| |
| |||||||
Log-Analyse und Auswertung: Win 7 - Malware - Dateien in .ENC verschluesseltWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.09.2016, 12:06
| #16 |
 |  JRTCode:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Professional x64
Ran by aquarana (Administrator) on 14.09.2016 at 12:51:53,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 320
Failed to delete: C:\ProgramData\ammyy (Folder)
Successfully deleted: C:\ProgramData\Start Menu\Programs\hamster soft (Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{00924149-5E28-4D43-96B3-747FAE7A8B2D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{013D0F77-AAC0-4CB4-9241-18773BD141DD} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{02F84A53-0C66-49B6-9C41-89C0687311F2} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{032A0EAE-3782-4EF7-9A76-BFB5335438D9} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{035C9043-84EC-41DE-82B3-038480518684} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{06429B76-F6CD-412A-B4FC-6466C37C7B6F} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{071D5349-C23F-49CE-9A1F-15BF480AECFA} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{07C83D0D-D7AD-4150-BA2C-5A69D6FB8271} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{08C5173F-848D-44EC-8085-911815776E58} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{096C7BCA-EC18-4922-895C-BCB4797EBD00} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{0B442C36-A7D4-48F9-90AE-90D17AE1AE16} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{0CAF4E2D-3ABE-4356-A5C1-12E3304A6228} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{0DBEE52D-51BC-4D49-85D4-DC3ECB8C317E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{0E4520DA-CF1E-4CC6-94FC-E139204ED92B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{10C14165-9AD8-4476-AF6F-B8C3F85CD523} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{11DF4A6F-6E64-42A4-B8BC-051673B7DB7B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{121BB50A-84F3-4918-BACC-63F1F8A199BA} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{126001F5-BC0F-40D4-9DF7-10399D494BE3} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{12635727-B5E0-4C52-8F38-F25B423F3EA2} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{12886454-487E-4A02-AFA8-709EE8BA11BE} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{12C66308-5352-4FFE-A56D-36B9CFA5C53B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{134A26F8-E686-44D1-8E0D-ACE273E08118} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1398C18B-E70F-4FCC-88B9-982121DCCA13} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{13CE387D-23A6-47A1-832F-04A25D588EA9} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{167F7C7B-2036-4414-950C-9CA352DB8C1D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1784AC9D-F1C8-4B66-8E3E-1B02A708A4FF} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{18D4A575-CDCC-4129-A2C6-7085B88DE939} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1A897734-4ECC-4A5A-B68B-680E02B63BB5} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1ACEF6E7-F193-49B7-AC4A-5A6D40B5400C} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1B100BCE-1150-46B7-AA61-2F3FB70A0F35} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1BB3E49F-5490-4D0C-A1B1-EA21022467F0} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1BC4B3C9-50C1-409D-866B-B5AF3F89B8EE} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1BF981EC-333C-49DE-A7CD-692F91068E2B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1D1979A2-CB6E-41E3-9A4F-1DD6AF62D3B5} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1DA07D62-2A47-432E-9E43-345E6D88D58F} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1DBCA07C-41E6-49FF-963B-EB88F3E05572} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1DDFE874-A56B-4DDA-BE63-402DF2F05106} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1E14460D-94F6-4AE6-B4E6-CC9911205DC3} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{1E96F83E-63F5-4685-BE6D-46C0452A1755} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{22C9386A-87DF-4DC7-9036-45F15DC484B9} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{24A11461-2727-435B-A5F9-C65CC0FB937E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{24EA73A8-337B-4006-8924-023F98195CCB} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{253DE396-1DD2-4238-8F64-C9F549BCBC92} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{25F4DE74-94FA-449B-B6F6-B78325A9C5AD} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{27D89FC7-1313-42E9-9894-671B7E32DAAD} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{284DF904-BDBF-49D4-9F86-81C6BA85254B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{290E9A67-F3DD-4595-9AAB-C70619683352} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{2A00CAE9-F88A-492D-9D30-C73F29B28D3B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{2AC56E2E-F47B-40FA-99C1-618CADC7796B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{2B461D33-86C2-44AE-83EB-0FBDAACC6ECA} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{2B619CA0-A960-4721-BD2A-6CE31B8A14A3} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{2BAD8E69-92B7-4740-B8F6-2DC8A429DCFB} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{2BBAB0CD-4FBC-45DD-B9C9-FC7809ECFD68} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{2BE291A0-D35A-43B8-B1C4-D95129D6B2FB} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{2C2E62C7-954E-4CC2-8F39-6C3240497BAF} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{2D03653B-8AA6-4ADB-9FBF-FC175DDE6424} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{2F5715F4-50BD-4D00-AE77-9CF8CB3C4387} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{30B12801-EE6C-4F5A-AB48-D4B125EAE09B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{30C75BC5-1E8D-4AC0-91E2-649655122907} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{30C9B407-EA1B-41EB-A1AD-0A488C48994D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{31188939-5B93-43F5-8790-F5AB54AC0746} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{327F5B43-15A0-44AA-A15F-1DA4CFD76ED6} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{33794820-B6C9-4376-87A5-45853796BCE4} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{3428ABBE-71B9-480F-B75E-3DD48163B431} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{35B61D3A-0536-4BC0-9306-012646108E9B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{361CAD95-DC95-4A16-9CEF-0B5B201462B2} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{363B5A3E-688D-42BF-A6D9-66DDC7DCF0D4} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{38B632EA-E982-4CA8-9340-1454A1476F95} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{38E36C5E-DEFE-4AA4-84B6-0B7A6F76534E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{3BD8F112-D398-467A-9A29-39D3DA8B2BD5} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{3BDE005D-3C67-43F3-BA2C-F954E24A0C5F} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{3D072D7F-3689-402B-ACA8-B96FF912091C} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{3DB170AB-EFCA-485A-9114-C58429AFD93F} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{3F05AA8B-0EFB-4EA3-9A69-F35045CAF104} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{40405BBF-B2AA-4994-BA08-87BEC6F5E99D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{404DC0A9-51FA-4A7D-B645-5108048E7BF1} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{42B6FBA9-443D-4426-ADEA-02A9600C48C8} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{43CBD47D-130C-46B5-AD16-C329B7D4B3D1} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{43E3320C-53C8-4150-88AA-311A6B06FDD4} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{43FE2E4C-3308-4A23-BA19-FB9426205A36} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{44CE7054-A4CA-48D4-8AE9-08C4F70E7558} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{44F87DBC-0E10-4623-82CB-3DE8E7B99F9A} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{4819BE64-62AC-48F7-A3AA-04C763B84B0A} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{49CC0D91-304C-4C86-A449-5F160735115B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{4ACC3009-B48A-4073-A8AA-EDAE335EA3B0} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{4B367993-FEE8-4CE3-972F-ED6F63743FDD} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{4BA5D58E-522A-46ED-BE6F-2F3283445D90} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{4C9629CB-5965-4AF9-90EA-769276309B90} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{4D0E48A4-2148-4EA3-843C-50ACA7F0605E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{4D2544F5-DC6B-4850-A5E3-7267DBF7CA18} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{4E59D80A-178D-4B52-82E7-4301410C5E77} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{50B3D336-8A09-480F-8E55-359F203E7A51} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{517AD796-39B2-4153-8C36-51E606F90574} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{51E96059-7025-4C42-B583-9390A1A0A0C9} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{52AD144E-688A-4C75-9942-AC40A62FF9B3} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{52B8AFCA-1BDF-4EA7-99B3-CFE28A9911DD} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{530860EA-E121-42A5-9CB1-6428F5396C58} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{53144C86-A09E-4102-A476-57317479F402} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{53833245-4923-4343-B553-88D774AA4531} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{547770D4-42A1-45AC-9CE8-F623C9DA6518} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{557BFA8F-AFC9-423F-9697-6C3522578DCF} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{56BCB20E-6CA7-4753-B35F-5702C7F2D30E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{580D06B3-4048-4A23-A56D-5E2E690AE456} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{581E69D1-8830-41E8-871D-FFCA1BF03742} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{5AA9335E-A2C0-4BCC-9212-35A5AE4C5F8F} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{5AEF0E86-281C-4B73-A869-F69076E0D0F0} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{5B737F25-A5B3-4432-B11F-18D54B987195} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{5C2D1C51-B5D0-487A-AA40-8FB2117AF9F6} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{5D5CCECD-39C1-45E3-A9D8-0A645CC7ED99} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{5FF68118-4CE4-46F2-87B2-B723CA63D0FB} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{608298B8-9D06-4541-A2E8-E648DB00E610} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{61D4F1AB-F1C5-4B08-944B-B872B2B598E6} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{62304B67-EFE3-4758-860B-5DB4C7410D14} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{626BA5EA-8FDA-4139-A756-16204A6E2CF1} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{635E304B-42E3-42A5-BDFD-07803CDC136E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{63F7FCE2-7261-491F-AA85-6EA0B414F1BE} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{641F323B-920C-4F16-9F84-8D25BF03AAE4} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{644E7815-9D76-4E15-A3D9-B7B43346B2BB} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{6484BECE-CFA0-41A7-8AD9-22C6C8763EED} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{64D92978-225B-484D-BE1E-10E13564990B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{653D7D18-229E-4AFC-9371-AA0E64595F98} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{6626FF83-C02C-489D-A984-71A5F7564978} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{662AA711-E85A-489B-A5E7-28201738D21C} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{674990E3-1131-426B-B64D-E7729A73A550} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{67CDD0C9-CE4B-4027-95B5-5E80B122A6DD} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{6C09F8C4-C5CE-4206-9943-F4B89521ABF7} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{6C9E8568-8282-489D-B0DB-658206CE9105} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{6CF2FA38-B972-4519-B2AC-C95818048FE0} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{7165ACD1-99A5-4A18-8078-1185EECA77C4} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{71BC03D9-C329-4B95-842F-E5851987D113} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{71F99E74-A294-4709-B5A1-8F2A3EF99217} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{72A3A59D-45FC-49FC-9B36-92CB7F510E84} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{72FCB101-2570-4631-BADB-2ACD80FE46D5} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{733FACBA-5A9B-4B7D-B80C-F691D1FCEDFC} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{73611421-391F-42F5-9940-4E5C5072D9BC} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{7445E161-4032-402F-9937-3E664C969218} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{74647394-62AD-4D78-BB78-0554CD4C366D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{750CA9C8-78D1-4A61-A993-23A2856712A2} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{76DFDDBC-E840-48F4-A77A-92921A1E5858} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{7828C366-1463-4B3A-A1F6-D18BEE2517E0} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{78A5031F-33C1-4B0E-A430-F81A501C1C1F} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{790E7074-3003-4630-B5A1-4F454840247A} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{7AEB649F-4706-4C0F-B247-60277698B481} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{7BC875A7-6998-4C63-BFF9-B344F5CF484B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{7C4876EF-76FA-40C2-911C-D87DB11C654E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{7C71B396-ACF4-437A-9738-9298BA4620FB} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{7C84F758-F782-4E5C-BF89-655CE55D4E94} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{7F5FA87F-3879-488B-B1E2-19F89E53A11D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{80E4C477-FCD8-4B1A-9106-039B6DBCF227} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{838DC78A-8767-4B37-8DCF-912E1053A4E8} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{85BB5ADF-2A9B-4660-BDC8-A36CAFBFA3CE} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{87E052AA-42F5-49A3-A92E-5600CB9B7B70} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{87EE28E0-E9A6-45E1-A3AC-BBDA204286F2} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{8873EA30-25E8-4ACB-ABDB-178DE9431798} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{89D64505-EDC3-4812-84E5-55DFC05869F4} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{8BF87111-C858-4ABF-8D56-D78BEBF6B8D9} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{8D014078-FB95-406A-A65E-E6AF2E5E79B3} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{8D66DD35-E7D4-4996-90EE-691320E6140B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{8F715D58-AF06-4490-829E-128E0F9C0F7A} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{914AD31D-6755-410C-BE48-A09B250CEC4B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{9221C5BB-8A0D-43DF-B68A-B2D708596BEA} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{922239E0-CF92-4A2D-B5AC-7CEADF7FE47D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{966DD10F-7BCF-4321-878A-E2B343239A03} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{96EE239D-A9E8-4C8D-80EC-91E6C1C583B5} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{9DEC8F0B-F58E-43A9-A38C-96F26455D7E2} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{A09357D5-5C07-4EE2-BFAF-E5117BC19C56} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{A201F2D8-C8AF-49B6-9758-1BC94CD39D63} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{A20B0561-6A4E-4381-8EA4-07E28D47E624} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{A24F9B35-0187-4A94-A947-2DCCA2F0061B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{A2D86CCA-B4BC-4686-93B1-22C5C35EC15A} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{A4FD37F0-C4D0-422E-B6E7-A0F7EA221783} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{A537DA7D-EAA7-4A46-940B-8FC943CD1A2E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{A7184725-C566-4CF4-9194-84BDFF505560} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{A72ED4E5-698C-477F-B92F-020F1A0E083B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{A88B688F-71BA-45F0-B6C2-736777CE03EB} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{A9EEFA8E-0C3F-44D1-867A-141822FE63C7} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{AA8433AE-72A4-41DB-8AF7-585CCA2D102C} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{AC086F00-CCE9-4E6F-8F69-FB20D51D4284} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{ACEA7ADF-9B78-47BC-89A1-AFE6D96998D7} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{ACF36F19-2B8C-493D-99BE-A61D05379638} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{ACF70FE2-9E81-4CDB-ABF0-D3C8B7772401} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{B0158822-947B-4971-92A8-9D12C0C1E137} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{B13219B8-BF72-407A-9D50-B884F051501B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{B1B36E42-8BCB-413E-BFA6-EF90C7533A4D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{B2AE37F3-50B5-48B2-B697-7CA255BC2381} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{B4FB4980-153B-4726-921D-F9D6A4B1AAF7} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{B59212BD-8A0C-4FF0-B53B-0E3A852B31FE} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{B65C295B-7DDE-43B0-91C3-0B78B95A5607} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{B94BDD0A-6E04-4629-88AF-8D45C50B3913} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{BB9536A2-01FB-4D1B-A65A-5C921D007C6D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{BC0BE129-5B8B-489E-A938-DDDA42BD241C} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{BD798F75-9D11-4E57-9B98-EA5F50A2A0E0} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{BD8588EC-F5A6-42CA-99CE-B0A44EE1FC80} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{BE6CD31D-147D-4D7B-B8F7-A54519