - 2013-09-14 14:26 - 0006947 _____ () C:\ProgramData\hpzinstall.log
2014-10-07 23:13 - 2014-10-07 23:13 - 0000095 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
C:\Users\IWB\AppData\Local\Temp\avgnt.exe
C:\Users\Sascha\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-07 10:09
==================== Ende vom FRST.txt ============================
Geändert von goro11 (18.04.2016 um 09:08 Uhr) Grund: Rechtscheibung/Kommasetzung :shame: |
|
18.04.2016, 09:05
| #2 |
| | Mehrere Viren/Trojaner vorallem unter "C:\Windows\Temp\" und hier noch die Addition.txt (hat leider nicht alles in den OP gepasst).
__________________Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:17-04-2016
durchgeführt von Sascha (2016-04-18 08:49:53)
Gestartet von C:\Users\Sascha\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-06-05 20:58:13)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2186534646-70022557-530426099-500 - Administrator - Disabled)
Gast (S-1-5-21-2186534646-70022557-530426099-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2186534646-70022557-530426099-1004 - Limited - Enabled)
IWB (S-1-5-21-2186534646-70022557-530426099-1003 - Administrator - Enabled) => C:\Users\IWB
Sascha (S-1-5-21-2186534646-70022557-530426099-1000 - Administrator - Enabled) => C:\Users\Sascha
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Disabled - Out of date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Ad-Aware Antivirus (Disabled - Out of date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ActivDriver x86 v5.9 (HKLM\...\{3B9BDF03-96EA-424C-9413-45D80C5B2F08}) (Version: 5.9.22 - Promethean)
ActivInspire Core Resources (DEU) v1 (HKLM\...\{06C9F624-9F53-4C89-9720-1601A295769A}) (Version: 1.6.3 - Promethean)
ActivInspire Help (DEU) v1 (HKLM\...\{B18A62F5-296F-4BC4-B8DD-A9FB16EE9106}) (Version: 1.6.3 - Promethean)
ActivInspire HWR Resources (DEU) v1 (HKLM\...\{CB2158F5-B05D-41BF-B8F8-05A85695BA4E}) (Version: 1.7.1 - Promethean)
ActivInspire v2 (HKLM\...\{84007E42-A06F-4FFE-90D2-85F82CB48615}) (Version: 2.4.66096 - Promethean)
Ad-Aware Antivirus (HKLM\...\{A6E2BA31-F8AF-4DD0-806D-B884D8DDBBAD}_AdAwareUpdater) (Version: 11.10.767.8917 - Lavasoft)
AdAwareInstaller (Version: 11.10.767.8917 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.10.767.8917 - Lavasoft) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.05 - Adobe Systems)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v3.00 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Android USB Driver (HKLM\...\Z5 Android USB Driver_is1) (Version: - )
Angry Birds (HKLM\...\{370CA4B0-A1D8-4863-A3C5-6879AEE1663A}) (Version: 3.0.0 - Rovio)
Angry Birds Rio (HKLM\...\{0D637670-BC00-4FAC-8E00-518EB7F65091}) (Version: 1.4.4 - Rovio)
Angry Birds Seasons (HKLM\...\{A0CDDE99-D170-426F-917E-B2E51EB3B78F}) (Version: 3.2.0 - Rovio Entertainment Ltd.)
Angry Birds Space (HKLM\...\{561AA971-37EB-4D63-9FB9-810B663B5CC7}) (Version: 1.4.1 - Rovio)
Angry Birds Star Wars (HKLM\...\{C336AA55-BBA3-4908-886F-25CF6D302D13}) (Version: 1.2.0 - Rovio Entertainment Ltd.)
AntimalwareEngine (Version: 3.0.99.0 - Lavasoft) Hidden
AnVir Task Manager (HKLM\...\AnVir Task Manager) (Version: - AnVir Software)
Any Video Converter 5.5.1 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Ashampoo Photo Optimizer 4 v.4.0.3 (HKLM\...\Ashampoo Photo Optimizer 4_is1) (Version: 4.0.3 - Ashampoo GmbH & Co. KG)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AuthenTec Fingerprint Software (HKLM\...\{6B99AF03-2668-4572-BD3D-8C7A5D103065}) (Version: 8.5.1.28 - Ihr Firmenname)
AuthenTec WinBio FingerPrint Software 32-bit (HKLM\...\{580C9CA9-9293-470F-8762-2925A2B3D4B7}) (Version: 3.4.4.1027 - AuthenTec, Inc.)
Avira Professional Security (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.16.208 - Avira Operations GmbH & Co. KG)
Bad Piggies (HKLM\...\{9577B943-AEDD-462A-AF22-5F55BB3BFB1D}) (Version: 1.1.0.0 - Rovio)
Bluetooth Feature Pack 5.0 (HKLM\...\{0439D13F-C7CD-458A-90DE-44135CBD40B8}) (Version: 5.0.13 - CSR Plc.)
