werde ask.gen nicht los

# AdwCleaner v5.201 - Bericht erstellt am 12/07/2016 um 10:53:29
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-06-30.2 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Bernhard - BERNHARD-PC
# Gestartet von : C:\Users\Bernhard\Desktop\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst gelöscht : sp_rsdrv2

***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
[-] Ordner gelöscht : C:\Users\Bernhard\AppData\Local\FileViewPro
[-] Ordner gelöscht : C:\Users\Bernhard\AppData\Roaming\Yahoo!\Companion
[-] Ordner gelöscht : C:\Users\Admin\AppData\Roaming\Yahoo!\Companion
[-] Ordner gelöscht : C:\Program Files\FileViewPro

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejnmnhkgiphcaeefbaooconkceehicfi_0.localstorage
[-] Datei gelöscht : C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
[-] Schlüssel gelöscht : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel gelöscht : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Yahoo\YFriendsBar
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\OCS
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Yahoo\YFriendsBar
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Conduit
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\OCS
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Solvusoft
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\systweak
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\Conduit
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Conduit
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Solvusoft
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\systweak
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Conduit
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes\{1BD434D9-3938-4222-82CA-9131A398E177}
[-] Schlüssel gelöscht : HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{1BD434D9-3938-4222-82CA-9131A398E177}

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [7019 Bytes] - [12/07/2016 10:53:29]
C:\AdwCleaner\AdwCleaner[R0].txt - [23284 Bytes] - [27/09/2013 07:55:44]
C:\AdwCleaner\AdwCleaner[R1].txt - [5349 Bytes] - [17/12/2013 13:19:34]
C:\AdwCleaner\AdwCleaner[R2].txt - [1534 Bytes] - [17/12/2013 13:35:15]
C:\AdwCleaner\AdwCleaner[R3].txt - [1594 Bytes] - [19/12/2013 16:26:13]
C:\AdwCleaner\AdwCleaner[R4].txt - [2994 Bytes] - [02/02/2014 17:40:43]
C:\AdwCleaner\AdwCleaner[R5].txt - [1775 Bytes] - [02/02/2014 18:59:06]
C:\AdwCleaner\AdwCleaner[R6].txt - [1895 Bytes] - [02/02/2014 19:10:50]
C:\AdwCleaner\AdwCleaner[R7].txt - [2906 Bytes] - [15/03/2014 15:14:02]
C:\AdwCleaner\AdwCleaner[R8].txt - [5862 Bytes] - [11/09/2014 19:45:46]
C:\AdwCleaner\AdwCleaner[R9].txt - [3487 Bytes] - [31/12/2014 08:45:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [21390 Bytes] - [27/09/2013 07:57:12]
C:\AdwCleaner\AdwCleaner[S1].txt - [13329 Bytes] - [17/12/2013 13:21:12]
C:\AdwCleaner\AdwCleaner[S2].txt - [3055 Bytes] - [02/02/2014 18:39:42]
C:\AdwCleaner\AdwCleaner[S3].txt - [1836 Bytes] - [02/02/2014 19:01:41]
C:\AdwCleaner\AdwCleaner[S4].txt - [1956 Bytes] - [02/02/2014 19:13:31]
C:\AdwCleaner\AdwCleaner[S5].txt - [2977 Bytes] - [15/03/2014 20:04:35]
C:\AdwCleaner\AdwCleaner[S6].txt - [5767 Bytes] - [11/09/2014 19:51:42]
C:\AdwCleaner\AdwCleaner[S7].txt - [3441 Bytes] - [31/12/2014 08:50:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8409 Bytes] ##########
         

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Bernhard (Administrator) on 12.07.2016 at 11:11:50,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 1 