FF6100} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{BFA780C8-7A30-40AF-8152-3D2DEA1017F3} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{C1CCFF45-B874-4BA3-8E68-B6C3553EF04D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{C2022613-C5E4-47D2-92BB-E5F157E5F849} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{C4B122FF-6081-4DB7-9EA5-92F6ADB72C0F} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{C4D01E63-F2F8-4306-B6F0-4C2148305AB6} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{C558E029-A8A1-440A-A1FC-661951A31FF3} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{C72C11E4-74BC-4B25-A70F-00AB9143DD60} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{C83ADED8-2BDD-44F9-9515-3BB9E33F0427} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{C9B93F9F-208F-433E-8457-617ECFB9A2E7} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{C9D6D1CD-85E6-429A-A2E4-E3B5ACD5B9C1} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{CB52EE2A-11B4-4346-88E7-8F3122337849} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{CB651632-8712-40ED-8536-64D18F0B25A3} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{CBF45DE3-0E8D-4780-A594-9AF6FAD066FE} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{CC6B4FB7-529D-4D7E-9554-C9506E86597A} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{CE3A8DD1-0AC7-4E30-9D58-F49AAE95736B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{CF38AEAA-9A50-452D-B0DB-B4C34C40612F} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D0053DC4-0AB6-4ED9-930B-F2A4EC2AF210} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D060BBC5-9075-4FA2-9AC9-B0311A4F377E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D1A5F883-35DB-4645-98A8-450D39C9B7BE} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D1B152B1-A1E5-4131-85D1-B6073DA193BC} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D2523C53-B395-45B7-B31D-E4FA41BFA1DE} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D3227212-9898-495C-8C60-D8F8283FFDEF} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D4948741-2D6B-42D8-AE43-2922813ED94A} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D4DE6EBE-99C2-499E-BB60-F87654DBB9C8} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D67BB903-7A8B-43AA-A399-640764CF93C0} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D73B2981-0CD1-4734-914C-DE38A83DF8DC} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D7CE0293-5C9B-4A00-8A25-701DA19132D5} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D7DCD2EE-C559-4F5D-AD5E-30D0AD1586F7} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{D88B6BE8-09CF-4E83-AA65-74F0B24D4169} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DBB8FFB4-D368-469F-815B-68F86BF0E46D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DC12C849-F99E-47F9-8117-94DFA774408C} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DC1F0649-4C1A-42E8-9642-5DB1C1B9BF67} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DCD35382-7BAF-44DA-96BB-68DDA0CAEB83} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DD410887-F263-4A8B-921F-2CFBBCDD3055} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DDA3017E-CE4B-41C8-BF1A-41CE078B5B68} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DDCF9C54-1757-420B-93C6-0A391BAC590D} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DDE52CFC-C66C-4B3C-B79A-23F2E8CFD9A5} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DE0684E0-8BBC-481D-B77A-BD72ACF80023} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DEDAD6C6-6205-4958-9B77-7DBC6B9A6147} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DF88341B-A001-4F82-AFBA-FFD759AB674C} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{DFD8B28E-D749-4948-94EC-48BFA7C39B9F} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{E4C7265B-DF0C-4A63-B5C7-1B02276D86D0} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{E63FEF33-616A-4E5A-B6E7-6CFFB6F79E5B} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{E64CA96C-2F09-4194-9D01-98D65688D307} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{E71F4588-7CA4-46A9-B24B-87A29ED0B1AF} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{E7A98B41-F1FB-4F27-9456-D938B7CB4C02} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{E8EFA3ED-040F-49FB-A24A-4CA1352E11E0} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{E904E36C-6DCC-4D5C-B43D-02CAE4DC0392} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{E925904C-5535-4E99-A4C8-776F7BC25F4F} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{EABF40CE-FD80-41FB-82FA-9E7903F62BA1} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{EC6FB75C-CD50-4AC7-9106-DE5A712BCDF2} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{ECC5BB8A-48A1-4DDD-9427-08DB9273B18C} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{EDDD35A0-CA3B-4E81-BE66-B5BDAF501CBC} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{EFA0D59E-5C3C-4F66-AC0E-1EE436290086} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{EFC3F2A1-3D61-4190-9E6F-06F77846ECA2} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F2045ABF-2851-45FD-9C23-056C06612F15} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F247B14D-A2F4-4FD2-A60E-79CCB450DA99} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F2AC58D1-5C54-4443-AA80-21EF4D6DACE7} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F408FDB0-9F6F-4EA7-B700-1212F9743499} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F42D3D8E-5137-464A-9B36-95476F2F5506} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F4903FEA-B567-48E7-B67B-8E7F0A978EF2} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F4C8301F-C2F5-4DA7-B3C3-79F73C7386CF} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F4ECFF81-37C3-486D-AAB5-E4DB40BB99E9} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F5292808-BBFB-42B7-8C6E-BECCCADB5F4F} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F56E3A23-8F45-4957-8BF4-A3287DA2DE0A} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F57B392D-1ACC-4DF4-B22C-3D6250D3AE01} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F5889420-5E7D-4227-828F-0424F8CF012C} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F5D26236-0BE7-41D0-8B3C-6B9B92EC1623} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F7106B7D-A70D-4E4A-9E81-2FE23EACB5A4} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F7B56874-0F88-4958-98A1-4099823DA2DE} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F8A3CEE2-EFDA-4726-8237-C47BA6F07557} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F904432D-35FE-47E9-9BFD-541EAB83F20E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{F9FB5A7C-6DB5-4379-BF08-B362039F5891} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{FA87559E-BCDF-4E62-A416-E071A397C04E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{FBB0606F-3F57-4EFF-9686-8FE8C8EA306E} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{FCF59348-E6E9-4CE7-B2C3-7D54528A9928} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{FD00044F-DB98-417D-A029-0E23595C48AC} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{FD2FD7F9-DA07-4CE7-95ED-EB9E173CF3E0} (Empty Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\{FE97832D-505E-45B3-B5DE-43A8B7FE768D} (Empty Folder)
Successfully deleted: C:\Windows\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job (Task)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UYLD1WN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3DDY2IV8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5K44XLMU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6TPA2BNF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8BS3478B (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9C5A7TP7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AKHEL28P (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AVB548TX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KDAP1BVA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHS9UU1C (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T5QWEXZ0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TVZ3Z8FV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UKYGFT55 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT1O15NN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V4LPJJUX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\aquarana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XLA539NY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UYLD1WN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3DDY2IV8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5K44XLMU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6TPA2BNF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8BS3478B (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9C5A7TP7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AKHEL28P (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AVB548TX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KDAP1BVA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHS9UU1C (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T5QWEXZ0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TVZ3Z8FV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UKYGFT55 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT1O15NN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V4LPJJUX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XLA539NY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\SysWOW64\sho356C.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\sho5146.tmp (File)
Deleted the following from C:\Users\aquarana\AppData\Roaming\Mozilla\Firefox\Profiles\s3ksuc5o.default-1457247739583\prefs.js
user_pref(browser.urlbar.suggest.searches, true);
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.09.2016 at 12:59:30,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v6.010 - Bericht erstellt am 14/09/2016 um 12:32:22
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-13.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : aquarana - MICKEY-MOUSE
# Gestartet von : C:\Users\aquarana\Desktop\AdwCleaner_6.010.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\aquarana\AppData\Local\YSearchUtil
[-] Ordner gelöscht: C:\Users\aquarana\AppData\Roaming\RPEng
[!] Ordner nicht gelöscht:C:\Users\aquarana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
[!] Ordner nicht gelöscht:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\aquarana\daemonprocess.txt
[-] Datei gelöscht: C:\Users\aquarana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
[#] Datei gelöscht: C:\Users\aquarana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\startfenster.lnk
[-] Datei gelöscht: C:\Users\aquarana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Startfenster.lnk
[#] Datei gelöscht: C:\Users\aquarana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\startfenster.lnk
[-] Datei gelöscht: C:\Users\aquarana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
[#] Datei gelöscht: C:\Users\aquarana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\startfenster.lnk
[-] Datei gelöscht: C:\Users\aquarana\Favorites\Startfenster.lnk
[#] Datei gelöscht: C:\Users\aquarana\Favorites\startfenster.lnk
[-] Datei gelöscht: C:\Users\aquarana\Favorites\Links\Startfenster.lnk
[#] Datei gelöscht: C:\Users\aquarana\Favorites\Links\startfenster.lnk
[-] Datei gelöscht: C:\user.js
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SearchAnonymizer
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\OB
[-] Schlüssel gelöscht: HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\OCS
[-] Schlüssel gelöscht: HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\SearchProtectINT
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1676539162-533426384-2096430618-1000\Software\ConstaSurf
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OB
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OCS
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SearchProtectINT
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Eusing Free Registry Cleaner
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\11668D9C06DD0A64689920C3E9AA8BF6
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5BB8B2DE8E6BEBB47BBC322B82D20DF9
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
[-] Schlüssel gelöscht: HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{37F4DF39-AF01-4A94-995C-E73B0EC7B30A}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3D0CB422-DE64-45E2-96BF-50992C26D5AC}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{729A1869-D709-4FD6-9A9E-D3F9D36B9044}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7E2D56B9-7D7E-4636-9A05-0E38A16356E0}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8B3A79DA-D119-4A86-B80E-4DD09289330D}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A15BA4CB-CC0A-4D93-B650-253F39152ABC}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C8568A7B-BF0A-494D-BEB9-9CD45B6FBAE6}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{37F4DF39-AF01-4A94-995C-E73B0EC7B30A}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3D0CB422-DE64-45E2-96BF-50992C26D5AC}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{729A1869-D709-4FD6-9A9E-D3F9D36B9044}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7E2D56B9-7D7E-4636-9A05-0E38A16356E0}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8B3A79DA-D119-4A86-B80E-4DD09289330D}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A15BA4CB-CC0A-4D93-B650-253F39152ABC}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C8568A7B-BF0A-494D-BEB9-9CD45B6FBAE6}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\SearchSettings
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
***** [ Browser ] *****
[-] [feed.helperbar.com] [Search Provider] Gelöscht: feed.helperbar.com
[-] [myvideo.de.anonymize-me.de] [Search Provider] Gelöscht: myvideo.de.anonymize-me.de
[-] [C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: npdicihegicnhaangkdmcgbjceoemeoo
[-] [C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default] [homepage] Gelöscht: hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPEB561E41-FCA1-4643-A4B9-63708686A887&SSPV=
[-] [feed.helperbar.com] [Search Provider] Gelöscht: feed.helperbar.com
[-] [myvideo.de.anonymize-me.de] [Search Provider] Gelöscht: myvideo.de.anonymize-me.de
[-] [pricerunner.de.anonymize-me.de] [Search Provider] Gelöscht: pricerunner.de.anonymize-me.de
[-] [jugendinfowien.at] [Search Provider] Gelöscht: jugendinfowien.at
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [11455 Bytes] - [14/09/2016 12:32:22]
C:\AdwCleaner\AdwCleaner[R0].txt - [24279 Bytes] - [04/03/2014 23:49:45]
C:\AdwCleaner\AdwCleaner[R1].txt - [21346 Bytes] - [05/03/2014 00:07:03]
C:\AdwCleaner\AdwCleaner[S0].txt - [19330 Bytes] - [05/03/2014 00:07:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [11715 Bytes] - [14/09/2016 12:17:54]
C:\AdwCleaner\AdwCleaner[S2].txt - [11789 Bytes] - [14/09/2016 12:23:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [11899 Bytes] ##########
dass ich auch Firefox und Opera nutze ist irrelevant? Hab nur das Löschen von Chrome und IE -Dateien gesehen? Danke, |
|
14.09.2016, 12:08
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Win 7 - Malware - Dateien in .ENC verschluesselt Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________
__________________ |
|
14.09.2016, 12:33
| #18 |
| | Addition.txtCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-09-2016
durchgeführt von aquarana (14-09-2016 13:23:18)
Gestartet von D:\
Windows 7 Professional Service Pack 1 (X64) (2011-10-19 13:38:46)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
admin (S-1-5-21-1676539162-533426384-2096430618-1003 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-1676539162-533426384-2096430618-500 - Administrator - Disabled)
aquarana (S-1-5-21-1676539162-533426384-2096430618-1000 - Administrator - Enabled) => C:\Users\aquarana
Gast (S-1-5-21-1676539162-533426384-2096430618-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1676539162-533426384-2096430618-1002 - Limited - Enabled)
Max Muster (S-1-5-21-1676539162-533426384-2096430618-1004 - Limited - Enabled) => C:\Users\Max Muster
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\Adobe Connect 9 Add-in) (Version: 11,2,247,0 - Adobe Systems Incorporated)
Adobe Connect Add-in (HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\Adobe Connect Add-in) (Version: - )
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AirServer Universal (x64) (Version: 4.1.11 - App Dynamic) Hidden
AirServer Universal (x64) 4.1.11 (HKLM-x32\...\{0ff0aa74-97d7-4a67-9da7-9cd5521fc2a8}) (Version: 4.1.11 - AppDynamic ehf)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version: - )
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.644 - Avira)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.23.01 - )
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B93CD779-D1C1-4B4D-A9E5-564A542C6DFD}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
AVG (HKLM\...\AvgZen) (Version: 1.82.2.30772 - AVG Technologies)
AVG Zen (Version: 1.82.2 - AVG Technologies) Hidden
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Avira Launcher (HKLM-x32\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.4.505 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-9010CN (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version: - TGRMN Software)
Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MG5500 series Benutzerregistrierung (HKLM-x32\...\Canon MG5500 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.1.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Canon SELPHY CP710 (HKLM\...\Canon SELPHY CP710) (Version: - )
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
Cartoon Story Maker 1.1 (HKLM-x32\...\{0FBC5D89-5237-4FAA-A72F-CB854730EC7A}) (Version: 1.1.0 - DEECD)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
CodeTwo QR Code Desktop Reader (HKLM-x32\...\{8E03824D-0FCC-4AAE-BBE3-3B544BE3876F}) (Version: 1.0.0 - CodeTwo)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deaktivierungs-Add-on für Browser von Google Analytics (HKLM\...\{9F540EA8-086E-4D53-B845-A06E6903DED6}) (Version: 0.9.6.0 - Google Inc.)