Bouquet Wizard (HKLM\...\BouquetWizard) (Version: - )
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.18.8 - Broadcom Corporation)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4380 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
C4380_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{8C31E86B-2A66-40E8-BF47-32A25D65DB12}) (Version: 1.15.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Chipcardmaster 7.11 (HKLM\...\Chipcardmaster_is1) (Version: - Dr. Olaf Jacobsen)
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.1.08005 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 4.1.08005 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citavi 4 (HKLM\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
Crazy Machines - Neue Herausforderungen (HKLM\...\{294EF51E-1453-4F42-8792-77DBFB47D0EC}) (Version: 1.12 - FAKT Software GmbH)
Crazy Machines - Neues aus dem Labor (HKLM\...\{BFF2D920-80F2-46E9-8246-79A20BB9D8B2}) (Version: 1.20 - FAKT Software GmbH)
Crazy Machines (HKLM\...\{8E6A3B40-DCE3-47D9-835B-FE1AD9C083D0}) (Version: 1.0 - FAKT Software GmbH)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
dboxTV v4.0.0.0 (HKLM\...\dboxTV_is1) (Version: - DsChAeK)
DeskUpdate (HKLM\...\DeskUpdate_is1) (Version: 4.15.0144 - Fujitsu Technology Solutions)
DeskViewClient (HKLM\...\{EF1A6D76-8DEB-4C50-88C5-7204D8817C8F}) (Version: 6.55.0093 - Fujitsu Technology Solutions)
Dexpot (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\Dexpot) (Version: 1.6.10 - Dexpot GbR)
Dkill95 (HKLM\...\Dkill95) (Version: - )
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
DVD Identifier (HKLM\...\DVD Identifier_is1) (Version: 5.2.0 - Kris Schoofs)
eBeam Capture 2.4.4.11 (HKLM\...\eBeamCapture_is1) (Version: 2.4.4.11 - Luidia, Inc.)
eBeam Device Service 2.5.0.9 (HKLM\...\eBeamDeviceService_is1) (Version: 2.5.0.9 - Luidia, Inc.)
eBeam Education Suite 2.5.0.9 (HKLM\...\eBeamInteract_is1) (Version: 2.5.0.9 - Luidia, Inc.)
Extended Asian Language font pack for Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)
Fujitsu Button Utilities (HKLM\...\{207E8B60-07D2-4B7F-97FE-0DA448606861}) (Version: 7.02.0722.2009 - Fujitsu Computer Systems Corporation)
Fujitsu Display Manager (HKLM\...\InstallShield_{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.200 - Ihr Firmenname)
Fujitsu Display Manager (Version: 7.00.20.200 - Ihr Firmenname) Hidden
Fujitsu Hotkey Utility (HKLM\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (Version: 3.60.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM\...\InstallShield_{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.00.000 - Ihr Firmenname)
Fujitsu MobilityCenter Extension Utility (Version: 3.00.00.000 - Ihr Firmenname) Hidden
Fujitsu System Extension Utility (HKLM\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.1.0.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.1.0.0 - FUJITSU LIMITED) Hidden
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
HashTab 5.2.0.14 (HKLM\...\HashTab) (Version: 5.2.0.14 - Implbits Software)
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart Appliance Printer Driver Software 8.0.D (HKLM\...\{596A8F65-C705-4e68-B85E-CE0B45490712}) (Version: 8.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.28.01 - Hyperionics Technology LLC)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.2 - Intel)
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version: - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM\...\{b56d9ff6-9167-47a4-8563-554f20201871}) (Version: 15.8.0 - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kodi (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\Kodi) (Version: - XBMC-Foundation)
Langenscheidt Grammatiktrainer 6.0 Englisch (HKLM\...\Grammatiktrainer 6.0 Englisch) (Version: 01.00.00.00 - Langenscheidt)
Langenscheidt Grammatiktrainer 6.0 Italienisch (HKLM\...\Grammatiktrainer 6.0 Italienisch) (Version: 01.00.00.00 - Langenscheidt)
Langenscheidt Grammatiktrainer 6.0 Spanisch (HKLM\...\Grammatiktrainer 6.0 Spanisch) (Version: 01.00.00.00 - Langenscheidt)
Langenscheidt Kurs 1 6.0 Englisch (HKLM\...\Kurs 1 6.0 Englisch) (Version: 01.00.00.00 - Langenscheidt)
Langenscheidt Kurs 2 6.0 Englisch (HKLM\...\Kurs 2 6.0 Englisch) (Version: 01.00.00.00 - Langenscheidt)
Langenscheidt Kurs 2 6.0 Italienisch (HKLM\...\Kurs 2 6.0 Italienisch) (Version: 01.00.00.00 - Langenscheidt)
Langenscheidt Kurs 2 6.0 Spanisch (HKLM\...\Kurs 2 6.0 Spanisch) (Version: 01.00.00.00 - Langenscheidt)
Langenscheidt Kurs 6.0 Italienisch (HKLM\...\Kurs 6.0 Italienisch) (Version: 01.00.00.00 - Langenscheidt)
Langenscheidt Kurs 6.0 Spanisch (HKLM\...\Kurs 6.0 Spanisch) (Version: 01.00.00.00 - Langenscheidt)
Langenscheidt Vokabeltrainer 6.0 Englisch (HKLM\...\{67F91DB9-1958-4328-869C-032415F04AD1}) (Version: 6.0.21 - Langenscheidt)
Langenscheidt Vokabeltrainer 6.0 Italienisch (HKLM\...\{39DFF58C-ECB7-4317-BC1E-C567ABDBE31C}) (Version: 6.0.21 - Langenscheidt)
Langenscheidt Vokabeltrainer 6.0 Spanisch (HKLM\...\{C2FFB8DE-7713-4A56-8EFA-C9126955BFDD}) (Version: 6.0.21 - Langenscheidt)
LenovoUsbDriver 1.0.4 (HKLM\...\LenovoUsbDriver) (Version: 1.0.4 - Lenovo)
lingDIALOG (HKLM\...\InstallShield_{071B843C-9A39-40B3-BB01-BBD6A8D2E1C5}) (Version: 3.0908 - WEVOSYS)
lingDIALOG (Version: 3.0908 - WEVOSYS) Hidden
LinuxLive USB Creator (HKLM\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
LSI V92 MOH Application (HKLM\...\LTMOH) (Version: - LSI Corporation)
MakeMKV v1.8.6 (HKLM\...\MakeMKV) (Version: v1.8.6 - GuinpinSoft inc)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MATLAB R2014a (HKLM\...\Matlab R2014a) (Version: 8.3 - The MathWorks, Inc.)