Successfully deleted: HKLM\Software\Google\Chrome\Extensions\chgdeabpmphfhkoemjjglmilajldekbp (Registry Key) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.07.2016 at 11:14:42,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
durchgeführt von Bernhard (Administrator) auf BERNHARD-PC (12-07-2016 11:37:22)
Gestartet von C:\Users\Bernhard\Desktop
Geladene Profile: Bernhard & _pcwelt_backup_ez_ (Verfügbare Profile: Bernhard & Admin & _supereasy_backup_ & _pcwelt_backup_ez_)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
() C:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Program Files\PC-WELT Backup Easy\bin\oxHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2884880 2012-02-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe [100864 2014-02-25] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS14 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe [17920 2014-02-25] (Steganos Software GmbH)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Player\DelayPluginI.exe [1960008 2014-09-19] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [] => [X]
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [SSS14 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe [70656 2014-02-25] (Steganos Software GmbH)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Google Update] => "C:\Users\Bernhard\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [BRAVIS-{DC0F6114-52CD-420E-BAEB-ECC5BFB0B110}] => "C:\Users\Bernhard\Downloads\bravis.exe" --autostart
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [] => [X]
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD)
ShellIconOverlayIdentifiers: [  00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers: [  00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers: [  00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers: [  00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  Keine Datei
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2014-12-10] (O&O Software GmbH)
ShellIconOverlayIdentifiers-x32: [  00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers-x32: [  00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers-x32: [  00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
ShellIconOverlayIdentifiers-x32: [  00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll [2015-05-19] (Bitrix Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-09-25] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDD6BC44-B98E-44E0-BFF0-D8BE66E39A8A}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - Keine Datei
URLSearchHook: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (Kein Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-09-16] (RealDownloader)
BHO: Kein Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-09-16] (RealDownloader)
BHO-x32: Wondershare Player 1.6.0 -> {43D9786F-A485-683B-9B5B-ACC97ABC17FC} -> C:\ProgramData\Wondershare\Player\WSBrowserAppMgr.dll [2014-09-19] (Wondershare)
BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRIEPlugin.dll [2012-09-28] (Wondershare Software Co., Ltd.)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension -> {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll [2013-10-15] (Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-07-08] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-08] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - Perfect Print 7 - {F723BF1C-C826-44B0-A8E2-28BBA1C5D201} - C:\Program Files (x86)\soft Xpansion\Perfect Print 7 Express\ieagent64.dll [2013-12-23] (soft Xpansion)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar64.dll [2013-07-17] (Steganos Software GmbH)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar.dll [2014-02-25] (Steganos Software GmbH)
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} -  Keine Datei
Toolbar: HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525
FF Homepage: hxxp://gmx.net/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-26] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll [2014-11-11] (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-26] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll [2014-11-11] (Musicnotes, Inc.)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll [2008-02-22] ()
FF Plugin-x32: @real.com/nppl3260;version=18.1.0.1236 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-10-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.0.1236 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-10-16] (RealTimes)
FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\soft Xpansion\np-sxpdf.dll [2013-12-23] (soft-Xpansion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll [2013-10-15] (Nuance Communications Inc.)
FF Plugin HKU\S-1-5-21-4070342091-3793343965-3738386277-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Bernhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-05-15] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-01-03] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-01-03] (RealPlayer)
FF Extension: ColorZilla - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016-02-17]
FF Extension: NoScript - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-08]
FF Extension: Save as PDF - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2016-04-27]
FF Extension: Print Edit - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\extensions\printedit@DW-dev.xpi [2016-05-22]
FF Extension: Simple Popup Blocker - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\@simplepopupblocker.xpi [2016-06-27]
FF Extension: colorPicker - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\colorPicker@colorPicker.xpi [2016-04-27]
FF Extension: Awesome screenshot: Capture and Annotate - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-02-17]
FF Extension: Text to PDF file - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\jid1-JobPqtvtwG9w0A@jetpack.xpi [2016-01-23]
FF Extension: Video DownloadHelper - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-06-06]
FF Extension: Adblock Plus - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\fhpxd3ex.default-1439673744525\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3 [2016-04-16] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb
FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-10-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [Player@Wondershare.com] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com
FF Extension: Wondershare Player - C:\ProgramData\Wondershare\Player\Player@Wondershare.com [2016-06-28] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb
FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-26]
CHR Extension: (Google Drive) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-26]
CHR Extension: (YouTube) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-26]
CHR Extension: (Adblock Plus) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-09-27]
CHR Extension: (Google-Suche) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-26]
CHR Extension: (SpeedTao Download Helper) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\eifpflhplblejfpibogcnnepoldboioh [2013-09-27]
CHR Extension: (Unifinder New Tab) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggpcleoagckefcmekcbgdhhmcfcdofhj [2014-07-03]
CHR Extension: (RealDownloader) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-13]
CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2014-04-13]
CHR Extension: (Norton Identity Protection) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-04-07]
CHR Extension: (Ghostery) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-03-02]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07]
CHR Extension: (Google Mail) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ggpcleoagckefcmekcbgdhhmcfcdofhj] - C:\Users\Bernhard\AppData\Local\adStartPage\unifinder.crx [2014-07-03]
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2013-10-15]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE [172344 2014-08-16] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-19] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
S4 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2013-05-02] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert]
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [Datei ist nicht signiert]
S3 GSService; C:\Windows\SysWOW64\GSService.exe [443080 2013-12-16] ()
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 Net Driver HPZ12; C:\WINDOWS\SYSTEM32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7704312 2014-12-10] (O&O Software GmbH)
R2 pcwelt_backup_ez; c:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe [23880 2015-11-12] ()
S2 Pml Driver HPZ12; C:\WINDOWS\SYSTEM32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [122368 2012-10-21] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [Datei ist nicht signiert]
S3 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-09-16] ()
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1103656 2015-10-16] (RealNetworks, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt) [Datei ist nicht signiert]
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [253264 2010-09-30] ()
S2 updatesvca; C:\Windows\system32\updatesvca.dll [209920 2013-03-04] (Digital Dynamic) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-19] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [Datei ist nicht signiert]
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-04-24] (AnchorFree Inc.)
S3 leawo_vad; C:\Windows\System32\drivers\leawo_vad.sys [33048 2013-05-21] (Shenzhen Moyea Software)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2014-12-10] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2014-12-10] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2014-12-10] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2014-12-10] (O&O Software GmbH)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [32536 2013-01-28] ()
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt.com)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [12400 1999-10-13] (Microsoft Corporation) [Datei ist nicht signiert]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-12 11:06 - 2016-07-12 11:16 - 00000000 ____D C:\Users\Bernhard\Desktop\ADW Cleaner und JRT
2016-07-12 10:59 - 2016-07-12 10:59 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Steganos
2016-07-12 10:41 - 2016-07-12 10:41 - 01610560 _____ (Malwarebytes) C:\Users\Bernhard\Desktop\JRT.exe
2016-07-12 10:40 - 2016-07-12 10:40 - 03712064 _____ C:\Users\Bernhard\Desktop\AdwCleaner_5.201.exe
2016-07-11 15:12 - 2016-07-11 15:12 - 00000000 ____D C:\Users\Bernhard\Desktop\FRST-OlderVersion
2016-07-09 09:49 - 2016-07-09 09:50 - 00000000 ____D C:\Users\Bernhard\Desktop\Malwarebytes
2016-07-09 08:37 - 2016-07-09 08:37 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Bernhard\Desktop\tdsskiller.exe
2016-07-09 08:12 - 2016-07-12 11:34 - 00000000 ____D C:\Users\Bernhard\Desktop\Trojanerboard
2016-07-09 08:12 - 2016-07-11 15:12 - 02390528 _____ (Farbar) C:\Users\Bernhard\Desktop\FRST64.exe
2016-07-09 08:07 - 2016-07-09 08:07 - 00000000 ____D C:\Users\Bernhard\Downloads\Trojanerboard
2016-07-08 14:24 - 2016-07-08 14:24 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-07-08 14:23 - 2016-07-08 14:23 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-06 01:15 - 2016-07-06 01:15 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Audacity
2016-07-06 01:14 - 2016-07-06 01:14 - 00001015 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-07-06 01:03 - 2016-07-06 01:03 - 00000000 ____D C:\Program Files (x86)\FFmpeg for Audacity
2016-07-06 00:59 - 2016-07-06 01:00 - 09957947 _____ ( ) C:\Users\Bernhard\Downloads\ffmpeg-win-2.2.2.exe
2016-07-06 00:53 - 2016-07-06 00:53 - 26496761 _____ (Audacity Team ) C:\Users\Bernhard\Downloads\audacity-win-2.1.2.exe
2016-07-06 00:48 - 2016-07-06 01:21 - 00000000 ____D C:\Users\Bernhard\Desktop\17 Test
2016-07-06 00:48 - 2016-07-06 00:48 - 00000000 ____D C:\Users\Bernhard\Desktop\Neuer Ordner
2016-07-05 07:55 - 2016-07-05 07:56 - 00000000 ____D C:\Users\Bernhard\Desktop\Audac
2016-07-04 16:24 - 2016-07-04 17:05 - 00000000 ____D C:\Users\Bernhard\Desktop\Musik Utto
2016-06-28 20:40 - 2016-07-04 16:23 - 00000000 ____D C:\ProgramData\Wondershare Player
2016-06-28 20:40 - 2014-09-19 16:46 - 00941992 _____ C:\Windows\SysWOW64\WPShellExt64.dll
2016-06-28 18:36 - 2016-06-28 18:36 - 00001142 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-27 09:35 - 2015-03-12 11:10 - 00096328 _____ (Wondershare Software) C:\Windows\system32\WSMonEditor.dll
2016-06-27 09:34 - 2016-06-27 09:34 - 00001191 _____ C:\Users\Public\Desktop\Wondershare PDFelement.lnk
2016-06-27 09:34 - 2016-06-27 09:34 - 00000000 ____D C:\ProgramData\PDFEditor
2016-06-26 19:57 - 2016-06-26 19:59 - 00000000 ____D C:\Users\Bernhard\Desktop\LL
2016-06-12 10:42 - 2016-06-27 00:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-12 11:37 - 2014-09-15 11:18 - 00036489 _____ C:\Users\Bernhard\Desktop\FRST.txt
2016-07-12 11:37 - 2013-09-25 09:44 - 00000000 ____D C:\FRST
2016-07-12 11:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-12 11:14 - 2014-03-15 20:34 - 00000668 _____ C:\Users\Bernhard\Desktop\JRT.txt
2016-07-12 11:10 - 2012-05-03 10:21 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\SoftGrid Client
2016-07-12 11:09 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-12 11:09 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-12 11:07 - 2016-05-11 00:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-12 10:57 - 2016-05-11 00:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-12 10:56 - 2013-01-15 03:52 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-07-12 10:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-12 10:53 - 2013-09-27 07:55 - 00000000 ____D C:\AdwCleaner
2016-07-12 10:53 - 2012-12-08 23:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Yahoo!
2016-07-12 10:53 - 2012-11-29 10:29 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Yahoo!
2016-07-11 15:13 - 2014-09-15 11:19 - 00063161 _____ C:\Users\Bernhard\Desktop\Addition.txt
2016-07-09 09:14 - 2014-08-22 15:05 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-09 08:10 - 2012-07-25 15:02 - 00074752 ___SH C:\Users\Bernhard\Thumbs.db
2016-07-09 08:04 - 2013-06-25 09:09 - 00000000 ____D C:\Users\Bernhard\Desktop\Aktenschrank
2016-07-09 08:01 - 2014-09-21 21:14 - 00000000 ____D C:\Users\Bernhard\Desktop\Coaches
2016-07-09 07:46 - 2012-09-24 19:37 - 00000000 ____D C:\Users\Bernhard\Desktop\PC
2016-07-08 14:55 - 2013-01-17 21:50 - 00000000 ____D C:\Program Files\Java
2016-07-08 14:54 - 2014-11-14 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-08 14:24 - 2015-09-01 19:07 - 00000000 ____D C:\Users\Bernhard\.oracle_jre_usage
2016-07-08 14:19 - 2015-02-14 18:08 - 00738368 _____ (Oracle Corporation) C:\Users\Bernhard\Downloads\jxpiinstall.exe
2016-07-07 07:21 - 2012-09-11 20:34 - 00000000 ____D C:\Users\Bernhard\Desktop\Maria
2016-07-06 01:20 - 2012-11-29 10:37 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Audacity
2016-07-06 01:15 - 2014-01-11 11:19 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-07-06 01:14 - 2014-01-11 11:19 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-07-06 00:43 - 2015-11-11 19:21 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Free
2016-07-05 07:49 - 2015-11-11 19:25 - 00000000 ____D C:\ProgramData\xml_param
2016-07-04 17:18 - 2013-05-10 15:06 - 00000000 ____D C:\Users\Bernhard\AppData\Local\CrashDumps
2016-07-03 15:43 - 2012-02-21 20:50 - 00700134 _____ C:\Windows\system32\perfh007.dat
2016-07-03 15:43 - 2012-02-21 20:50 - 00149984 _____ C:\Windows\system32\perfc007.dat
2016-07-03 15:43 - 2009-07-14 07:13 - 01622300 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-03 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-30 16:19 - 2012-10-04 12:09 - 00000000 ____D C:\Users\Bernhard\Desktop\Löschen
2016-06-30 15:25 - 2013-02-22 20:29 - 00000000 ____D C:\Users\Bernhard\Desktop\WordPress Homepageerstellung
2016-06-28 21:31 - 2013-10-26 10:54 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-28 20:41 - 2013-09-02 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-06-28 20:40 - 2014-03-15 09:05 - 00000000 ____D C:\ProgramData\Wondershare
2016-06-28 20:40 - 2013-09-02 16:34 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-06-28 18:36 - 2016-05-19 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-27 09:35 - 2013-12-11 09:23 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Wondershare
2016-06-27 00:46 - 2015-11-12 11:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-27 00:46 - 2013-03-19 17:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-26 19:59 - 2015-11-12 11:25 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-26 19:59 - 2015-07-08 21:16 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-26 19:59 - 2015-07-08 21:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-26 19:59 - 2014-06-23 22:13 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Adobe
2016-06-21 02:00 - 2016-01-30 21:42 - 00000000 ____D C:\Users\Bernhard\Desktop\SD Card 2016
2016-06-21 01:58 - 2014-07-23 07:37 - 00000000 ____D C:\Users\Bernhard\Desktop\Micro SDs