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dropbox (HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\Dropbox) (Version: 9.4.49 - Dropbox, Inc.)
Evernote v. 5.9.6 (HKLM-x32\...\{A542D366-9877-11E5-B101-005056951CAD}) (Version: 5.9.6.9494 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FileZilla Client 3.20.1 (HKLM-x32\...\FileZilla Client) (Version: 3.20.1 - Tim Kosse)
Firestorm-Beta-Mesh (remove only) (HKLM-x32\...\Firestorm-Beta-Mesh) (Version: - )
Firestorm-Release (remove only) (HKLM-x32\...\Firestorm-Release) (Version: - )
FlippingBook Publisher Trial (HKLM-x32\...\FlippingBook Publisher Trial 2.4.16) (Version: 2.4.16 - FlippingBook)
FlippingBook Publisher Trial (x32 Version: 2.4.16 - FlippingBook) Hidden
FLV to AVI MPEG WMV 3GP MP4 iPod Converter 6.1.0308 (HKLM-x32\...\FLV to AVI MPEG WMV 3GP MP4 iPod Converter_is1) (Version: - Aone Software)
FMW 1 (Version: 1.123.1 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF Standard (HKLM-x32\...\{86848256-DF08-4F3D-A32D-37151AA16510}) (Version: 7.3.4.311 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
Free Convert MPEG WMV to MP4 FLV AVI Converter 5.8 (HKLM-x32\...\Free Convert MPEG WMV to MP4 FLV AVI Converter_is1) (Version: - Xillvideo Software, Inc.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free RAR Extract Frog (HKLM-x32\...\Free RAR Extract Frog) (Version: 4.10 - Philipp Winterberg)
FreeFileSync 8.0 (HKLM-x32\...\FreeFileSync_is1) (Version: 8.0 - www.FreeFileSync.org)
FTP Commander (HKLM-x32\...\FTP Commander) (Version: - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 9.9.50.5 - Siber Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.22.1.5530 (HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\GoToMeeting) (Version: 7.22.1.5530 - CitrixOnline)
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
Hamster Free Audio Convertor (HKLM-x32\...\{F100D4D4-DFAA-4807-8D4F-0CD44E85F4EA}_is1) (Version: 1.0.0.18 - Hamster Soft)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HTML Studio (HKLM-x32\...\HTML Studio_is1) (Version: - Michael Elsdörfer)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.43.55 - Huawei Technologies Co.,Ltd)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{D5021BF1-39FF-4550-AB7D-6193A6B38671}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
JDiskReport 1.4.1 (HKLM-x32\...\JDiskReport 1.4.1) (Version: 1.4.1 (2014-02-26 11:50:44) - JGoodies Karsten Lentzsch)
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.340 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 12.0.1.340 - Kaspersky Lab) Hidden
K-Lite Codec Pack 4.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 4.0.0 - )
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.06 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
LibreOffice 4.0.5.2 (HKLM-x32\...\{5B9C9486-4287-4621-8F9D-EC3EE622A82F}) (Version: 4.0.5.2 - The Document Foundation)
LibreOffice 4.2 Help Pack (German) (HKLM-x32\...\{56232F31-556D-4ABB-A039-58193778A627}) (Version: 4.2.0.4 - The Document Foundation)
MailStore Home 5.0.0.6684 (HKLM-x32\...\MailStore Home_universal1) (Version: 5.0.0.6684 - deepinvent Software GmbH)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
mHotspot version 6.4.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 6.4.0.0 - mHotspot, Inc.)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2010 - Deutsch (HKLM-x32\...\{90140011-0061-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.01.152 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 39.0.2256.71 (HKLM-x32\...\Opera 39.0.2256.71) (Version: 39.0.2256.71 - Opera Software)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v5.8 (HKLM-x32\...\{5B2C4D32-A7CD-44B0-8619-4ADBE301B2D3}) (Version: 5.8 - Spigot, Inc.) <==== ACHTUNG
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Pin It (HKLM-x32\...\Pin It_is1) (Version: 0.0.4 - Pinterest)
Pivot Stickfigure Animator version 2.2.7 (HKLM-x32\...\Pivot Stickfigure Animator_is1) (Version: 2.2.7 - )
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.8.7 - Vaclav Slavik)
Pointofix (HKLM-x32\...\Pointofix_is1) (Version: - Amerigomedia)
Prezi Desktop (HKLM-x32\...\{7FAE73A4-F0BC-4B65-81CF-52C417383407}) (Version: 4.7.5 - Ihr Firmenname)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.10 - Lenovo)
Reflector 2 (HKLM\...\{389E7BDE-9B6C-4855-AC57-3A5152725640}) (Version: 2.4.0.0 - Squirrels)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12064_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12064_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.6.0 - SAMSUNG Electronics Co., Ltd.)
Screencast-O-Matic (HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\Screencast-O-Matic) (Version: - Screencast-O-Matic)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype Meetings App (HKLM-x32\...\{C8C92E39-5485-45ED-8BF8-D6ED13F12A75}) (Version: 16.2.0.51 - Microsoft Corporation)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0042 - Lenovo)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
Tesseract-OCR 3.01 - open source OCR engine (HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\Tesseract-OCR) (Version: - )
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.23 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.62.00.00 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.83 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.01 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.74 - Lenovo)
UnHackMe 7.71 release (HKLM-x32\...\UnHackMe_is1) (Version: - Greatis Software, LLC.)
USB-Modem-Stick (HKLM-x32\...\USB-Modem-Stick_is1) (Version: - )
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel (MEIx64) System (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows-Treiberpaket - Intel USB (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows-Treiberpaket - Lenovo 1.62.00.00 (01/19/2011 1.62.00.00) (HKLM\...\D01A7EE241898C810674C69EB908D655D149BE77) (Version: 01/19/2011 1.62.00.00 - Lenovo)
Windows-Treiberpaket - MediaTek (wdf_usb) Modem (12/10/2012 1.0.1250.0) (HKLM\...\109193E5BE35D1873F3B0C1F539D4716499C8131) (Version: 12/10/2012 1.0.1250.0 - MediaTek)
Windows-Treiberpaket - MediaTek (wdf_usb) Ports (12/10/2012 1.0.1250.0) (HKLM\...\4C0A5FC4365B283849D4F6C6D4DCCEB7675A25FC) (Version: 12/10/2012 1.0.1250.0 - MediaTek)
Windows-Treiberpaket - MediaTek Inc. (mtkmbim) Net (12/14/2012 1.12.50.1) (HKLM\...\828C056ECF03C21200ED05F187788F5D109292A4) (Version: 12/14/2012 1.12.50.1 - MediaTek Inc.)
Windows-Treiberpaket - MediaTek Inc. (mtkmbim) Net (12/14/2012 1.12.50.1) (HKLM\...\C578DA937710F3D814F55953CE11CD7CC8D4330E) (Version: 12/14/2012 1.12.50.1 - MediaTek Inc.)
Windows-Treiberpaket - MediaTek Inc. (mtkmbim) Net (12/14/2012 1.12.50.1) (HKLM\...\E203C14866DFC39313EC771E058A7D006F255B48) (Version: 12/14/2012 1.12.50.1 - MediaTek Inc.)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (05/05/2011 15.3.6.0) (HKLM\...\C63C03BF3BE2B6F6204BB54541690449FFF79F4F) (Version: 05/05/2011 15.3.6.0 - Synaptics)
Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1FF62F03-9468-D082-55BF-87EE85889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Citrix\GoToMeeting\5174\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5AD66034-9468-D082-62F0-A7AB85889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FE2EC208-BECF-4E83-8BF4-E35DBA4EB6A1}\localserver32 -> C:\Users\aquarana\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.51\GatewayVersion-x64.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1676539162-533426384-2096430618-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0C54946B-DFFA-44D8-A4EB-899D582D70A1} - System32\Tasks\G2MUploadTask-S-1-5-21-1676539162-533426384-2096430618-1000 => C:\Users\aquarana\AppData\Local\Citrix\GoToMeeting\5530\g2mupload.exe [2016-09-04] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {0C963ECA-BDB6-4922-84C0-9B26B261DDC4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000Core => C:\Users\aquarana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: {0D2D537A-4AA6-47D5-8220-59470756D868} - System32\Tasks\PinItAutoUpdate => C:\Program Files (x86)\Pinterest\Pin It\AutoUpdater.exe [2013-10-17] ()
Task: {1B251670-3AEB-4935-AC22-3F1BB97AAEEC} - System32\Tasks\Google Updater and Installer => C:\Users\aquarana\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1CC425E1-F5A1-4D0F-9940-108EA8F7ECB4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000UA => C:\Users\aquarana\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1D347441-4A55-41A8-919C-BB1923E74A19} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-31] (Adobe Systems Incorporated)
Task: {29B6CAF3-9B70-4F0F-B33F-8A37EFBAB0B9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000Core => C:\Users\aquarana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-03] (Facebook Inc.)