MediaManager (HKLM\...\MediaManager) (Version: - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.1.3 (HKLM\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
Mozilla Firefox 45.0.2 (x86 de) (HKLM\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyScript Stylus 2.6 (HKLM\...\MyScript Stylus_is1) (Version: 2.6.0.11 - Vision Objects)
MyScript Stylus Shared Files (HKLM\...\{FCB95BA2-F685-48D0-AB04-C88E79133B75}) (Version: 1.0.0 - Vision Objects)
NAVIGON Fresh 3.5.1 (HKLM\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nitro Pro 8 (HKLM\...\{024201B6-AE55-4A53-B17C-00D4906990F8}) (Version: 8.5.4.11 - Nitro)
Nitro Pro 9 (HKLM\...\{0E4D0DAF-ADE8-45E3-8B1B-2AFD78BCB064}) (Version: 9.0.4.5 - Nitro)
Nmap 6.46 (HKLM\...\Nmap) (Version: - )
No23 Recorder (HKLM\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Noten-Manager 7.1 (HKLM\...\{3697BA5C-3C7E-436C-A783-677160B31B9F}) (Version: 1.0.0 - schule_kranz)
Novacomd (HKLM\...\{BA9A297F-0198-4EE8-90CB-F5036C180E1D}) (Version: 1.0.0.76 - Palm, Inc.)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - )
O2Micro Flash Memory Card Windows Driver (HKLM\...\InstallShield_{469ED3E8-D21E-40E8-B00F-63516D26FAE3}) (Version: 3.00.0006 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.00.0006 - O2Micro International LTD.) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera 12.16 (HKLM\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Oracle VM VirtualBox 4.2.14 (HKLM\...\{F56A55E8-F340-484B-83A5-39C440F0407C}) (Version: 4.2.14 - Oracle Corporation)
Origin (HKLM\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OZ711 SCR Driver (HKLM\...\InstallShield_{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}) (Version: 3.0.1.6D - O2Micro)
OZ711 SCR Driver (Version: 3.0.1.6D - O2Micro) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Power Saving Utility (HKLM\...\InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version: 31.00.11.006 - FUJITSU LIMITED)
Power Saving Utility (Version: 31.00.11.006 - FUJITSU LIMITED) Hidden
Protector Suite 2012 (HKLM\...\{C767056D-3CE2-442D-BC78-F05E94F450D0}) (Version: 5.9.8.7279 - Authentec Inc.)
PS_AIO_02_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PSPad editor (HKLM\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
psynetic® Gif-X 3.00 (HKLM\...\psynetic® Gif-X) (Version: 3.00 - Robert Mundt)
Python 2.7 lxml-3.3.5 (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\lxml-py2.7) (Version: - )
Python 2.7.8 (HKLM\...\{61121B12-88BD-4261-A6EE-AB32610A56DD}) (Version: 2.7.8150 - Python Software Foundation)
QIP 2012 4.0.9340 (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\QIP 2012) (Version: 4.0.9340 - )
QIP Infium 3.0.9044 (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\QIP Infium) (Version: 3.0.9044 - )
QIP Internet Guardian (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\QipGuard) (Version: - )
Rainlendar2 (remove only) (HKLM\...\Rainlendar2) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden
Sandboxie 4.16 (32-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Secure Download Manager (HKLM\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Security Panel (HKLM\...\InstallShield_{45CA9B23-5EF8-43AA-9851-E9E062BF0147}) (Version: 2.1.0.0 - FUJITSU LIMITED)
Security Panel Application (Version: 2.1.0.0 - FUJITSU LIMITED) Hidden
Security Panel Application for Supervisor (Version: 2.1.0.0 - FUJITSU LIMITED) Hidden
Security Panel for Supervisor (HKLM\...\InstallShield_{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.1.0.0 - FUJITSU LIMITED)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
Shock Sensor Utility (HKLM\...\InstallShield_{827517C3-9B89-458E-A8F2-96DD24BDFE29}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Shock Sensor Utility (HKLM\...\InstallShield_{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}) (Version: 4.00.01.000 - Ihr Firmenname)
Shock Sensor Utility (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Shock Sensor Utility (Version: 4.00.01.000 - Ihr Firmenname) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sierra Wireless AirCard Watcher (HKLM\...\{CE619CFC-F5C0-43CC-AA66-BEDDA623CCA1}) (Version: 6.0.2849.0001 - Sierra Wireless Inc.)