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-03-11 21:32 - 2016-04-07 12:21 - 0000138 _____ () C:\Users\Bernhard\AppData\Roaming\Camdata.ini
2013-03-11 21:32 - 2016-04-07 12:21 - 0000408 _____ () C:\Users\Bernhard\AppData\Roaming\CamLayout.ini
2013-03-11 21:32 - 2016-04-07 12:21 - 0000408 _____ () C:\Users\Bernhard\AppData\Roaming\CamShapes.ini
2013-03-11 21:32 - 2016-04-07 12:21 - 0004582 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.cfg
2013-03-11 21:29 - 2013-12-15 21:52 - 0000098 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.command
2013-03-11 21:30 - 2013-12-15 21:53 - 0000000 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.Data.ini
2013-03-11 21:30 - 2013-12-15 21:53 - 0001206 _____ () C:\Users\Bernhard\AppData\Roaming\CamStudio.Producer.ini
2014-08-22 15:06 - 2014-08-22 15:06 - 0000054 _____ () C:\Users\Bernhard\AppData\Roaming\mbam.context.scan
2013-10-11 12:09 - 2013-10-11 12:10 - 0003759 _____ () C:\Users\Bernhard\AppData\Roaming\moyea_dia.log
2014-03-27 15:47 - 2016-01-08 15:02 - 0002795 _____ () C:\Users\Bernhard\AppData\Roaming\SAS7_000.DAT
2013-01-28 09:37 - 2013-01-28 09:37 - 0001181 _____ () C:\Users\Bernhard\AppData\Roaming\trace_FilterInstaller.txt
2013-01-28 09:37 - 2013-01-28 09:37 - 0000000 _____ () C:\Users\Bernhard\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-01-09 02:52 - 2014-01-09 04:00 - 0000096 _____ () C:\Users\Bernhard\AppData\Roaming\version2.xml
2013-12-25 12:24 - 2016-05-15 13:24 - 0015360 _____ () C:\Users\Bernhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-20 01:54 - 2014-01-18 13:47 - 0001495 _____ () C:\Users\Bernhard\AppData\Local\RecConfig.xml
2016-02-24 20:56 - 2016-02-24 20:56 - 0004352 _____ () C:\Users\Bernhard\AppData\Local\recently-used.xbel
2013-10-20 23:05 - 2014-07-07 18:13 - 0007602 _____ () C:\Users\Bernhard\AppData\Local\resmon.resmoncfg
2012-05-03 10:47 - 2012-05-03 10:47 - 0017408 _____ () C:\Users\Bernhard\AppData\Local\WebpageIcons.db
2015-08-14 21:23 - 2015-08-14 21:23 - 0000000 _____ () C:\Users\Bernhard\AppData\Local\{C50C67DE-E4BE-41E2-92F4-4BF1EED6D1D0}
2012-11-29 10:22 - 2016-03-15 00:17 - 0002858 _____ () C:\ProgramData\hpzinstall.log
2015-12-16 03:03 - 2015-12-16 03:03 - 0005078 _____ () C:\ProgramData\mzemgkrx.fuc

Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Bernhard\AppData\Local\Temp\avgnt.exe
C:\Users\Bernhard\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Bernhard\AppData\Local\Temp\libeay32.dll
C:\Users\Bernhard\AppData\Local\Temp\msvcr120.dll
C:\Users\Bernhard\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Bernhard\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Bernhard\AppData\Local\Temp\sqlite3.dll
C:\Users\Bernhard\AppData\Local\Temp\_is82B7.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-28 21:42

==================== Ende von FRST.txt ============================
         

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
durchgeführt von Bernhard (2016-07-12 11:38:09)
Gestartet von C:\Users\Bernhard\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-05-03 08:02:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Admin (S-1-5-21-4070342091-3793343965-3738386277-1003 - Limited - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-4070342091-3793343965-3738386277-500 - Administrator - Disabled)
Bernhard (S-1-5-21-4070342091-3793343965-3738386277-1000 - Administrator - Enabled) => C:\Users\Bernhard
Gast (S-1-5-21-4070342091-3793343965-3738386277-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4070342091-3793343965-3738386277-1002 - Limited - Enabled)
_pcwelt_backup_ez_ (S-1-5-21-4070342091-3793343965-3738386277-1009 - Administrator - Enabled) => C:\Users\_pcwelt_backup_ez_
_supereasy_backup_ (S-1-5-21-4070342091-3793343965-3738386277-1008 - Administrator - Enabled) => C:\Users\_supereasy_backup_