Task: {2E47E950-E332-41D8-AFD6-E56EA3B95080} - System32\Tasks\{A1335423-A9C0-403B-976F-2E592FC81CE0} => pcalua.exe -a C:\Users\aquarana\Downloads\irfanview_plugins_437_setup(1).exe -d C:\Users\aquarana\Downloads
Task: {31595227-9F0C-455B-A64B-C3DA10A391B2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000Core => C:\Users\aquarana\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {333876BD-11F6-407A-AC6E-24B08FE55938} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {3A695D55-09D2-4422-B50A-3B304FFC2A3C} - System32\Tasks\UnHackMe Task Scheduler => C:\programme-ag\UnHackMe\hackmon.exe [2015-03-04] (Greatis Software)
Task: {3FCCB962-B3CD-4BB5-8AAF-396C85052AB6} - System32\Tasks\Opera scheduled Autoupdate 1425031998 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-05] (Opera Software)
Task: {442DBD7E-636B-49BE-B122-D2782D3509AD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20] (Oracle Corporation)
Task: {4A43D518-1AA7-4CF5-8D6D-F47E0A62CEED} - System32\Tasks\G2MUpdateTask-S-1-5-21-1676539162-533426384-2096430618-1000 => C:\Users\aquarana\AppData\Local\Citrix\GoToMeeting\5530\g2mupdate.exe [2016-09-04] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {5342F614-A081-4B13-B157-3F0E5F981898} - System32\Tasks\{F7C849C4-A9B0-4E55-9B45-9291BC110C74} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {57DEB353-67F7-48C8-A8A4-BA5EACAD2A90} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe [2011-03-02] (Lenovo Group Limited)
Task: {603AB7DF-473B-4CBC-8012-2338ACD08B9B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000UA => C:\Users\aquarana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: {69D4E27A-2BFD-4D5A-BFF5-D381ABAC6FDC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {6B62BC96-6531-4FA0-8DFA-2BACD168FEF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {6F2B63C0-4941-4668-8E2E-2EA545BE9E31} - System32\Tasks\{F7F15EA9-4332-4411-8D75-92DE18211D15} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsProgressBar
Task: {7BA0AC76-C419-4010-8D83-7F6075688F16} - System32\Tasks\{3DFDE223-5720-4B8A-829D-ADE45E05E183} => C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe [2014-03-31] (Microsoft Corporation)
Task: {88CC9A2C-AC4B-4B5C-84DA-B20ABCB4981E} - System32\Tasks\{07425833-E2B6-408B-8361-C27C9C26746C} => pcalua.exe -a C:\Users\aquarana\Downloads\HOFER-Bestellsoftware-Setup.exe -d C:\Users\aquarana\Downloads
Task: {8B285B7D-341F-4F84-B238-A17B88963DD6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000UA => C:\Users\aquarana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-03] (Facebook Inc.)
Task: {8F4636D9-6EB1-4655-9765-CADE7D0AFA60} - System32\Tasks\{4AFE5CE8-6361-438F-92B8-D1F4F9FF9120} => pcalua.exe -a C:\Users\aquarana\Downloads\CartoonStoryMaker_v1_1.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {9CD222F8-815F-4701-BB13-54B36E103E41} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {A18D51C3-C919-4D2B-8D44-3E4916FF319D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {A19BFD88-FEA4-433C-8E3B-2F191A342C40} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AF4E262D-CD67-49F9-8EDC-6ED729925ADC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-31] (Adobe Systems Incorporated)
Task: {BBF09C2B-9FF4-4A38-A335-1A869CEF0015} - System32\Tasks\{2936D89E-EB37-4BAE-A956-E9DB4C77D4DE} => pcalua.exe -a C:\Users\aquarana\downloadprogramme\audiocable\setup.exe -d C:\Users\aquarana\downloadprogramme\audiocable
Task: {C9F6EAAD-4FC2-420E-A319-006D18F51E0C} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {D3BFBBC5-D5A8-42B6-99B8-8505BDCF046E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {FEBCD8D2-E49E-4046-AA27-0A686E17B19C} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-03-23] (Lenovo Group Limited)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000Core.job => C:\Users\aquarana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000UA.job => C:\Users\aquarana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000Core.job => C:\Users\aquarana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000UA.job => C:\Users\aquarana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1676539162-533426384-2096430618-1000.job => C:\Users\aquarana\AppData\Local\Citrix\GoToMeeting\5530\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1676539162-533426384-2096430618-1000.job => C:\Users\aquarana\AppData\Local\Citrix\GoToMeeting\5530\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000Core.job => C:\Users\aquarana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000UA.job => C:\Users\aquarana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\aquarana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Magisto - Magical Video Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ghmngbmfdgknokcefmkbjlcjabdklnlk
ShortcutWithArgument: C:\Users\aquarana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Readium.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fepbnnnkkadjhjahcafoaglimekefifl
ShortcutWithArgument: C:\Users\aquarana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\UberConference.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nhhfpdlccblfofockeabmalggfhelcgj
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-04-02 09:46 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2016-07-01 14:35 - 2016-07-01 14:35 - 09400032 _____ () C:\Program Files\Siber Systems\GoodSync\gs-server.exe
2016-04-05 07:46 - 2016-02-16 11:04 - 00192304 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2015-03-16 20:57 - 2015-03-16 17:14 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2011-10-05 18:04 - 2011-03-23 20:48 - 00054272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2013-08-05 08:15 - 2013-08-05 08:15 - 00070712 _____ () C:\Windows\system32\bdmpega64.acm
2016-08-03 17:45 - 2016-08-03 17:45 - 00052400 _____ () C:\Users\aquarana\downloadprogramme\FileZilla FTP Client\fzshellext_64.dll
2011-04-14 13:15 - 2011-04-14 13:15 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2015-12-17 19:39 - 2015-12-17 19:39 - 00073512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:39 - 2015-12-17 19:39 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-16 20:57 - 2015-03-16 17:14 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2015-03-16 20:57 - 2015-03-16 17:14 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2015-03-16 20:57 - 2015-03-16 17:14 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-03-16 20:57 - 2015-03-16 17:14 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2013-08-14 16:39 - 2013-08-14 16:39 - 01008536 _____ () C:\Program Files (x86)\LibreOffice 4.0\program\libxml2.dll
2013-08-14 16:39 - 2013-08-14 16:39 - 00178072 _____ () C:\Program Files (x86)\LibreOffice 4.0\program\libxslt.dll
2013-08-14 16:39 - 2013-08-14 16:39 - 00080280 _____ () C:\Program Files (x86)\LibreOffice 4.0\program\python3.dll
2013-08-14 05:46 - 2013-08-14 05:46 - 00049152 _____ () C:\Program Files (x86)\LibreOffice 4.0\program\python-core-3.3.0\lib\_socket.pyd
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences [514]
AlternateDataStreams: C:\ProgramData\TEMP:30AB1094 [130]
AlternateDataStreams: C:\Users\aquarana\Desktop\schummelzettel:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\aquarana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: DirMngr => 2
MSCONFIG\Services: HWDeviceService64.exe => 2
MSCONFIG\Services: KSS => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: uCamMonitor => 2
MSCONFIG\Services: VIPAppService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: (default) =>
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: Lenovo Registration => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: RotateImage => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TpShocks => TpShocks.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{EDE20844-F007-4656-A430-ADE46973B339}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FD52E6F3-75BD-4BA3-BC97-C9C1AC0FEC12}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{2EA0292E-CAB9-4354-9838-B81B1B4422D8}C:\users\aquarana\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\aquarana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{81206387-E146-4392-A05B-B9F118124D8D}C:\users\aquarana\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\aquarana\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{78300C57-8B45-4087-8B3A-98D3ED2441E0}C:\users\aquarana\downloadprogramme\firestorm-release\slvoice.exe] => (Allow) C:\users\aquarana\downloadprogramme\firestorm-release\slvoice.exe
FirewallRules: [UDP Query User{B3315CC3-41C3-43E9-A382-445A65659433}C:\users\aquarana\downloadprogramme\firestorm-release\slvoice.exe] => (Allow) C:\users\aquarana\downloadprogramme\firestorm-release\slvoice.exe
FirewallRules: [TCP Query User{6C65C334-E949-470C-B3C0-678C668568E2}C:\users\aquarana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aquarana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3A02F0A4-317C-4489-A5A2-87CD8DA8EAE3}C:\users\aquarana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aquarana\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F71745EE-71EF-4809-8036-40A75011A44B}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{C9F92D85-0A36-4F01-A42A-434C14456A82}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{EC95F348-BBFB-47C8-804C-2FEAFFC8644B}] => (Allow) C:\Users\aquarana\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{37DEA57F-6410-4F9A-BD6A-B41A8A8BF9F1}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{486672CE-85F9-482D-959C-83616A9E3EF5}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{E3650613-5F5A-49EC-A4C4-3EF5BF464CC8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9652DC0F-214C-4EEE-8041-FAEEB2C63DCF}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{1AB780F4-AD58-40AD-B081-6C17FD54C3B6}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{6AF3F689-5112-4C68-AD57-553922AF0144}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{CE09AA53-0953-4051-ABC6-511533A39C83}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{48542E9B-B29D-41AB-96B1-F9497237A0F7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{889D8C20-2987-4891-807F-59AC21029AAE}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{8B03DDC5-EE02-4FD6-AFB0-9A1C90F79C85}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{10787B04-AEA9-4FD7-9A83-D88C8561639F}] => (Allow) C:\Users\aquarana\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DF8F6943-CF50-4423-8543-0C41C730AE2E}] => (Allow) C:\Users\aquarana\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{2E45CFB3-5ACB-4C62-A260-D1FFD0B8F248}C:\programme-ag\video converter ultimate\videoconverterultimate.exe] => (Allow) C:\programme-ag\video converter ultimate\videoconverterultimate.exe
FirewallRules: [UDP Query User{8DD8D343-7CA8-47F3-A97C-60721C1B982A}C:\programme-ag\video converter ultimate\videoconverterultimate.exe] => (Allow) C:\programme-ag\video converter ultimate\videoconverterultimate.exe
FirewallRules: [{3061002F-AAB9-4242-AA7C-0D6DF8797889}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{37F63C5D-8CED-4D09-8CBC-D7B8629BD728}] => (Allow) LPort=2869
FirewallRules: [{D3C3DCD4-0644-442E-9021-247A01743AB4}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{F848FFE9-7249-4F5F-8E6B-217882267DF6}C:\users\aquarana\appdata\roaming\wuala\wuala.exe] => (Allow) C:\users\aquarana\appdata\roaming\wuala\wuala.exe
FirewallRules: [UDP Query User{9767E4CE-51EF-483F-A775-728F6736BBA6}C:\users\aquarana\appdata\roaming\wuala\wuala.exe] => (Allow) C:\users\aquarana\appdata\roaming\wuala\wuala.exe
FirewallRules: [{C7933721-A778-439E-884C-624D6F7164B2}] => (Allow) C:\Users\aquarana\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{439FD17D-B737-4BF1-A316-374BADC00DB8}C:\users\aquarana\appdata\roaming\wuala\wuala.exe] => (Block) C:\users\aquarana\appdata\roaming\wuala\wuala.exe
FirewallRules: [UDP Query User{CF48BA7C-8069-4748-8A4A-D12BE0BE739B}C:\users\aquarana\appdata\roaming\wuala\wuala.exe] => (Block) C:\users\aquarana\appdata\roaming\wuala\wuala.exe
FirewallRules: [{F55D4C14-78A7-4425-8FDE-3E452E45FDED}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{7509E942-BF5A-4AD3-902B-73C281F1C522}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{20BFC1D4-1235-4E4B-B8B1-E2235A4E90D6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{20EB7CC5-A062-4C7D-9536-643CED4F161F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{DB0131A5-ADAD-415C-9250-BDEDE636B84E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FEB96C6E-5461-42CD-9A42-C077B0D51F41}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AF4EF2F5-B390-4716-AA52-5E76C4005F33}] => (Allow) C:\programme-ag\mHotspot\mHotspot.exe
FirewallRules: [{9358434F-62E2-4FE1-BDA3-7E6C33C8E25E}] => (Allow) C:\programme-ag\mHotspot\mHotspot.exe
FirewallRules: [TCP Query User{3AF35222-4828-4708-BF29-72B7806038A0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3ABDBCE1-490C-4B77-9B73-402E1066A924}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{59FA7AE0-27B4-48AF-82B2-8F4EC97BD82F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{27D79F35-5AD8-44D0-B966-1182F3714C34}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F5A3E3D4-C11A-474E-AA4E-74CE4DFF5F7B}] => (Allow) C:\Program Files\Reflector 2\Reflector2.exe
FirewallRules: [{6FD0E4DE-E985-4FFF-A338-F77DD06909DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D335DFAA-9F6F-4FC2-8043-109E2AA1EB1E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{98C5A46F-A551-4B82-9C02-6AA529A05B3E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{31384D1E-6CC9-4BC8-AE4D-9C8D475B8F65}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8A4323D4-5967-4DA5-9623-7C3FD20199DC}] => (Allow) C:\programme-ag\iTunes.exe
FirewallRules: [{D3B2C2FB-53CC-4024-9F04-56A0DF186285}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe
FirewallRules: [{8B0D4F47-DF56-4051-A72A-505008FA5481}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe
FirewallRules: [{C51CC395-8488-4A66-A8A0-1CE394FE5438}] => (Allow) C:\Program Files\Siber Systems\GoodSync\gs-server.exe
FirewallRules: [{926DEE65-7F11-44E1-9F5F-947ABE180164}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
14-09-2016 07:50:51 Malwarebytes Anti-Rootkit Restore Point
14-09-2016 12:51:57 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/14/2016 12:35:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/14/2016 12:34:49 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (09/14/2016 10:31:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SearchIndexer.exe, Version: 7.0.7601.17610, Zeitstempel: 0x4dc0d019
Name des fehlerhaften Moduls: TQUERY.DLL, Version: 7.0.7601.17610, Zeitstempel: 0x4dc0e17a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000008ea83
ID des fehlerhaften Prozesses: 0xc70
Startzeit der fehlerhaften Anwendung: 0x01d20e4cc5ce3980
Pfad der fehlerhaften Anwendung: C:\Windows\system32\SearchIndexer.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\TQUERY.DLL
Berichtskennung: aa3794ea-7a55-11e6-b76d-9439e58f5163
Error: (09/14/2016 07:56:31 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/14/2016 07:56:31 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/14/2016 07:56:31 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/14/2016 07:56:31 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/14/2016 07:56:31 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/14/2016 07:56:31 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/14/2016 07:56:31 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (09/14/2016 01:21:16 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error: (09/14/2016 12:36:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (09/14/2016 12:35:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-19) für Benutzer NT-AUTORITÄT\LOKALER DIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (09/14/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (09/14/2016 12:34:54 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: Das System kann die Datei nicht öffnen.