SimpleTV 0.4.6 r (HKLM\...\{290A2821-B1F8-4565-B49A-25F349A5B5CB}_is1) (Version: - SergeyVS)
Skype™ 7.21 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SlimDrivers (HKLM\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
SMART Ink (HKLM\...\{FC69B741-DC56-4591-97A2-A6BA211B7E76}) (Version: 2.2.589.1 - SMART Technologies ULC)
SMART Notebook (HKLM\...\{84579080-E961-4DE7-93AB-5E2B81A96387}) (Version: 14.1.843.0 - SMART Technologies ULC)
SMART Produkttreiber (HKLM\...\{890680EC-2F88-47F0-970C-593081E62593}) (Version: 11.6.428.0 - SMART Technologies ULC)
SmartPack 1.19.0 (HKLM\...\PlexUtil) (Version: 1.19.0 - PLDS)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
Snip (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\{525d439e-e22a-4221-8fd1-25b845fe0038}) (Version: 0.1.5119.0 - Microsoft Corporation)
Snip (Version: 0.1.5119.0 - Microsoft) Hidden
SolidWorks 2014 German Resources (Version: 22.120.40 - SolidWorks Corporation) Hidden
SolidWorks 2014 SP02 (HKLM\...\SolidWorks Installation Manager 20140-40200-1100-200) (Version: 22.2.0.40 - SolidWorks Corporation)
SolidWorks 2014 SP02 (Version: 22.120.40 - SolidWorks) Hidden
SolidWorks Composer Player 2014 SP02 (Version: 22.20.40 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 SP02 (Version: 14.2.116 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Flow Simulation 2014 SP02 (Version: 22.20.41 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2014 SP02 (Version: 22.20.40 - SolidWorks Corporation) Hidden
Sony Ericsson PC Companion 1.60.13 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 1.60.13 - Sony Ericsson)
SopCast 3.5.0 (HKLM\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
Stifttablett (HKLM\...\Pen Tablet Driver) (Version: 5.1.1.11 - Wacom Technology Corp.)
SuperEasy Driver Updater v.1.1.1 (HKLM\...\{039BC111-D60F-A6FF-85F4-7992EA886B8D}_is1) (Version: 1.1.1 - SuperEasy Software GmbH & Co. KG)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.6.1 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
The Video Diary (HKLM\...\The Video Diary) (Version: 1.1 - www.TheVideoDiary.com)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torrent Stream 2.0.8.11.1 (HKU\S-1-5-21-2186534646-70022557-530426099-1000\...\TorrentStream) (Version: 2.0.8.11.1 - Torrent Stream)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Transfer Utility (HKLM\...\{0ECE15AC-CB68-40EC-B70D-1B220717844C}) (Version: 1.00.012 - PIXELA)
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
URL Snooper v2.35.02 (HKLM\...\URLSnooper 2_is1) (Version: - DonationCoder.com)
USB2.0 Digital Camera (HKLM\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 1.8.1224.01 - Vimicro Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6000 - Broadcom Corporation)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) (HKLM\...\332CCC08910F1AE2E4D90D25DEDE87E3EF797832) (Version: 10/09/2009 1.0.1 - Palm)
Windows-Treiberpaket - Fujitsu America, Inc. (FjBtnDrv) HIDClass (08/27/2009 4.2.0827.2009) (HKLM\...\F02860D720F53C6FCD75A013226E3E82F54FAB68) (Version: 08/27/2009 4.2.0827.2009 - Fujitsu America, Inc.)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (12/06/2010 4.0.0000.00000) (HKLM\...\76F6B4A696B8C9A7ACFF01D4E1D6EF2D974C3E67) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.)
Windows-Treiberpaket - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Windows-Treiberpaket - MediaTek Inc. (usbser) Ports (09/01/2011 2.0.1136.0) (HKLM\...\32DC281B7E359EA3D16ECC7D98609F6A592B981D) (Version: 09/01/2011 2.0.1136.0 - MediaTek Inc.)
Windows-Treiberpaket - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
Windows-Treiberpaket - MediaTek Inc. Net (07/14/2011 1.1129.00) (HKLM\...\8BC3CF920AF63C7AEF78B82D1C60D94704FB95CD) (Version: 07/14/2011 1.1129.00 - MediaTek Inc.)