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
4500_G510gm_Help (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Amazon Kindle (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Amazon Kindle) (Version:  - Amazon)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
AnVir Task Manager (HKLM-x32\...\AnVir Task Manager) (Version:  - AnVir Software)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 5 (HKLM-x32\...\{5863B6EF-76D0-4FF8-AA2F-EEBE7CC49DAA}) (Version:  - ArcSoft)
ArcSoft VideoImpression 2 (HKLM-x32\...\{5339885F-4597-4343-BD3B-74280CC79424}) (Version:  - ArcSoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audials (HKLM-x32\...\{85B5CB65-2AC3-4C1C-A950-B20DE5520C79}) (Version: 10.2.19305.500 - Audials AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!Box Monitor (HKLM-x32\...\AVMFBoxMonitor) (Version:  - AVM Berlin)
Biet-O-Matic v2.14.10 (HKLM-x32\...\Biet-O-Matic v2.14.10) (Version: 2.14.10 - BOM Development Team)
Bitrix24 for Windows (HKLM-x32\...\Bitrix24) (Version: 3.4.31.31 - Bitrix, Inc)
BrainWave Generator (HKLM-x32\...\BrainWave Generator) (Version:  - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
ColorPage-SF600  (HKLM-x32\...\{A5505456-B9C3-43DA-A588-F6947422C134}) (Version: V4.3.0 - )
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2219 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarkWave Studio 4.0.9 (HKLM-x32\...\DarkWave Studio) (Version: 4.0.9 - ExperimentalScene)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.80 - DivX, LLC)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
f4 2012 (HKLM-x32\...\f42012) (Version:  - audiotranskription.de)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.15.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.15.0.2 - Tim Kosse)
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Google Chrome) (Version: 24.0.1312.57 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
LightScribe Applications (HKLM-x32\...\{88A4002B-BDBA-49A2-927C-D81E8DF32B1B}) (Version: 1.18.5.1 - LightScribe)
LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.1.0.0 - Lightworks)
MAGIX Foto & Grafik Designer 7 SE (HKLM-x32\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version:  - )
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Movavi Video Editor 10 SE (HKLM-x32\...\Movavi Video Editor 10) (Version: 10.1.2 - Movavi)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.0.223 - O&O Software GmbH)
oCam version 16.0.0.0 (HKLM-x32\...\oCam_is1) (Version: 16.0.0.0 - hxxp://ohsoft.net/)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Paragon Festplatten Tools™ 2015  (HKLM\...\{1E104AF0-EA49-11DE-AC07-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC-WELT Backup Easy (HKLM\...\PC-WELT Backup Easy) (Version: 1.19 - IDG Tech Media GmbH)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0081 - Pegatron Corporation)
Photomizer Retro (HKLM-x32\...\{41B5224D-7853-4EA5-0001-C8949A33B608}) (Version: 2.0.13.308 - Engelmann Media GmbH)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealDownloader (x32 Version: 18.1.0.1233 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.0.1243 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Sigel BusinessCardSoftware Demo (HKLM-x32\...\Sigel BusinessCardSoftware Demo) (Version:  - )
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
soft Xpansion Perfect Print 7 Express (HKLM-x32\...\{98AD196C-B3B6-48df-AB53-A711C822497C}) (Version: 7.2.1.7 - soft Xpansion)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StarMoney (x32 Version: 3.0.6.28 - StarFinanz) Hidden
StarMoney 8.0  (HKLM-x32\...\{2E36EB70-A4D8-4CD0-915D-0ACAAED6A918}) (Version: 8.0 - Star Finanz GmbH)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steganos Password Manager 14 (HKLM-x32\...\{C83404F0-D7FA-4069-94AB-2F34FDA22AA8}) (Version: 14.2 - Steganos Software GmbH)
Steganos Privacy Suite 14 (HKLM-x32\...\{9F07D3B6-3801-4C33-B20E-39CC29E63253}) (Version: 14.2.2 - Steganos Software GmbH)
Stickies 7.1d (HKLM-x32\...\ZhornStickies) (Version:  - Zhorn Software)
StudioLine Photo Classic 3 SE (HKLM-x32\...\{53BDE9F4-79D1-4E2D-B7A4-4D3663419BAB}) (Version: 3.70.50.1 - H&M System Software)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.0.3 - Synaptics Incorporated)
Telescope Driver (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 10.30.09 - PixArt)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Video DVD Maker v3.30.0.75 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}) (Version:  - )
VirtualDJ Home FREE (HKLM-x32\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows-Treiberpaket - Product Image  (05/02/2002 1.0.1.1) (HKLM\...\F408A29B912DF89043C0C67FB04AE7CF4A67FF97) (Version: 05/02/2002 1.0.1.1 - Product)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wondershare PDFelement(Build 4.0.1) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 4.0.1.4 - Wondershare Software Co.,Ltd.)
Wondershare Player(Build 1.6.1) (HKLM-x32\...\Wondershare Player_is1) (Version: 1.6.1.0 - Wondershare)
Wunderlist (HKLM-x32\...\{1cdbee75-ad10-47e7-b5c4-1f051f899978}) (Version: 2.3.0.30 - 6 Wunderkinder GmbH)
Wunderlist (x32 Version: 2.3.0.30 - 6 Wunderkinder GmbH) Hidden
Zweckform Etiketten Assistent (HKLM-x32\...\Zweckform Etiketten Assistent) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0D8F44A2-12F9-4D2D-810C-416C83F570A6} - System32\Tasks\{7F7E2F3B-EF44-43AA-9947-935E9B56B37C} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {0DFBFFF2-B0BB-45B1-9284-16317CDD74EF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {0F526937-5C13-40D9-AD0C-4B4AB398A47E} - System32\Tasks\{38D79D0C-9D17-4C60-95CA-4B367CDFDF11} => pcalua.exe -a E:\PROGRAM\GERMAN\rmb\setup_x64.exe -d E:\PROGRAM\GERMAN\rmb
Task: {119695C5-3BED-40B0-9BF0-EB16C8F0362E} - System32\Tasks\{6CFDF215-3B31-4E0B-A934-95C32A086566} => pcalua.exe -a F:\setup_f.exe -d F:\
Task: {1253A9A4-F396-498A-8533-D5593CE77E41} - System32\Tasks\{86587C49-245F-4A8B-9A0A-486EB72072C1} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {143E9C67-70DB-45A4-824C-F6F026A9BDD2} - System32\Tasks\{99E55DA8-7CB1-41BA-A0D1-C985A76C7213} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {1EA9C5EC-A782-484A-9625-3C319562949C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {25FE5305-7D03-4223-9F19-DDD1F2EEE4FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-26] (Adobe Systems Incorporated)
Task: {347DB677-28B4-475A-91D5-030F4F7DAF3D} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {34972354-32B6-4AA0-8B09-A11B6B59EC88} - System32\Tasks\{485E4FEF-32A1-4B05-8080-C4F815720167} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {4C3BF434-CB48-46E3-AFD3-03B4C523E18D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {4DC13273-DC82-43E4-8045-AC62928EE457} - System32\Tasks\{EED6B82B-CB5A-4F84-8A34-C1EE5D6C5CC7} => pcalua.exe -a "C:\Program Files (x86)\Windows Live\Installer\wlarp.exe"
Task: {5B04776D-F2FC-4941-B435-DE63FB9B90BA} - System32\Tasks\{1D1A8A18-7950-41F2-BD97-5641FB750FB2} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {5FAE9FF5-BC24-41EF-A40D-75730FA50529} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {72091BCB-DCCE-43F6-A76A-4C8EA9514D1F} - System32\Tasks\{47B10711-FF6D-48E1-A80E-0C29DE09EF4D} => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