.
Error: (09/14/2016 12:34:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (09/14/2016 12:34:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.
Error: (09/14/2016 12:33:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (09/14/2016 12:33:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (09/14/2016 12:33:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
CodeIntegrity:
===================================
Date: 2013-09-12 11:55:37.503
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-12 11:55:37.351
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8075.23 MB
Verfügbarer physikalischer RAM: 5075.85 MB
Summe virtueller Speicher: 16148.65 MB
Verfügbarer virtueller Speicher: 13114.74 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:296.92 GB) (Free:20.81 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (A1) (Removable) (Total:7.45 GB) (Free:4.9 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 80C5B3B8)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
14.09.2016, 12:35
| #19 |
| | FRST.txtCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2016
durchgeführt von aquarana (Administrator) auf MICKEY-MOUSE (14-09-2016 13:22:23)
Gestartet von D:\
Geladene Profile: aquarana (Verfügbare Profile: aquarana & admin & Max Muster)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-04-14] (Lenovo)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2011-02-28] (Lenovo Group Limited)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-17] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704248 2015-03-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67864 2016-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\programme-ag\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\Run: [SpybotSD TeaTimer] => C:\programme-ag\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\Run: [Dropbox Update] => "C:\Users\aquarana\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\RunOnce: [CanonUPW_000] => C:\Program Files (x86)\Common Files\Canon\UPW\2.0.0.0\UPWClean.exe [81920 2006-11-15] (CANON INC.) <===== ACHTUNG
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {0ef7830d-f9ba-11e5-8d57-9439e58f5163} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {281f85a2-b6e2-11e4-99b4-f0def1918371} - D:\AutoRun.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {281f85aa-b6e2-11e4-99b4-f0def1918371} - D:\AutoRun.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {281f8887-b6e2-11e4-99b4-f0def1918371} - D:\win\AutoRun.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {453f2b01-66a8-11e1-9ea2-9439e58f5163} - D:\Autorun.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {9306f86a-bc15-11e4-be5c-f0def1918371} - D:\win\AutoRun.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {96ed6b6a-c814-11e4-9a1c-f0def1918371} - D:\AutoRun.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {cc89d9ac-f3cc-11e2-ac4e-9439e58f5163} - D:\AutoRun.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {cc89d9af-f3cc-11e2-ac4e-9439e58f5163} - D:\AutoRun.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {de837b80-c00b-11e5-88fe-f0def1918371} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {f0ff945f-e8a7-11e2-b448-9439e58f5163} - D:\AutoRun.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\MountPoints2: {f0ff9463-e8a7-11e2-b448-9439e58f5163} - D:\AutoRun.exe
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> none
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {002E4698-0465-498E-83AF-97E85A072C3A} => C:\Windows\System32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Keine Datei
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {002E4698-0465-498E-83AF-97E85A072C3A} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\aquarana\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\Users\aquarana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\aquarana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\aquarana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-02-11]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BootExecute: autocheck autochk * Partizan
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{22BFDEA1-D962-4D89-AB0F-A4D8A37AFB3C}: [DhcpNameServer] 10.0.1.2
Tcpip\..\Interfaces\{9A8FEFEF-05C9-4A38-A1DD-1953C19A5C0B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{ECED5743-1753-489A-B587-11CE65483C94}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.at/?gws_rd=ssl
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1676539162-533426384-2096430618-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1676539162-533426384-2096430618-1000 -> {3D772B34-C8BB-4549-9B33-60814BC9C573} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1676539162-533426384-2096430618-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deAT454
SearchScopes: HKU\S-1-5-21-1676539162-533426384-2096430618-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1676539162-533426384-2096430618-1000 -> {C9A7F201-B58A-483B-9C45-4DAB553B36BF} URL = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-1676539162-533426384-2096430618-1000 -> {E37A7756-FFAA-4ED2-BCDF-3F0B75C20103} URL = hxxp://www.youtube.com/results?search_query={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Deaktivierungs-Add-on für Browser von Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll [2014-04-03] (Google, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19] (Symantec Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\programme-ag\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Deaktivierungs-Add-on für Browser von Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll [2014-04-03] (Google, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-30] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-30] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-1676539162-533426384-2096430618-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Handler: WSWSVCUchrome - Kein CLSID Wert
FireFox:
========
FF ProfilePath: C:\Users\aquarana\AppData\Roaming\Mozilla\Firefox\Profiles\s3ksuc5o.default-1457247739583
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-31] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-31] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\programme-ag\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\programme-ag\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\programme-ag\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\programme-ag\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\programme-ag\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\programme-ag\Picasa3\npPicasa3.dll [2012-12-12] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Users\aquarana\downloadprogramme\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1676539162-533426384-2096430618-1000: @citrixonline.com/appdetectorplugin -> C:\Users\aquarana\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-06-10] (Citrix Online)
FF Plugin HKU\S-1-5-21-1676539162-533426384-2096430618-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\aquarana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1676539162-533426384-2096430618-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\aquarana\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1676539162-533426384-2096430618-1000: @talk.google.com/O1DPlugin -> C:\Users\aquarana\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1676539162-533426384-2096430618-1000: @tools.google.com/Google Update;version=3 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin HKU\S-1-5-21-1676539162-533426384-2096430618-1000: @tools.google.com/Google Update;version=9 -> C:\Users\aquarana\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin HKU\S-1-5-21-1676539162-533426384-2096430618-1000: SkypeForBusinessPlugin-16.2 -> C:\Users\aquarana\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.51\npGatewayNpapi.dll [2016-05-11] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1676539162-533426384-2096430618-1000: SkypeForBusinessPlugin64-16.2 -> C:\Users\aquarana\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.51\npGatewayNpapi-x64.dll [2016-05-11] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-07-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-07-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-07-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-07-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-07-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\aquarana\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\aquarana\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: (colorPicker) - C:\Users\aquarana\AppData\Roaming\Mozilla\Firefox\Profiles\s3ksuc5o.default-1457247739583\Extensions\colorPicker@colorPicker.xpi [2016-09-12]
FF Extension: (Kein Name) - C:\Users\aquarana\AppData\Roaming\Mozilla\Firefox\Profiles\s3ksuc5o.default-1457247739583\Extensions\colorPicker@colorPicker.xpi.enc [2016-09-09] [ist nicht signiert]
FF Extension: (Firefox Hotfix) - C:\Users\aquarana\AppData\Roaming\Mozilla\Firefox\Profiles\s3ksuc5o.default-1457247739583\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-12]
FF Extension: (Kein Name) - C:\Users\aquarana\AppData\Roaming\Mozilla\Firefox\Profiles\s3ksuc5o.default-1457247739583\Extensions\firefox-hotfix@mozilla.org.xpi.enc [2016-09-09] [ist nicht signiert]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2015-03-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKU\S-1-5-21-1676539162-533426384-2096430618-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Commons Tab) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbiobjnggllnimnbhddficgaigcfmcp [2015-08-24]
CHR Extension: (Duolingo im Web) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-11-15]
CHR Extension: (Google Drive) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Hootsuite Hootlet) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn [2016-08-29]
CHR Extension: (YouTube) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Adblock Plus) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-29]
CHR Extension: (Google-Suche) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (Custom Hangout Emoticons) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\egaicdjagfbejjeihijpnelohejdhhjd [2016-03-05]
CHR Extension: (CHIP Adventskalender 2015) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\eieokkbmdedgencncfbagbcapghlakcg [2015-11-25]
CHR Extension: (Video Downloader professional) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-07-22]
CHR Extension: (Readium) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2016-08-17]
CHR Extension: (Avira Browserschutz) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-09]
CHR Extension: (Page Analytics (by Google)) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2016-06-08]
CHR Extension: (Google Docs Offline) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Magisto - Magical Video Editor) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk [2016-01-25]
CHR Extension: („Pin it“-Button) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-07-22]
CHR Extension: (ORF-TVthek - Downloader) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfnehdmbbmcahojnebecpiljbkeaele [2015-11-15]
CHR Extension: (Skype) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-08-31]
CHR Extension: (Delicious Bookmarks) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnapbapmncaacbfijemonkinanfaebhm [2015-11-15]
CHR Extension: (Google*Hangouts) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2016-09-01]
CHR Extension: (UberConference) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhhfpdlccblfofockeabmalggfhelcgj [2016-08-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (HTML5 Reference) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpkagjdblecmkbacokmckbfollmmomb [2015-11-15]
CHR Extension: (Staff Squared - online HR software) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkbpdknelhckjohmilhicfaacnokhgb [2016-02-26]
CHR Extension: (WeVideo - Videos bearbeiten & erstellen) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2015-11-15]
CHR Extension: (Picasa) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-11-15]
CHR Extension: (Evernote Web Clipper) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-08-29]
CHR Extension: (Google Mail) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-31]
CHR Extension: (Learn Spanish - Qué Onda) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj [2015-11-15]
CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhplgjpclknigjpccbcnmicgcieojbh [2016-08-04]
CHR Extension: (BodBot Personal Trainer) - C:\Users\aquarana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppnkdiaelidjhcebhmgemlpnghbdgjhk [2016-01-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1676539162-533426384-2096430618-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\aquarana\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-16]
CHR HKU\S-1-5-21-1676539162-533426384-2096430618-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [nlafpokblfobdnjhhggocaanijghemnd] - <kein Path/update_url>
StartMenuInternet: Google Chrome.CPETAPIYACI5ENVKSV3DOORCFM - C:\Users\aquarana\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [804600 2015-03-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [991536 2015-03-05] (Avira Operations GmbH & Co. KG)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-09-07] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [320672 2016-08-04] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S4 DirMngr; C:\programme-ag\Neuer Ordner\GnuPG\dirmngr.exe [218112 2013-10-07] () [Datei ist nicht signiert]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-23] (Lenovo.)