Windows-Treiberpaket - Microsoft (WUDFRd) WPD (02/22/2006 5.2.5326.4762) (HKLM\...\B77DDB8A5697AAF5DA4E4859E53C301B877DD206) (Version: 02/22/2006 5.2.5326.4762 - Microsoft)
WinHTTrack Website Copier 3.48-21 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Selector (HKLM\...\InstallShield_{51202133-E0F9-4314-ACA4-AACBA46A6C69}) (Version: 4.00.00.100 - FUJITSU LIMITED)
Wireless Selector (Version: 4.00.00.100 - FUJITSU LIMITED) Hidden
XYplorer 13.40 (HKLM\...\XYplorer) (Version: 13.40 - Donald Lessau)
YouTube PowerPoint (HKLM\...\{496B5310-3EEB-4412-B3CC-0D013AB916CC}) (Version: 2.0.0 - PPTAlchemy)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> D:\OpenOffice\INSTALLATION\program\shlxthdl\shlxthdl.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Sascha\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{28E3B95D-371D-42D5-A276-8A3EE70100FD}\InprocServer32 -> C:\Users\Sascha\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Sascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> D:\OpenOffice\INSTALLATION\program\soffice.exe -nodefault -nologo => Keine Datei
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> D:\OpenOffice\INSTALLATION\program\shlxthdl\shlxthdl.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> D:\OpenOffice\INSTALLATION\program\shlxthdl\shlxthdl.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> D:\OpenOffice\INSTALLATION\program\shlxthdl\ooofilt.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> D:\OpenOffice\INSTALLATION\program\soffice.exe -nodefault -nologo => Keine Datei
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Sascha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Sascha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> D:\OpenOffice\INSTALLATION\program\shlxthdl\propertyhdl.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Sascha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Sascha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> D:\OpenOffice\INSTALLATION\program\shlxthdl\shlxthdl.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> D:\OpenOffice\INSTALLATION\program\soffice.exe -nodefault -nologo => Keine Datei
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> D:\OpenOffice\INSTALLATION\program\soffice.exe -nodefault -nologo => Keine Datei
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> D:\OpenOffice\INSTALLATION\program\soffice.exe -nodefault -nologo => Keine Datei
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2186534646-70022557-530426099-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Sascha\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03531F76-EDF1-402D-BAA0-D324555F9BDC} - System32\Tasks\Schnellstart => Rundll32.exe powrprof.dll,SetSuspendState Hibernate
Task: {431FBC2C-0EF4-4E5F-A693-4FD93D052F2E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2186534646-70022557-530426099-1000Core => C:\Users\Sascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {68AC8C81-D4EF-4001-87B2-FFC607A59D33} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {A332F39B-AF1E-4B60-AAF5-E55D2084D584} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {A7255C0B-70B2-4860-AA79-660C24543C40} - System32\Tasks\Fujitsu\DeskUpdate => C:\Program Files\Fujitsu\DeskUpdate\ducmd.exe [2015-06-15] (Fujitsu Technology Solutions)
Task: {C88E4571-AFD3-45A3-A0F5-DABF9E6CDDE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-16] (Google Inc.)
Task: {DBFC2214-B439-4573-B475-BF34B04460FA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2186534646-70022557-530426099-1000UA => C:\Users\Sascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {F0C6B1B3-9A5F-44A3-88A7-E7FC1FE4C4CA} - System32\Tasks\MATLAB R2014a Startup Accelerator => E:\Program Files\MATLAB\R2014a\bin\win32\MATLABStartupAccelerator.exe [2014-01-29] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2186534646-70022557-530426099-1000Core.job => C:\Users\Sascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2186534646-70022557-530426099-1000UA.job => C:\Users\Sascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job => E:\Program Files\MATLAB\R2014a\bin\win32\MATLABStartupAccelerator.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{07CCC520-5524-4F5E-AEB1-296B99396CD2}.job => C:\Windows\system32\msfeedssync.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Sascha\Desktop\Sonstiges\Synaptics Neustart.bat - Verknüpfung.lnk -> C:\Users\Sascha\Desktop\Sonstiges\Synaptics Neustart.bat ()
Shortcut: C:\Users\Sascha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Synaptics Neustart.bat - Verknüpfung.lnk -> C:\Users\Sascha\Desktop\Sonstiges\Synaptics Neustart.bat ()
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-11-03 12:21 - 2015-11-03 12:21 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-01-28 16:47 - 2016-01-28 16:47 - 02595576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareShellExtension.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 02372816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\RCF.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_filesystem-vc120-mt-1_57.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00023296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_system-vc120-mt-1_57.dll
2013-06-10 11:02 - 2009-11-16 20:31 - 00069632 _____ () C:\Program Files\PSPad editor\PSPadShell.dll
2016-01-28 16:44 - 2016-01-28 16:44 - 00659872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
2016-01-28 16:47 - 2016-01-28 16:47 - 00047368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_date_time-vc120-mt-1_57.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 08872184 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareServiceKernel.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00634624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_regex-vc120-mt-1_57.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00089344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_thread-vc120-mt-1_57.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00032000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_chrono-vc120-mt-1_57.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 00783088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareActivation.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 00452864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareApplicationUpdater.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 00679664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareGamingMode.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00084712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareReset.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00102624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTime.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 00821504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareDefinitionsUpdater.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 00729872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareDefinitionsUpdaterScheduler.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 00897264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareIgnoreList.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00205552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareQuarantine.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 01274624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiMalwareEngine.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 00169728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiRootkitEngine.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00902392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScannerHistory.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 01082088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScanner.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00032512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_timer-vc120-mt-1_57.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00812280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScannerScheduler.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00940288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareRealTimeProtection.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 02081528 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareIncompatibles.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 01188584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiSpam.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 01143536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiPhishing.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 02519288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareParentalControl.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 02806008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareWebProtection.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 01045752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareEmailProtection.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00048392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_iostreams-vc120-mt-1_57.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 01477376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareNetworkProtection.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00825576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwarePromo.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 00377576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareFeedback.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 02280192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareThreatWorkAlliance.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 01062120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwarePinCode.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00827112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareNotice.dll
2016-01-28 16:46 - 2016-01-28 16:46 - 01252080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAvcEngine.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00955664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareRealTimeProtectionHistory.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00424176 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareStatistics.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 08007392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe
2016-01-28 16:47 - 2016-01-28 16:47 - 00386816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_locale-vc120-mt-1_57.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 01731304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\HtmlFramework.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00867576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTrayDefaultSkin.dll
2013-03-10 19:58 - 2013-03-10 19:58 - 02598496 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2012-05-16 21:01 - 2012-05-16 21:01 - 00140800 _____ () C:\Program Files\Rainlendar2\lua52.dll
2013-03-10 19:59 - 2013-03-10 19:59 - 00215648 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 15:22 - 2012-06-17 15:22 - 00012800 _____ () C:\Program Files\Rainlendar2\lfs.dll
2013-06-05 23:57 - 2008-04-28 07:32 - 00647168 _____ () C:\Windows\system32\vmprp331.ax
2016-04-16 12:57 - 2016-03-21 23:50 - 00034768 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-04-16 12:57 - 2016-03-21 23:51 - 00019408 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-04-16 12:57 - 2016-03-21 23:50 - 00116688 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-04-16 12:57 - 2016-03-21 23:50 - 00093640 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-04-16 12:57 - 2016-03-21 23:50 - 00018376 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\select.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00019760 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00105928 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-04-16 12:57 - 2016-03-21 23:50 - 00392144 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-04-16 12:57 - 2016-04-08 20:20 - 00381752 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-04-16 12:57 - 2016-03-21 23:50 - 00692688 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-04-16 12:57 - 2016-04-08 20:19 - 00020816 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-04-16 12:57 - 2016-03-21 23:51 - 00112592 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-04-16 12:57 - 2016-04-08 20:19 - 01682760 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-04-16 12:57 - 2016-04-08 20:19 - 00020808 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00021840 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-16 12:57 - 2016-04-08 20:19 - 00038696 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00020936 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00024528 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00114640 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00124880 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00021832 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00175560 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00030160 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00043472 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00028616 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00048592 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-04-16 12:57 - 2016-04-08 20:19 - 00026456 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00057808 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-04-16 12:57 - 2016-04-08 20:19 - 00117056 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00023376 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-16 12:57 - 2016-03-21 23:50 - 00134608 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-04-16 12:57 - 2016-03-21 23:50 - 00134088 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-04-16 12:57 - 2016-03-21 23:51 - 00240584 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-04-16 12:57 - 2016-04-08 20:19 - 00024392 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00036296 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\librsync.dll