Task: {7790F5CA-8F62-47E6-A91D-5E99D9D90CED} - System32\Tasks\{BB4D84AD-6D4A-4AE9-8BDD-6E099740DBD6} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {7A33E08A-C524-4214-AFE4-8F792B3D77C4} - System32\Tasks\ReclaimerResumeInstall_Bernhard => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-19] (RealNetworks, Inc.)
Task: {7D24F5A0-4FE0-4392-88E3-6D463E2A6561} - System32\Tasks\{4DB20908-7514-4312-A1EA-BB226D90C566} => pcalua.exe -a F:\ColorPage-SF600\Setup\SETUP.EXE -d F:\ColorPage-SF600\Setup
Task: {7F585A86-52A3-4450-B126-EAB423463D98} - System32\Tasks\{EFCB28CE-4DF3-45BF-BFA8-AE6AEC600140} => pcalua.exe -a C:\Users\Bernhard\Downloads\fmp_setup.exe -d C:\Users\Bernhard\Downloads
Task: {7FCD9305-61E5-423D-A8EF-6C05C063BB06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {96480441-EFC8-411C-8FA9-1D73D888B756} - System32\Tasks\{2DD33BBB-46F0-4858-A078-E254CE47E6B3} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {97E2772A-B4F8-4C09-B1E1-12E8CC346DF9} - System32\Tasks\{C03F0FDB-3AD8-4F2F-BC14-AA8766D05E72} => pcalua.exe -a C:\Users\Bernhard\AppData\Local\Temp\jre-8u73-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {9BBF4107-FD93-4C12-85D5-4F8C6F5D0FE7} - System32\Tasks\{54B13488-53E8-40B0-9D34-52CAB98CCD35} => pcalua.exe -a F:\Audials-One\TrekStor_AudialsOne8_SE.exe -d F:\Audials-One
Task: {A037188E-6F91-4AFD-84D8-97961F8C65D4} - System32\Tasks\AnVir Task Manager => C:\Program Files (x86)\AnVir Task Manager\anvir.exe [2013-12-04] (AnVir Software)
Task: {A8B56FC8-7265-4657-BCE9-FFEE3C98BA58} - System32\Tasks\{E7A9CAE4-4B85-4EAD-968D-7A7129D2B520} => pcalua.exe -a E:\Notfall-4-Setup.exe -d E:\
Task: {AB6EB7EA-CC34-42A8-AB2C-806E13212C6F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\WSCStub.exe
Task: {B040F48C-E6D6-4DFB-9319-02A31FAD9A44} - System32\Tasks\{0F7E1A9B-0443-4225-A10F-56142B061744} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {B0A74DAC-2A82-4734-A2FD-F53FA80FD4CD} - System32\Tasks\ReclaimerResumeInstallLogin_Bernhard => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-19] (RealNetworks, Inc.)
Task: {BFF44E6B-0E2B-40C4-87A7-48A8D337F257} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {C228335C-2A01-48C3-A681-034FABC44C84} - System32\Tasks\{624950FD-F4CC-4D02-8319-AA439B030D95} => pcalua.exe -a "C:\Program Files (x86)\Sigel\BusinessCard Software\BusinessCardDemo.exe"
Task: {CBB5779C-CD71-4D3A-B6CC-565C1E5492AF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {CBD65DD2-23AB-4B37-8E5D-09E9F6532B4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {CDF3F9DD-47A6-4D1C-ACA3-4B69FEB88881} - System32\Tasks\{753244C6-DC45-427A-8BCE-FAF0BEDAC406} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {D3D1D49C-1107-4D8D-B0BC-8BF0B555EE84} - System32\Tasks\{D26BBEE7-B8A7-4DEA-90DF-B9C8C6511558} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {DC59771F-0A7A-4F52-89E9-24E2E1BC9E73} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2015-09-16] ()
Task: {DD9E7AF3-2FEC-4132-B34D-50DE9132323F} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {E0816EC5-C4BB-443F-BBA3-A6E06AA4D340} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {F3144631-02DD-4651-9723-EBA03EDBA9DA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerResumeInstallLogin_Bernhard.job => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerResumeInstall_Bernhard.job => C:\Users\Bernhard\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Bernhard\HDR Projects\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html (Keine Datei)
Shortcut: C:\Users\Bernhard\HDR Projects\Favorites\NCH Software Download.lnk -> hxxp://www.nchsoftware.com/index.html (Keine Datei)
Shortcut: C:\Users\Bernhard\Desktop\PC\Software\Programme\MEDIONhome.lnk -> hxxp://www.medion.com/de2C:\Windows\System32\oobe\info\Icon\MedIcon (2).ico (Keine Datei)
Shortcut: C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/ (Keine Datei)
Shortcut: C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/ (Keine Datei)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-06-06 17:06 - 2012-11-29 13:53 - 00805888 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2015-11-12 11:18 - 2015-11-12 11:18 - 00023880 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupService-pcwbe.exe
2015-11-12 11:18 - 2015-11-12 11:18 - 00109384 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupServiceLib.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 11391816 _____ () c:\Program Files\PC-WELT Backup Easy\bin\backupCore.dll
2015-03-05 12:49 - 2015-03-05 12:49 - 00324096 _____ () c:\Program Files\PC-WELT Backup Easy\bin\party.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 05945672 _____ () c:\Program Files\PC-WELT Backup Easy\bin\ox.dll
2015-03-05 11:46 - 2015-03-05 11:46 - 00081920 _____ () c:\Program Files\PC-WELT Backup Easy\bin\zdll.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00249672 _____ () c:\Program Files\PC-WELT Backup Easy\bin\crumb.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00053576 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lzmaUtil.dll
2015-03-05 12:43 - 2015-03-05 12:43 - 00049664 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lzma.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00368968 _____ () c:\Program Files\PC-WELT Backup Easy\bin\tomb.dll
2015-03-05 12:38 - 2015-03-05 12:38 - 00022528 _____ () c:\Program Files\PC-WELT Backup Easy\bin\zlibutil.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00023368 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lz4util.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00041288 _____ () c:\Program Files\PC-WELT Backup Easy\bin\lz4.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00560456 _____ () c:\Program Files\PC-WELT Backup Easy\bin\twirl.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00223048 _____ () c:\Program Files\PC-WELT Backup Easy\bin\netutil.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00154952 _____ () c:\Program Files\PC-WELT Backup Easy\bin\scoolite.dll
2015-03-05 12:38 - 2015-03-05 12:38 - 00626688 _____ () c:\Program Files\PC-WELT Backup Easy\bin\sqlite.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00165704 _____ () c:\Program Files\PC-WELT Backup Easy\bin\deemon.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00528712 _____ () c:\Program Files\PC-WELT Backup Easy\bin\veem.dll
2015-11-12 11:18 - 2015-11-12 11:18 - 00060744 _____ () c:\Program Files\PC-WELT Backup Easy\bin\minizutil.dll
2012-02-22 20:09 - 2010-08-19 18:43 - 00386344 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-12-10 19:12 - 2014-12-10 19:12 - 00344824 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2016-02-10 21:48 - 2016-02-10 21:48 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-10-09 11:25 - 2010-09-30 14:00 - 00253264 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2015-03-05 14:22 - 2015-03-05 14:22 - 00053760 _____ () c:\Program Files\PC-WELT Backup Easy\bin\oxHelper.exe
2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 ____N () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-02 12:20 - 2016-06-02 12:20 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5a8eeeddc97028a9f94d0518c22f4c2c\IsdiInterop.ni.dll
2012-02-22 00:36 - 2011-11-30 06:00 - 00059392 ____N () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-02-22 00:21 - 2011-12-16 11:39 - 01198872 ____N () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [253]
AlternateDataStreams: C:\ProgramData\Temp:A303874F [188]