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [9400032 2016-07-01] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2016-02-16] ()
S4 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2015-03-16] ()
S4 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
S4 MBAMScheduler; C:\programme-ag\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S4 MBAMService; C:\programme-ag\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S4 SBSDWSCService; C:\programme-ag\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [443240 2011-03-02] (Lenovo Group Limited)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2010-12-14] (Lenovo Group Limited) [Datei ist nicht signiert]
S4 uCamMonitor; C:\programme-ag\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S4 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2008-04-24] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2015-03-16] (Bytemobile, Inc.) [Datei ist nicht signiert]
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2015-03-16] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-02-16] (Huawei Technologies Co., Ltd.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2015-03-24] (Greatis Software)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-10-05] ()
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2015-03-16] (Bytemobile, Inc.) [Datei ist nicht signiert]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-14 12:59 - 2016-09-14 12:59 - 00037702 _____ C:\Users\aquarana\Desktop\JRT.txt
2016-09-14 12:50 - 2016-09-14 12:50 - 01610560 _____ (Malwarebytes) C:\Users\aquarana\Downloads\JRT.exe
2016-09-14 12:13 - 2016-09-14 12:13 - 03826240 _____ C:\Users\aquarana\Desktop\AdwCleaner_6.010.exe
2016-09-13 22:18 - 2016-09-14 12:34 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-13 22:13 - 2016-09-14 10:44 - 00000000 ____D C:\Users\aquarana\Desktop\mbar
2016-09-13 22:11 - 2016-09-13 22:11 - 16563352 _____ (Malwarebytes Corp.) C:\Users\aquarana\Downloads\mbar-1.09.3.1001.exe
2016-09-13 18:38 - 2016-09-13 18:39 - 00262144 _____ C:\Windows\Minidump\091316-17472-01.dmp
2016-09-12 19:43 - 2016-09-12 19:43 - 79742146 _____ C:\Users\aquarana\Desktop\making_handbuch_online_final.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 16691651 _____ C:\Users\aquarana\Desktop\manu-bp_so16.zip
2016-09-12 19:43 - 2016-09-12 19:43 - 05808089 _____ C:\Users\aquarana\Desktop\Tablets-im-Einsatz-Broschuere-2015.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 04980225 _____ C:\Users\aquarana\Desktop\OER-AK-Info_Schulbuch_digital_final.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 04967615 _____ C:\Users\aquarana\Desktop\sprachsensibler-unterricht-sachu-oesz_praxisreihe24_web.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 04567432 _____ C:\Users\aquarana\Desktop\Whitepaper-20-Helfer-für-perfekte-Bilder-MarketingPow(1).pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 02808255 _____ C:\Users\aquarana\Desktop\Neu_in_Oesterreich_-_einen_Meldezettel_ausfuellen.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 02207341 _____ C:\Users\aquarana\Desktop\lernvideo-canvas.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 00732304 _____ C:\Users\aquarana\Desktop\Xing-Profil Optimieren Tipps Fürs Perfekte Portfolio _ Karrierebibel.de.htm
2016-09-12 19:43 - 2016-09-12 19:43 - 00378183 _____ C:\Users\aquarana\Desktop\tag-der-lehre-st-pölten.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 00349232 _____ C:\Users\aquarana\Desktop\manuel-unirun16.htm
2016-09-12 19:43 - 2016-09-12 19:43 - 00237143 _____ C:\Users\aquarana\Desktop\mediatraining-blog-teil1.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 00232786 _____ C:\Users\aquarana\Desktop\MOOC Badging and the Learning Arc - oldsmooc.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 00085316 _____ C:\Users\aquarana\Desktop\––––– - id-firmenkunden-data.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 00082401 _____ C:\Users\aquarana\Desktop\Methodischer Input Nick Antonov Photostory - NMS Tagebuch 2009-11-16.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 00034593 _____ C:\Users\aquarana\Desktop\ZWISCHENSTAND-upload-dafwebkon.odt
2016-09-12 19:43 - 2016-09-12 19:43 - 00029184 _____ C:\Users\aquarana\Desktop\Partnerkontakte.xls
2016-09-12 19:43 - 2016-09-12 19:43 - 00026915 _____ C:\Users\aquarana\Desktop\Mildenberg-DaZ-Broschuere.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 00011180 _____ C:\Users\aquarana\Desktop\live-online-Kosten-20140211.xlsx
2016-09-12 19:43 - 2016-09-12 19:43 - 00002801 _____ C:\Users\aquarana\Desktop\verben-dativ-od-akkusativ.pdf
2016-09-12 19:43 - 2016-09-12 19:43 - 00000162 ____H C:\Users\aquarana\Desktop\~$tness Gesund bleiben durch Fitness-ergaenzt-salutogenese.odt
2016-09-12 19:43 - 2016-09-12 19:43 - 00000162 ____H C:\Users\aquarana\Desktop\~$rdedigital-lehrerinnenneu.odt
2016-09-12 19:43 - 2016-09-12 19:43 - 00000162 ____H C:\Users\aquarana\Desktop\~$hg-novelle-1-10-15.odt
2016-09-12 19:43 - 2016-09-12 19:43 - 00000162 ____H C:\Users\aquarana\Desktop\~$ee-tanzreisen-choretaki.odt
2016-09-12 19:43 - 2016-09-12 19:43 - 00000162 ____H C:\Users\aquarana\Desktop\~$edback electures.odt
2016-09-12 19:42 - 2016-09-12 19:42 - 12560205 _____ C:\Users\aquarana\Desktop\Game-Research-Methods_Lankoski-Bjork-etal-web.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 10822041 _____ C:\Users\aquarana\Desktop\20151-adobemarketingsuccessstory-nissan.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 07714675 _____ C:\Users\aquarana\Desktop\camera-multimedia-cc0-pexels-photo-12696.jpeg
2016-09-12 19:42 - 2016-09-12 19:42 - 04912803 _____ C:\Users\aquarana\Desktop\20151-adobemarketingcloud.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 03824561 _____ C:\Users\aquarana\Desktop\2016-06_Interaktive-E-Books_V20(1).epub
2016-09-12 19:42 - 2016-09-12 19:42 - 03808593 _____ C:\Users\aquarana\Desktop\band10(1).pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 03636831 _____ C:\Users\aquarana\Desktop\L165_Suchen_finden_weitergeben3316953099.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 03631659 _____ C:\Users\aquarana\Desktop\key_moocs_small.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 02752813 _____ C:\Users\aquarana\Desktop\Deutschkurs-Level-3.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 02552947 _____ C:\Users\aquarana\Desktop\dafcommunity23216-Interaktive-Whiteboards.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 02536625 _____ C:\Users\aquarana\Desktop\Kadushin-Bearina IUD concept-MR.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 02078939 _____ C:\Users\aquarana\Desktop\bilderwoerterbuch-arabisch-deutsch.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 01530382 _____ C:\Users\aquarana\Desktop\interactive-top5-characters-crc.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00800497 _____ C:\Users\aquarana\Desktop\A3_1skype_for_business.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00687741 _____ C:\Users\aquarana\Desktop\gutjahr-hardware-empfehlungen.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00456262 _____ C:\Users\aquarana\Desktop\jelinek.andrea.vortrag_oegsr-21-1-2015.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00424795 _____ C:\Users\aquarana\Desktop\5 Zeitmanagement-Tipps von Ivan Blatter(1).pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00389694 _____ C:\Users\aquarana\Desktop\5 Reasons Why Game-Based Learning Should Matter to Organizations.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00362698 _____ C:\Users\aquarana\Desktop\Instagram-Safety-4x4-Checklist_web.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00362667 _____ C:\Users\aquarana\Desktop\HowOERenhanceMOOCs_online.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00309531 _____ C:\Users\aquarana\Desktop\Cell-Phone-Rules-for-German-Classes.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00237626 _____ C:\Users\aquarana\Desktop\HandoutBestofMobileApps.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00176544 _____ C:\Users\aquarana\Desktop\CYB_cyberbullying_im_internationalen_und_lokalen_kontext_lva_endbericht_ger.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00132234 _____ C:\Users\aquarana\Desktop\barcelona-v2.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00093912 _____ C:\Users\aquarana\Desktop\Herzliche Einladung.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00091977 _____ C:\Users\aquarana\Desktop\barcelona.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00086265 _____ C:\Users\aquarana\Desktop\Groß-Kleinschreibung.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00052830 _____ C:\Users\aquarana\Desktop\azv-entgelte---kommerz-data.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00051745 _____ C:\Users\aquarana\Desktop\fernstudium-online-kurse-erfolg-moocs-spocs.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00045198 _____ C:\Users\aquarana\Desktop\der schwierige erste Satz.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00031572 _____ C:\Users\aquarana\Desktop\Gratis Online Lernen-v2.odt
2016-09-12 19:42 - 2016-09-12 19:42 - 00018399 _____ C:\Users\aquarana\Desktop\6857672-Zahlungsanweisung-20160629-203803054 (1).pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00007472 _____ C:\Users\aquarana\Desktop\der schwierige erste satz_uebung.pdf
2016-09-12 19:42 - 2016-09-12 19:42 - 00002657 _____ C:\Users\aquarana\Desktop\Aufnahme in die ÖGSR.eml
2016-09-12 19:40 - 2016-09-12 19:40 - 00303013 _____ C:\Users\aquarana\AppData\Roaming\Bunch.AFx
2016-09-12 19:40 - 2016-09-12 19:40 - 00000060 _____ C:\Users\aquarana\AppData\Roaming\fullscreen_toolbar.xml
2016-09-12 18:50 - 2016-09-12 18:50 - 00091840 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-12 18:31 - 2016-09-13 06:45 - 00000808 _____ C:\Users\aquarana\Downloads\te225log.txt
2016-09-12 18:29 - 2016-09-12 18:29 - 00000096 _____ C:\Users\aquarana\Downloads\te225pass
2016-09-12 18:28 - 2016-09-12 18:28 - 01599648 _____ (Doctor Web, Ltd.) C:\Users\aquarana\Downloads\te225decrypt(1).exe
2016-09-12 18:18 - 2016-09-12 18:18 - 01599648 _____ (Doctor Web, Ltd.) C:\Users\aquarana\Downloads\te225decrypt.exe
2016-09-09 20:22 - 2016-09-14 13:22 - 00000000 ____D C:\FRST
2016-09-09 18:00 - 2016-09-09 18:00 - 06766720 _____ (ESET spol. s r.o.) C:\Users\aquarana\Downloads\ESETOnlineScanner_DEU.exe
2016-09-09 18:00 - 2016-09-09 18:00 - 00000000 ____D C:\Users\aquarana\AppData\Local\ESET
2016-09-09 17:38 - 2016-09-13 21:59 - 00000000 ____D C:\Program Files (x86)\PC Manager Pro
2016-09-09 17:38 - 2016-09-09 17:38 - 00000000 ____D C:\Users\aquarana\Documents\PC Manager Pro
2016-09-09 17:36 - 2016-09-09 17:37 - 03875904 _____ (PC Manager Pro ) C:\Users\aquarana\Downloads\PCManagerPro.exe
2016-09-09 13:47 - 2016-09-09 13:47 - 00002349 _____ C:\Users\aquarana\Desktop\termin-bertelsmann-wo37.ics
2016-09-09 10:22 - 2016-09-09 10:22 - 00003791 _____ C:\Users\aquarana\AppData\Roaming\wie_zum_Wiederherstellen_von_Dateien.html
2016-09-09 10:22 - 2016-09-09 10:22 - 00001248 _____ C:\Users\aquarana\AppData\Roaming\wie_zum_Wiederherstellen_von_Dateien.txt
2016-09-09 10:07 - 2016-09-09 10:07 - 00560048 _____ C:\Users\aquarana\Desktop\74-ueberschriften-fuer-blogs.pdf
2016-09-09 08:56 - 2016-09-09 10:28 - 00003791 _____ C:\Users\aquarana\AppData\Roaming\.html