2016-04-16 12:57 - 2016-04-08 20:19 - 00052024 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00021824 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00019776 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-04-16 12:57 - 2016-04-08 20:19 - 00020280 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-04-16 12:57 - 2016-03-21 23:52 - 00350152 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00022352 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-04-16 12:57 - 2016-04-08 20:19 - 00084280 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-04-16 12:57 - 2016-04-08 20:20 - 01826096 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-04-16 12:57 - 2016-03-21 23:51 - 00083912 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\sip.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 03928880 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 01971504 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00531248 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00132912 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00223544 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00207672 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00158008 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00042808 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-04-16 12:57 - 2016-03-21 23:54 - 00017864 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-04-16 12:57 - 2016-03-21 23:54 - 01631184 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-04-16 12:57 - 2016-04-08 20:20 - 00546096 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-04-16 12:57 - 2016-04-08 20:20 - 00357680 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-04-16 12:57 - 2016-03-21 23:56 - 00697304 _____ () C:\Users\Sascha\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2008-10-09 10:25 - 2008-10-09 10:25 - 00062760 _____ () C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences [514]
AlternateDataStreams: C:\Users\Sascha\Documents\SPSS:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2014-09-10 18:25 - 2014-11-04 23:21 - 00001974 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com127.0.0.1 tonec.com
127.0.0.1 www.tonec.com127.0.0.1 internetdownloadmanager.com127.0.0.1 star.tonec.com
184.173.188.107 localhost 127.0.0.1 home.sopserv.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2186534646-70022557-530426099-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FRITZ!DSL Startcenter.lnk => C:\Windows\pss\FRITZ!DSL Startcenter.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks 2014 Schnellstart.lnk => C:\Windows\pss\SolidWorks 2014 Schnellstart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Sascha^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FRITZ!DSL Protect.lnk => C:\Windows\pss\FRITZ!DSL Protect.lnk.Startup
MSCONFIG\startupreg: ActivManager => C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AVMUSBFernanschluss => "C:\Users\Sascha\AppData\Local\Apps\2.0\LLAXTKYE.MD6\OQP2CGHO.J48\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LtMoh => C:\Program Files\ltmoh\Ltmoh.exe
MSCONFIG\startupreg: QIP Internet Guardian => C:\Users\Sascha\AppData\Roaming\QipGuard\QipGuard.exe /p
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: sbsdk-server => "C:\Program Files\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe"
MSCONFIG\startupreg: SMART Board Service => "C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe" -d
MSCONFIG\startupreg: SMART Floating Tools => "C:\Program Files\SMART Technologies\Education Software\FloatingTools.exe"
MSCONFIG\startupreg: SMART Ink => "C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe" -a
MSCONFIG\startupreg: SMART Tray Tools => "C:\Program Files\SMART Technologies\Education Software\SMARTSystemMenu.exe"
MSCONFIG\startupreg: SMARTNotification => "C:\Program Files\SMART Technologies\Education Software\SMARTNotification.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A83C87B6-9C47-4329-A981-313B7B553DE4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{245525EE-8D2C-4455-9B8F-AB60362FA866}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F1CB6BE8-635C-444E-AE96-A2E46AB81277}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [{2C1EB595-8602-4EE9-8D7E-61EB61AEF740}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [{8D98E885-2D75-4487-AE44-DF580D4977CE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7F27EEF5-AC05-489D-BBB7-CE0D21F3AED9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{ED3AE3F5-B686-4C72-8349-E0522F73E6D6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{757F737F-676D-4FA5-9B05-82023E1930B5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{527D3E2B-6D36-4533-8010-7E6E8EDA3A3F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{C0DC2148-E407-499E-94CA-355DFCA61F87}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{641F97BA-D8B3-438C-8FAF-8312D118C44E}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{842EDFE3-C585-4F3F-B1B6-4783E1D8EB29}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{42818F63-DA5A-4B37-8093-A1FD74DF2624}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{FD0B82AD-7ED6-4393-9AD3-1CA9441AFE44}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{9A132DC9-71FF-4828-8E1D-36FEDB948A54}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{A4111A70-377C-4BAE-9F9D-0B800E22CA8A}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{8B3C1031-8B28-44DA-B884-A725AC8C72A7}] => (Allow) C:\Users\Sascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A32F2FD6-22B2-41C9-ABB3-4873F9197A33}] => (Allow) C:\Users\Sascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BDBDEA11-B09F-4E5B-A132-6C59EC8923BA}] => (Allow) C:\Users\Sascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F14909D0-1813-40A0-A08F-3595689F7D9A}] => (Allow) C:\Users\Sascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{923120DE-F6E0-4684-AAE1-8BD4BC4AE6F7}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [{74226C5C-1393-4DC5-B5CA-77BC76604BC0}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [{9CADDBC4-A5F0-4C1B-AC05-8B773BBDE4A8}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B9298326-F53C-494C-854F-B740A552A642}] => (Allow) E:\Program Files\Steam\Steam.exe
FirewallRules: [{D127F059-E7D2-4535-9AEF-CC127E8A3CE9}] => (Allow) E:\Program Files\Steam\Steam.exe
FirewallRules: [{707F581C-EC89-4558-8571-F047E168334F}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{93941037-1AC9-4C7A-AC45-357FBF5F0A15}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{66A42203-55E6-4F88-B32C-6A881C9B768F}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{D19E6BF9-2484-44DF-B2E4-ACC256D7C0EB}] => (Allow) C:\Program Files\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{2299909A-DF84-444A-B595-AC255F6BD843}] => (Allow) C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{FD5C8F3B-ADF7-4C31-955D-AE743F24077B}] => (Allow) C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{92A5C3E4-08B8-4AF5-B661-C65BDB2C274B}] => (Allow) C:\Program Files\SMART Technologies\Education Software\Notebook.exe
FirewallRules: [{1AC759F0-EFEC-441F-ADD7-F6C87593A8A3}] => (Allow) C:\Program Files\SMART Technologies\Education Software\Notebook.exe