AlternateDataStreams: C:\ProgramData\Temp:AD022376 [252]
AlternateDataStreams: C:\ProgramData\Temp:F9CFE070 [178]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\com -> hxxp://*.Wondershare.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2013-09-25 21:51 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
HKU\S-1-5-21-4070342091-3793343965-3738386277-1009\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Orga-Nicer.lnk => C:\Windows\pss\Orga-Nicer.lnk.CommonStartup
MSCONFIG\startupreg: DNS7reminder => "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: PC-WELT Backup Easy => "C:\Program Files\PC-WELT Backup Easy\bin\backupClient-pcwbe.exe" --hidden
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{ED434935-FD27-43C9-838F-62FAF395247B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3715F1B3-1BFB-41E8-B30C-B8577C36F511}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{867C244C-C724-4791-AFA2-C41A4D59EB16}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{842B21DC-1BF0-4EB7-B54A-4A5A83D0B921}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{6B026D0D-E126-439A-ABAB-9DD77A7B5151}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1C548354-3F3A-422B-84BC-72F8921F0317}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{9E110FF3-14CD-4457-8AEA-101F295342C9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{5F024E44-E458-43E6-98EE-F758ECDDDB74}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{2631EE86-CE69-4E24-9B2C-D009320BDB61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{F242C584-7DC9-42B5-AB23-E466FD2F05CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{8E53D6E1-6EAA-4C3E-8ECC-42FF0EA6F52A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{262150B3-9785-4E55-9014-5022B7B66ADA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B158D186-191E-48DB-9297-0070447DF731}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{0D80372E-F194-443D-8C97-97DCA1D20195}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{782075F4-666F-4E23-8FD0-61D33C99B582}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{9FF97F2E-0CE3-4805-872C-6C6C93F85AC7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A07BB18C-FF46-4671-B33A-31B688142456}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{B4C7E96C-9906-4F10-A7BF-AE39C3B47A7A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{8A57CB20-6BBF-4A65-9003-142AEC8115C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{06DC90CB-3E91-43B5-BA8B-B00BEEC44859}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A053A1F0-1286-4573-9A05-840F22657CAB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{483E0ADF-A26D-404F-8E2C-3D62F85CC2EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{69962D9B-D7DB-490F-8855-64475E0987B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{33CCCDE3-826F-4E41-A79D-8BF6A526806E}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{28DCDBF8-4DFB-471E-AFBD-B44AF4D7E4BF}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe
FirewallRules: [{F7A83851-06D7-499A-9675-1BAD1DB20E53}] => (Allow) C:\Program Files (x86)\RapidSolution\Audials 10\Audials.exe
FirewallRules: [{3299ACBC-BDC3-40B4-B7EF-A2A63CFF4144}] => (Allow) LPort=12972
FirewallRules: [{944ACA05-89DB-49AD-8CC3-B2A246C767D5}] => (Allow) LPort=14714
FirewallRules: [{20818C5F-2EE3-4E07-AF1F-CD37D0EBC17E}] => (Allow) LPort=31931
FirewallRules: [TCP Query User{AAC0DC18-C583-4D6D-9347-19EB2956EE94}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe] => (Allow) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [UDP Query User{0F020889-DD64-4F1F-A9E1-06A6178A101B}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe] => (Allow) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{1D6A688D-3F97-4BE8-A83F-FF86E1AE662F}] => (Block) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{C537A6AC-C52C-456E-83F6-97F58E0D817B}] => (Block) C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe
FirewallRules: [{08C1272E-5134-4002-9DD5-5A21C661A40B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E2DDB6A9-FA9E-4AD5-B645-4CC70EA504BB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe
FirewallRules: [{0D6CA7B6-38D5-4F22-8525-CB3A4DFB7951}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe
FirewallRules: [{1EEFB013-0064-4335-B9C9-10C65AC31F2E}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTV.exe
FirewallRules: [{738787B9-6642-4415-A9DE-45DAB18E500D}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTV.exe
FirewallRules: [{C4916D39-0332-4687-9BB6-2664254F6105}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTVStarter.exe
FirewallRules: [{206A486A-2DE3-4AAC-8E5E-447327A6298E}] => (Allow) C:\Program Files (x86)\FRANZIS\onlineTV 8\onlineTVStarter.exe
FirewallRules: [{6984532D-9ACF-42EB-8A65-186EDDEE1D8F}] => (Allow) LPort=51001
FirewallRules: [{D86FE523-B878-4F88-AEEF-73D8AE3AF29A}] => (Allow) LPort=51001
FirewallRules: [{0232F89D-1B6D-4C75-AB14-E18F140E4729}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{93892B1A-3BF3-46B6-B8C6-40398B213894}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{DF342700-7242-4D6A-BD0E-D252B7C0C2EE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4352D4F1-9289-4F60-9423-2742F3765474}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FA6752F-B642-4F9E-BCEC-856BA6F0B7B9}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{6D1F0B00-A033-4E52-B429-D85CBE9E9C4B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{47715565-A217-400E-AAF4-FA51084FCFC6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CB35B513-3DFA-41B1-B9E8-921DBBBEDD0A}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{ECB98186-D03E-4EA9-86E0-6443CB8E0492}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{281D072E-F133-413A-8530-85E9DE22E543}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{F606CDAC-6A92-4CF3-ADA5-9613189B62C3}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{C18F4ECD-B500-4F3F-BAA0-1A48C4A095A6}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{58516AFB-3699-4CA9-BD21-06026728CD93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D6904D4-D38E-42FE-8C92-7B6F162B68E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8ABECA6C-6159-4C43-8EA3-5CD25A0664C2}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{53EF195F-6729-4702-8114-A137B20F0960}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{3531680A-A193-4D23-9B4C-68709F2A6886}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [UDP Query User{CF541917-E503-4806-AB4A-BEB088C7E220}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [TCP Query User{FEE00E6D-F5CC-4304-B5E9-01891E7FF65D}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{0F44FC79-29A0-40ED-A95A-3081452155F2}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{F397188B-A01E-43BB-84C5-6E52406483F9}] => (Block) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{3C91B94F-8218-49FB-B4DD-DF8A82F5C3B3}] => (Block) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{38D685AA-D6EC-410B-B301-74B5FF02B697}] => (Block) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [{1F6153D5-D045-49B6-A46E-95289F29B44A}] => (Block) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [{EA69C3B1-1D53-4496-B73A-3DFD527B52FD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B7B8506D-F021-4366-98E9-BFFF6665890C}] => (Allow) LPort=2869
FirewallRules: [{194B3D02-003E-47CA-A1ED-858A3A91D915}] => (Allow) LPort=1900