2016-09-09 08:56 - 2016-09-09 10:28 - 00001248 _____ C:\Users\aquarana\AppData\Roaming\.txt
2016-09-08 18:32 - 2016-09-08 18:32 - 00003791 _____ C:\Users\admin\AppData\Local\wie_zum_Wiederherstellen_von_Dateien.html
2016-09-08 18:32 - 2016-09-08 18:32 - 00001248 _____ C:\Users\admin\AppData\Local\wie_zum_Wiederherstellen_von_Dateien.txt
2016-09-08 18:07 - 2016-09-08 18:07 - 00003791 _____ C:\Users\aquarana\Desktop\wie_zum_Wiederherstellen_von_Dateien.html
2016-09-08 18:07 - 2016-09-08 18:07 - 00001248 _____ C:\Users\aquarana\Desktop\wie_zum_Wiederherstellen_von_Dateien.txt
2016-09-08 17:55 - 2016-09-08 17:56 - 00000000 ____D C:\ProgramData\oronyfoviwyfopyg
2016-09-05 15:41 - 2016-09-05 15:55 - 268578348 _____ C:\Users\aquarana\Downloads\BarnImages_BestOf2015.zip
2016-09-05 15:25 - 2016-09-05 15:25 - 24842690 _____ C:\Users\aquarana\Desktop\manu-bac4.bmp
2016-09-05 11:45 - 2016-09-05 11:46 - 10449551 _____ C:\Users\aquarana\Downloads\6959258-0-TEMPLATE-Sales-Broch.pptx
2016-09-03 09:38 - 2016-09-03 09:38 - 07314020 _____ C:\Users\aquarana\Downloads\CCI_VirtualConferencePlatform_share(1).pdf
2016-09-03 02:48 - 2016-09-03 02:49 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-02 18:54 - 2016-09-02 18:54 - 00000000 ____D C:\Users\Max Muster\AppData\Local\Apple
2016-09-02 15:46 - 2016-09-02 15:46 - 00262144 _____ C:\Windows\Minidump\090216-52400-01.dmp
2016-09-02 11:26 - 2016-09-02 11:27 - 01585797 _____ C:\Users\aquarana\Downloads\Erfolgreiche_Methoden_im_Deutschkurs_fuer_Asylbewerber_und_Fluechtlingskinder_1_2016(1).pdf
2016-09-02 11:26 - 2016-09-02 11:26 - 01585797 _____ C:\Users\aquarana\Downloads\Erfolgreiche_Methoden_im_Deutschkurs_fuer_Asylbewerber_und_Fluechtlingskinder_1_2016.pdf
2016-09-01 13:44 - 2016-09-09 11:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-01 12:13 - 2016-09-01 12:13 - 00025270 _____ C:\Users\aquarana\Downloads\Kontoauszug_easybank_AT831420020010958475_2016_008.pdf
2016-09-01 12:13 - 2016-09-01 12:13 - 00025270 _____ C:\Users\aquarana\Downloads\Kontoauszug_easybank_AT831420020010958475_2016_008 (1).pdf
2016-09-01 12:12 - 2016-09-01 12:13 - 00032033 _____ C:\Users\aquarana\Downloads\Kontoauszug_easybank_AT831420020010958475_2016_007.pdf
2016-08-31 15:10 - 2016-08-31 15:11 - 00000366 _____ C:\Users\aquarana\Downloads\TELEFIT-Show.ics
2016-08-30 07:39 - 2016-09-08 17:59 - 00310056 _____ C:\Users\aquarana\Desktop\Cell-Phone-Rules-for-German-Classes.pdf.enc
2016-08-29 18:38 - 2016-08-29 18:38 - 00047170 _____ C:\Users\aquarana\Downloads\Feedback_Urheberrecht_Gr1.pdf
2016-08-29 11:00 - 2016-08-29 11:00 - 04088471 _____ C:\Users\aquarana\Downloads\gamify_in_3_easy_steps.zip
2016-08-24 17:48 - 2016-09-01 10:39 - 00317360 _____ C:\Users\aquarana\Downloads\DaFWEBKON2015-Programm.pdf
2016-08-21 18:47 - 2016-09-08 18:00 - 00027590 _____ C:\Users\aquarana\Desktop\schreibtisch.jpg.enc
2016-08-17 18:29 - 2016-09-08 17:59 - 02207866 _____ C:\Users\aquarana\Desktop\lernvideo-canvas.pdf.enc
2016-08-17 08:33 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 08:33 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-16 22:09 - 2016-08-16 22:09 - 00000000 ____D C:\Users\aquarana\Documents\IrfanView Sandbox
2016-08-16 14:43 - 2016-09-08 17:59 - 00363192 _____ C:\Users\aquarana\Desktop\HowOERenhanceMOOCs_online.pdf.enc
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-14 13:18 - 2012-04-04 16:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-14 13:12 - 2015-06-22 08:01 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000UA.job
2016-09-14 12:54 - 2015-06-10 10:32 - 00000580 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1676539162-533426384-2096430618-1000.job
2016-09-14 12:53 - 2011-10-05 18:09 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-14 12:50 - 2009-07-14 06:45 - 00031296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-14 12:50 - 2009-07-14 06:45 - 00031296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-14 12:46 - 2014-03-04 23:49 - 00000000 ____D C:\AdwCleaner
2016-09-14 12:46 - 2011-10-21 23:11 - 00000000 ___RD C:\Users\aquarana\Dropbox
2016-09-14 12:45 - 2011-10-05 18:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-14 12:42 - 2011-10-06 03:33 - 00702028 _____ C:\Windows\system32\perfh007.dat
2016-09-14 12:42 - 2011-10-06 03:33 - 00150638 _____ C:\Windows\system32\perfc007.dat
2016-09-14 12:42 - 2009-07-14 07:13 - 01622300 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-14 12:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-14 12:34 - 2015-03-26 08:46 - 00000250 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2016-09-14 12:34 - 2015-02-17 22:32 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-09-14 12:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-14 12:31 - 2011-12-20 11:01 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000Core.job
2016-09-14 12:31 - 2011-10-19 15:38 - 00000000 ____D C:\Users\aquarana
2016-09-14 12:23 - 2016-04-28 10:47 - 00003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E10CBDA6-E219-48FF-BF47-49209F017833}
2016-09-14 12:07 - 2015-06-22 08:05 - 00000676 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1676539162-533426384-2096430618-1000.job
2016-09-14 11:08 - 2014-06-03 08:03 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000UA.job
2016-09-14 08:09 - 2015-03-24 17:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-14 08:08 - 2015-03-24 17:21 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-14 08:08 - 2014-06-03 08:03 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000Core.job
2016-09-14 08:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-09-14 07:55 - 2015-06-22 08:01 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1676539162-533426384-2096430618-1000Core.job
2016-09-14 07:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2016-09-13 22:07 - 2013-10-15 21:32 - 00000000 ____D C:\ProgramData\TEMP
2016-09-13 18:39 - 2011-10-19 15:39 - 00000466 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-09-13 18:38 - 2012-05-09 16:03 - 00000000 ____D C:\Windows\Minidump
2016-09-13 17:50 - 2014-01-09 10:06 - 00000000 ____D C:\Users\aquarana\Documents\Camtasia Studio
2016-09-13 17:50 - 2011-10-19 19:39 - 00000000 ____D C:\Users\aquarana\Documents\iMacros
2016-09-13 17:10 - 2016-06-14 15:31 - 00000000 ____D C:\Users\aquarana\Desktop\DaZ-Onlineseminar
2016-09-13 16:53 - 2011-10-19 15:39 - 00003448 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2016-09-13 16:52 - 2011-10-19 15:39 - 00003506 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2016-09-13 15:18 - 2011-10-21 17:34 - 00000000 ____D C:\Users\aquarana\Documents\aktuelle Projekte
2016-09-13 15:15 - 2016-06-19 22:27 - 00000000 ____D C:\Users\aquarana\Desktop\abschluss
2016-09-13 11:45 - 2013-02-26 15:33 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-13 08:04 - 2013-07-25 16:20 - 00000000 ____D C:\Users\aquarana\AppData\Local\CrashDumps
2016-09-12 21:30 - 2012-10-12 17:45 - 00000000 ___SD C:\Users\aquarana\Documents\Meine Datenquellen
2016-09-12 21:30 - 2011-10-22 12:20 - 00000000 ____D C:\Users\aquarana\Documents\menu
2016-09-12 21:30 - 2011-10-19 21:31 - 00000000 ____D C:\Users\aquarana\Documents\MailStore Home
2016-09-12 19:43 - 2013-04-29 11:42 - 10940928 ___SH C:\Users\aquarana\Desktop\Thumbs.db
2016-09-12 19:42 - 2016-04-29 09:46 - 00000000 ____D C:\Users\aquarana\Desktop\Xing-Profil Optimieren Tipps Fürs Perfekte Portfolio _ Karrierebibel.de-Dateien
2016-09-12 19:42 - 2016-01-04 22:39 - 00000000 ____D C:\Users\aquarana\Desktop\urheberrecht
2016-09-12 19:42 - 2015-08-10 20:04 - 00000000 ____D C:\Users\aquarana\Desktop\wp-lms-crm-plugin-michael
2016-09-12 19:41 - 2014-02-20 10:25 - 00000000 ____D C:\Users\aquarana\Desktop\schummelzettel
2016-09-12 19:40 - 2016-05-28 17:11 - 00000000 ____D C:\Users\aquarana\Desktop\schottland
2016-09-12 19:40 - 2016-01-04 22:11 - 00000000 ____D C:\Users\aquarana\Desktop\rezept
2016-09-12 19:40 - 2015-11-26 14:30 - 00000000 ____D C:\Users\aquarana\Desktop\schaden
2016-09-12 19:40 - 2015-10-26 14:23 - 00000000 ____D C:\Users\aquarana\Desktop\mediatraining
2016-09-12 19:40 - 2013-03-04 22:30 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\vlc
2016-09-12 19:40 - 2013-01-28 10:29 - 00000000 ____D C:\Users\aquarana\Desktop\lesen
2016-09-12 19:40 - 2011-10-19 21:49 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\Windows Live Writer
2016-09-12 19:40 - 2011-10-19 19:54 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\Thunderbird
2016-09-12 19:26 - 2012-12-13 16:51 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\Spotify
2016-09-12 19:26 - 2011-10-24 08:25 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\SoftGrid Client
2016-09-12 19:26 - 2011-10-19 21:33 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\Skype
2016-09-12 19:12 - 2013-06-20 11:31 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\Pamela
2016-09-12 19:12 - 2011-10-19 15:56 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\PwrMgr
2016-09-12 19:10 - 2016-03-16 16:23 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\GoodSync
2016-09-12 19:10 - 2016-01-05 14:24 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\FreeFileSync
2016-09-12 19:10 - 2013-11-22 14:20 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\gnupg
2016-09-12 19:10 - 2013-01-14 08:56 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\Elluminate
2016-09-12 19:10 - 2012-10-12 11:17 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\Media Player Classic
2016-09-12 19:10 - 2011-11-13 10:54 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\L3Talk
2016-09-12 19:10 - 2011-10-19 21:01 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\FileZilla
2016-09-12 18:57 - 2012-01-20 12:58 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\Audacity
2016-09-12 18:57 - 2011-10-19 15:38 - 00000000 ____D C:\Users\aquarana\AppData\LocalLow\VeriSign
2016-09-12 18:51 - 2015-11-14 11:34 - 00000000 ____D C:\Users\aquarana\.oracle_jre_usage
2016-09-12 18:51 - 2014-07-27 15:17 - 00000000 ____D C:\Users\aquarana\.gimp-2.8
2016-09-12 18:51 - 2014-05-07 12:07 - 00000000 ____D C:\Users\aquarana\.android
2016-09-12 18:50 - 2014-07-20 12:40 - 00000000 ____D C:\TEMP
2016-09-12 18:50 - 2011-10-22 16:48 - 00000000 ____D C:\Users\admin\AppData\LocalLow\VeriSign
2016-09-12 18:46 - 2011-10-19 19:26 - 00000000 ____D C:\programme-ag
2016-09-12 18:32 - 2014-10-15 16:40 - 00000000 ____D C:\OfficeApps
2016-09-12 18:32 - 2013-02-18 14:20 - 00000000 ____D C:\HTML Studio
2016-09-12 18:32 - 2012-10-12 11:42 - 00000000 ____D C:\output media
2016-09-12 18:32 - 2011-10-06 03:18 - 00000000 ____D C:\mfg
2016-09-10 14:54 - 2016-04-10 17:18 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-09-09 11:44 - 2016-02-25 19:47 - 00003884 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1425031998
2016-09-09 11:36 - 2012-10-05 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-09 10:42 - 2011-10-21 21:34 - 00000000 ____D C:\Users\aquarana\Documents\webmaster
2016-09-09 10:41 - 2011-10-21 19:16 - 00000000 ____D C:\Users\aquarana\Documents\PRIVAT
2016-09-09 10:34 - 2014-02-06 12:31 - 00000000 ____D C:\Users\aquarana\Documents\neue fonts
2016-09-09 10:33 - 2016-05-17 16:42 - 00018430 _____ C:\Users\aquarana\Documents\jt16-si-bo-v1.doc_0_1.odt.enc