FirewallRules: [{13C4DDC3-1D66-4029-90B9-23A89E36BC5B}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{B85DE4CD-FEF0-472B-B9C4-06905561C7E4}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{F24756D4-F4BB-40CA-892C-90DB818FA866}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{2937378E-6C9E-43B3-9444-E6C675FB999F}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{361A70E2-63E2-4EB6-9128-4518D860275B}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{AB8FE976-A1C3-4E9D-9597-24788DB0698F}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{F70BDE79-70B2-49DB-B3E5-98D0D4E5C078}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{66AC216C-92FE-404D-971C-E5200C2A3ED4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{303EC7BE-8463-495C-985E-1C10D8ACA5B2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{F312D27E-AA80-4C2F-ADFD-F45DC45CFD63}] => (Allow) C:\Users\Sascha\AppData\Local\Apps\2.0\LLAXTKYE.MD6\OQP2CGHO.J48\frit..tion_1acae14e4778b8d2_0002.0003_60014d656f6786b9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{7EEBA0E5-7AF5-4440-B832-AAA61F4540A8}] => (Allow) C:\Users\Sascha\AppData\Local\Apps\2.0\LLAXTKYE.MD6\OQP2CGHO.J48\frit..tion_1acae14e4778b8d2_0002.0003_60014d656f6786b9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{E419D278-7C82-436E-9F21-C6ECF689FD2F}] => (Allow) C:\Users\Sascha\AppData\Local\Apps\2.0\LLAXTKYE.MD6\OQP2CGHO.J48\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{1354F72F-CACF-4F26-856E-7B0F8B948875}] => (Allow) C:\Users\Sascha\AppData\Local\Apps\2.0\LLAXTKYE.MD6\OQP2CGHO.J48\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{9892A008-27C3-492C-8EA2-2E31704CB3E0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AE5593C2-C283-454A-9317-D6CE20CDB0FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8A6FB239-06FC-4976-93F2-BB37F710D243}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{925717CE-0A4F-47DF-850E-EA3A35067E9E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{B60ECD7B-936F-45D7-BE29-C089964D0BF2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CD055597-24CE-47BF-B98F-64934E30BCE7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
StandardProfile\AuthorizedApplications: [C:\Users\Sascha\AppData\Local\Temp\RarSFX0\SwiApiMux.exe] => Enabled:SwiApiMux
StandardProfile\AuthorizedApplications: [C:\Program Files\Sierra Wireless Inc\3G Watcher2\TRUUpdater.exe] => C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe:*:Enabled:TRUUpdater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: SMART Virtual TabletPC
Description: SMART Virtual TabletPC
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: SMART Technologies ULC
Service: SMARTVTabletPCx86
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart C4380 series
Description: Photosmart C4380 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart C4380 series
Description: Photosmart C4380 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet 9100 series
Description: Officejet 9100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: hewlett-packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet 9100 series
Description: Officejet 9100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: hewlett-packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet 9100 series
Description: Officejet 9100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: hewlett-packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet 9100 series
Description: Officejet 9100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: hewlett-packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/18/2016 08:12:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/17/2016 11:42:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/16/2016 03:52:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/16/2016 12:48:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/15/2016 01:17:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/14/2016 10:43:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/14/2016 09:55:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/14/2016 08:52:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/14/2016 08:51:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AtService.exe, Version: 8.5.1.28, Zeitstempel: 0x4a73b035
Name des fehlerhaften Moduls: AtService.exe, Version: 8.5.1.28, Zeitstempel: 0x4a73b035
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00021b26
ID des fehlerhaften Prozesses: 0x31c
Startzeit der fehlerhaften Anwendung: 0xAtService.exe0
Pfad der fehlerhaften Anwendung: AtService.exe1
Pfad des fehlerhaften Moduls: AtService.exe2
Berichtskennung: AtService.exe3
Error: (04/13/2016 11:01:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (04/18/2016 12:17:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst UNS erreicht.
Error: (04/17/2016 11:46:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
Error: (04/17/2016 11:43:06 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Die Smartcard konnte nicht zurückgesetzt werden.O2Micro PCMCIA Reader 0POWER01 00 00 00
Error: (04/16/2016 11:53:13 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Die Smartcard konnte nicht zurückgesetzt werden.O2Micro PCMCIA Reader 0POWER01 00 00 00
Error: (04/16/2016 10:49:02 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Die Smartcard konnte nicht zurückgesetzt werden.O2Micro PCMCIA Reader 0POWER01 00 00 00
Error: (04/16/2016 09:25:37 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Die Smartcard konnte nicht zurückgesetzt werden.O2Micro PCMCIA Reader 0POWER01 00 00 00
Error: (04/16/2016 08:09:55 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (04/16/2016 08:09:55 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (04/16/2016 07:17:52 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Die Smartcard konnte nicht zurückgesetzt werden.O2Micro PCMCIA Reader 0POWER01 00 00 00
Error: (04/16/2016 07:14:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
Prozentuale Nutzung des RAM: 53%
Installierter physikalischer RAM: 3023.87 MB
Verfügbarer physikalischer RAM: 1396.72 MB
Summe virtueller Speicher: 6046.07 MB
Verfügbarer virtueller Speicher: 3856.34 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:142.23 GB) (Free:50.31 GB) NTFS
Drive d: () (Fixed) (Total:323.43 GB) (Free:247.63 GB) NTFS
Drive e: (DATA) (Fixed) (Total:232.88 GB) (Free:3.03 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 43ED5D1E)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 97CAB5A0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=142.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=323.4 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
Geändert von goro11 (18.04.2016 um 09:16 Uhr) |
|
20.04.2016, 13:17
| #3 | ||
| /// Malwareteam   | Mehrere Viren/Trojaner vorallem unter "C:\Windows\Temp\" Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Nein bin nur ich diesmal  Aber: Zitat:
Mehrere Anti-Virus-Programme Code:
ATTFilter Avira
Ad-Aware Antivirus
Spybot - Search and Destroy
Zitat:
Avira, meine Güte - wenn du es gekauft hast selber schuld  Wenn du das gemacht hast: Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________ |
Hast du noch irgendwelche Probleme mit deinem Rechner? 
Linear-Darstellung