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/12/2016 11:08:53 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (07/12/2016 10:57:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2016 10:57:09 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (07/11/2016 02:40:21 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (07/09/2016 09:24:42 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (07/09/2016 08:05:15 AM) (Source: TEST_FAIL) (EventID: 0) (User: )
Description: m_pDevice->Present FAILED!
hr=88760868

Error: (07/08/2016 12:17:30 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (07/06/2016 02:36:45 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (07/05/2016 08:20:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm audacity.exe, Version 2.0.5.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1f34

Startzeit: 01d1d68482316cff

Endzeit: 13

Anwendungspfad: C:\Program Files (x86)\Audacity\audacity.exe

Berichts-ID: 761ac884-4278-11e6-8292-e840f2b4d16c

Error: (07/04/2016 09:21:16 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.


Systemfehler:
=============
Error: (07/12/2016 10:56:09 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.

Error: (07/12/2016 10:55:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (07/12/2016 10:55:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (07/12/2016 10:55:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (07/12/2016 10:55:30 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (07/12/2016 10:53:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.


Error: (07/12/2016 10:53:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Office Software Protection Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/12/2016 10:53:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2016 10:53:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/12/2016 10:53:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2013-09-25 21:38:53.619
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-25 21:38:53.553
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8086.48 MB
Verfügbarer physikalischer RAM: 5179.34 MB
Summe virtueller Speicher: 16171.15 MB
Verfügbarer virtueller Speicher: 13519.96 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:1.7 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:0.43 GB) NTFS
Drive z: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== Ende von Addition.txt ============================