2016-09-09 10:33 - 2016-05-17 16:39 - 00022551 _____ C:\Users\aquarana\Documents\jt16-si-bo-v1.doc_0.odt.enc
2016-09-09 10:32 - 2016-04-26 10:24 - 00000926 _____ C:\Users\aquarana\Documents\ChatLog Ad_hoc_Meeting 2016_04_26 10_24.rtf.enc
2016-09-09 10:32 - 2016-04-11 10:27 - 00002288 _____ C:\Users\aquarana\Documents\ChatLog Ad_hoc_Meeting 2016_04_11 10_27.rtf.enc
2016-09-09 09:51 - 2010-04-01 15:26 - 00000585 _____ C:\Users\aquarana\AppData\Roaming\fullscreen_toolbar.xml.enc
2016-09-09 09:28 - 2005-05-05 01:00 - 00303538 _____ C:\Users\aquarana\AppData\Roaming\Bunch.AFx.enc
2016-09-08 18:32 - 2011-10-22 17:54 - 01929088 ____H C:\Users\admin\AppData\Local\IconCache.db.enc
2016-09-08 18:32 - 2011-10-22 16:49 - 00092365 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT.enc
2016-09-08 18:31 - 2011-02-15 11:42 - 00000000 ____D C:\SWTOOLS
2016-09-08 18:07 - 2016-04-29 09:46 - 00732829 _____ C:\Users\aquarana\Desktop\Xing-Profil Optimieren Tipps Fürs Perfekte Portfolio _ Karrierebibel.de.htm.enc
2016-09-08 18:07 - 2015-11-27 21:58 - 00035118 _____ C:\Users\aquarana\Desktop\ZWISCHENSTAND-upload-dafwebkon.odt.enc
2016-09-08 18:07 - 2015-10-08 16:19 - 00000687 ____H C:\Users\aquarana\Desktop\~$hg-novelle-1-10-15.odt.enc
2016-09-08 18:07 - 2015-07-27 10:08 - 00085841 _____ C:\Users\aquarana\Desktop\––––– - id-firmenkunden-data.pdf.enc
2016-09-08 18:07 - 2015-02-19 19:08 - 00000687 ____H C:\Users\aquarana\Desktop\~$rdedigital-lehrerinnenneu.odt.enc
2016-09-08 18:07 - 2014-09-03 10:14 - 00000687 ____H C:\Users\aquarana\Desktop\~$ee-tanzreisen-choretaki.odt.enc
2016-09-08 18:07 - 2014-09-01 09:56 - 00000687 ____H C:\Users\aquarana\Desktop\~$l-stimmseminar.docx.enc
2016-09-08 18:07 - 2014-09-01 09:55 - 00000687 ____H C:\Users\aquarana\Desktop\~$ogkampagne-neueslernen.doc.enc
2016-09-08 18:07 - 2014-05-07 09:06 - 00000687 ____H C:\Users\aquarana\Desktop\~$tness Gesund bleiben durch Fitness-ergaenzt-salutogenese.odt.enc
2016-09-08 18:07 - 2014-04-08 07:55 - 00000687 ____H C:\Users\aquarana\Desktop\~$edback electures.odt.enc
2016-09-08 18:05 - 2016-01-07 09:25 - 00003326 _____ C:\Users\aquarana\Desktop\verben-dativ-od-akkusativ.pdf.enc
2016-09-08 18:05 - 2015-08-28 15:36 - 04567957 _____ C:\Users\aquarana\Desktop\Whitepaper-20-Helfer-für-perfekte-Bilder-MarketingPow(1).pdf.enc
2016-09-08 18:03 - 2015-09-23 07:45 - 00378708 _____ C:\Users\aquarana\Desktop\tag-der-lehre-st-pölten.pdf.enc
2016-09-08 18:03 - 2015-09-21 08:45 - 04968140 _____ C:\Users\aquarana\Desktop\sprachsensibler-unterricht-sachu-oesz_praxisreihe24_web.pdf.enc
2016-09-08 18:03 - 2015-09-09 11:40 - 05808614 _____ C:\Users\aquarana\Desktop\Tablets-im-Einsatz-Broschuere-2015.pdf.enc
2016-09-08 18:00 - 2016-05-17 10:40 - 00349757 _____ C:\Users\aquarana\Desktop\manuel-unirun16.htm.enc
2016-09-08 18:00 - 2016-04-19 14:27 - 16692176 _____ C:\Users\aquarana\Desktop\manu-bp_so16.zip.enc
2016-09-08 18:00 - 2016-03-16 11:07 - 79742671 _____ C:\Users\aquarana\Desktop\making_handbuch_online_final.pdf.enc
2016-09-08 18:00 - 2015-11-07 18:41 - 00027440 _____ C:\Users\aquarana\Desktop\Mildenberg-DaZ-Broschuere.pdf.enc
2016-09-08 18:00 - 2015-10-26 14:23 - 00237668 _____ C:\Users\aquarana\Desktop\mediatraining-blog-teil1.pdf.enc
2016-09-08 18:00 - 2015-10-23 16:19 - 02808780 _____ C:\Users\aquarana\Desktop\Neu_in_Oesterreich_-_einen_Meldezettel_ausfuellen.pdf.enc
2016-09-08 18:00 - 2015-09-07 09:58 - 00029709 _____ C:\Users\aquarana\Desktop\Partnerkontakte.xls.enc
2016-09-08 18:00 - 2015-09-02 19:39 - 04980750 _____ C:\Users\aquarana\Desktop\OER-AK-Info_Schulbuch_digital_final.pdf.enc
2016-09-08 18:00 - 2015-07-29 14:58 - 00233311 _____ C:\Users\aquarana\Desktop\MOOC Badging and the Learning Arc - oldsmooc.pdf.enc
2016-09-08 18:00 - 2014-06-23 13:46 - 00082926 _____ C:\Users\aquarana\Desktop\Methodischer Input Nick Antonov Photostory - NMS Tagebuch 2009-11-16.pdf.enc
2016-09-08 18:00 - 2014-02-11 09:48 - 00011705 _____ C:\Users\aquarana\Desktop\live-online-Kosten-20140211.xlsx.enc
2016-09-08 17:59 - 2016-06-12 21:38 - 00132759 _____ C:\Users\aquarana\Desktop\barcelona-v2.pdf.enc
2016-09-08 17:59 - 2016-06-12 21:10 - 00092502 _____ C:\Users\aquarana\Desktop\barcelona.pdf.enc
2016-09-08 17:59 - 2016-05-12 08:21 - 00232973 _____ C:\Users\aquarana\Desktop\Lebenslauf.doc.enc
2016-09-08 17:59 - 2016-05-12 08:20 - 00235533 _____ C:\Users\aquarana\Desktop\Lebenslauf_Englisch.doc.enc
2016-09-08 17:59 - 2016-04-15 11:19 - 03632184 _____ C:\Users\aquarana\Desktop\key_moocs_small.pdf.enc
2016-09-08 17:59 - 2016-04-10 10:20 - 00177069 _____ C:\Users\aquarana\Desktop\CYB_cyberbullying_im_internationalen_und_lokalen_kontext_lva_endbericht_ger.pdf.enc
2016-09-08 17:59 - 2016-02-23 21:02 - 02553472 _____ C:\Users\aquarana\Desktop\dafcommunity23216-Interaktive-Whiteboards.pdf.enc
2016-09-08 17:59 - 2015-11-18 14:47 - 00052270 _____ C:\Users\aquarana\Desktop\fernstudium-online-kurse-erfolg-moocs-spocs.pdf.enc
2016-09-08 17:59 - 2015-11-07 18:47 - 00363223 _____ C:\Users\aquarana\Desktop\Instagram-Safety-4x4-Checklist_web.pdf.enc
2016-09-08 17:59 - 2015-10-27 19:44 - 07715200 _____ C:\Users\aquarana\Desktop\camera-multimedia-cc0-pexels-photo-12696.jpeg.enc
2016-09-08 17:59 - 2015-09-28 18:23 - 00238151 _____ C:\Users\aquarana\Desktop\HandoutBestofMobileApps.pdf.enc
2016-09-08 17:59 - 2015-09-28 08:33 - 02753338 _____ C:\Users\aquarana\Desktop\Deutschkurs-Level-3.pdf.enc
2016-09-08 17:59 - 2015-09-28 08:13 - 02079464 _____ C:\Users\aquarana\Desktop\bilderwoerterbuch-arabisch-deutsch.pdf.enc
2016-09-08 17:59 - 2015-09-09 08:28 - 00688266 _____ C:\Users\aquarana\Desktop\gutjahr-hardware-empfehlungen.pdf.enc
2016-09-08 17:59 - 2015-08-30 22:03 - 00032097 _____ C:\Users\aquarana\Desktop\Gratis Online Lernen-v2.odt.enc
2016-09-08 17:59 - 2015-08-28 14:21 - 01530907 _____ C:\Users\aquarana\Desktop\interactive-top5-characters-crc.pdf.enc
2016-09-08 17:59 - 2015-08-24 15:11 - 00094437 _____ C:\Users\aquarana\Desktop\Herzliche Einladung.pdf.enc
2016-09-08 17:59 - 2015-08-17 15:13 - 00024070 _____ C:\Users\aquarana\Desktop\dk-im-park1.docx.enc
2016-09-08 17:59 - 2015-04-11 18:59 - 12560730 _____ C:\Users\aquarana\Desktop\Game-Research-Methods_Lankoski-Bjork-etal-web.pdf.enc
2016-09-08 17:59 - 2015-01-27 09:53 - 00456787 _____ C:\Users\aquarana\Desktop\jelinek.andrea.vortrag_oegsr-21-1-2015.pdf.enc
2016-09-08 17:59 - 2015-01-15 08:22 - 03637356 _____ C:\Users\aquarana\Desktop\L165_Suchen_finden_weitergeben3316953099.pdf.enc
2016-09-08 17:59 - 2011-10-21 19:22 - 00045723 _____ C:\Users\aquarana\Desktop\der schwierige erste Satz.pdf.enc
2016-09-08 17:59 - 2011-10-21 19:22 - 00007997 _____ C:\Users\aquarana\Desktop\der schwierige erste satz_uebung.pdf.enc
2016-09-08 17:59 - 2011-10-21 19:16 - 00086790 _____ C:\Users\aquarana\Desktop\Groß-Kleinschreibung.pdf.enc
2016-09-08 17:59 - 2011-09-03 15:30 - 02537150 _____ C:\Users\aquarana\Desktop\Kadushin-Bearina IUD concept-MR.pdf.enc
2016-09-08 17:59 - 2011-08-27 14:33 - 02410403 _____ C:\Users\aquarana\Desktop\Kadusin-Bearina 5- blue.jpg.enc
2016-09-08 17:58 - 2016-03-28 17:06 - 01828396 _____ C:\Users\aquarana\Desktop\arlberg-2016.JPG.enc
2016-09-08 17:58 - 2015-09-07 08:38 - 03809118 _____ C:\Users\aquarana\Desktop\band10(1).pdf.enc
2016-09-08 17:58 - 2015-08-25 15:03 - 00053355 _____ C:\Users\aquarana\Desktop\azv-entgelte---kommerz-data.pdf.enc
2016-09-08 17:58 - 2015-08-10 10:35 - 00100727 _____ C:\Users\aquarana\Desktop\Badeteich Sonnenuntergang Lotte Elena Angelika.jpg.enc
2016-09-08 17:58 - 2015-07-30 16:17 - 00003182 _____ C:\Users\aquarana\Desktop\Aufnahme in die ÖGSR.eml.enc
2016-09-08 17:55 - 2016-06-30 16:26 - 03825086 _____ C:\Users\aquarana\Desktop\2016-06_Interaktive-E-Books_V20(1).epub.enc
2016-09-08 17:55 - 2016-06-29 20:38 - 00018924 _____ C:\Users\aquarana\Desktop\6857672-Zahlungsanweisung-20160629-203803054 (1).pdf.enc
2016-09-08 17:55 - 2016-06-05 11:30 - 00425320 _____ C:\Users\aquarana\Desktop\5 Zeitmanagement-Tipps von Ivan Blatter(1).pdf.enc
2016-09-08 17:55 - 2016-04-15 11:20 - 00801022 _____ C:\Users\aquarana\Desktop\A3_1skype_for_business.pdf.enc
2016-09-08 17:55 - 2016-01-18 10:51 - 00039269 _____ C:\Users\aquarana\Desktop\50vroni_gernot_lied und spieleübersicht _v1.docx.enc
2016-09-08 17:55 - 2015-11-10 18:07 - 10822566 _____ C:\Users\aquarana\Desktop\20151-adobemarketingsuccessstory-nissan.pdf.enc
2016-09-08 17:55 - 2015-11-10 18:02 - 04913328 _____ C:\Users\aquarana\Desktop\20151-adobemarketingcloud.pdf.enc
2016-09-08 17:55 - 2015-07-25 09:56 - 00390219 _____ C:\Users\aquarana\Desktop\5 Reasons Why Game-Based Learning Should Matter to Organizations.pdf.enc
2016-09-05 16:01 - 2015-05-18 09:56 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-09-05 13:33 - 2011-10-19 15:41 - 00100608 _____ C:\Users\aquarana\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-04 12:27 - 2015-06-22 08:05 - 00003716 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1676539162-533426384-2096430618-1000
2016-09-04 12:27 - 2015-06-10 10:32 - 00003620 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1676539162-533426384-2096430618-1000
2016-09-03 09:26 - 2014-09-25 11:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-03 09:26 - 2011-10-19 21:33 - 00000000 ____D C:\ProgramData\Skype
2016-09-03 02:49 - 2011-10-21 23:10 - 00000000 ____D C:\Users\aquarana\AppData\Roaming\Dropbox
2016-09-02 15:56 - 2016-01-20 16:37 - 00000000 ____D C:\Users\Max Muster\.oracle_jre_usage
2016-09-02 15:52 - 2014-11-05 13:57 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-02 15:50 - 2012-01-08 03:22 - 00100608 _____ C:\Users\Max Muster\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-02 15:49 - 2012-01-08 03:21 - 00000000 ___RD C:\Users\Max Muster\Virtual Machines
2016-08-30 14:01 - 2013-08-09 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-08-24 14:03 - 2016-06-27 09:05 - 00000000 ____D C:\Users\aquarana\Desktop\urlaub
2016-08-21 13:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-08-21 10:21 - 2009-07-14 06:45 - 00396408 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-20 09:55 - 2012-06-22 07:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-08-19 23:56 - 2011-10-05 18:09 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-17 14:06 - 2012-11-03 20:26 - 00372736 ___SH C:\Users\aquarana\Documents\Thumbs.db
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-09-09 08:56 - 2016-09-09 10:28 - 0003791 _____ () C:\Users\aquarana\AppData\Roaming\.html
2016-09-09 08:56 - 2016-09-09 10:28 - 0001248 _____ () C:\Users\aquarana\AppData\Roaming\.txt
2013-12-01 06:30 - 2013-12-01 06:30 - 0000530 _____ () C:\Users\aquarana\AppData\Roaming\ascii.png
2016-09-12 19:40 - 2016-09-12 19:40 - 0303013 _____ () C:\Users\aquarana\AppData\Roaming\Bunch.AFx
2005-05-05 01:00 - 2016-09-09 09:28 - 0303538 _____ () C:\Users\aquarana\AppData\Roaming\Bunch.AFx.enc
2016-09-12 19:40 - 2016-09-12 19:40 - 0000060 _____ () C:\Users\aquarana\AppData\Roaming\fullscreen_toolbar.xml
2010-04-01 15:26 - 2016-09-09 09:51 - 0000585 _____ () C:\Users\aquarana\AppData\Roaming\fullscreen_toolbar.xml.enc
2007-11-23 13:33 - 2007-11-23 13:33 - 0000133 _____ () C:\Users\aquarana\AppData\Roaming\queueview.png
2016-09-09 10:22 - 2016-09-09 10:22 - 0003791 _____ () C:\Users\aquarana\AppData\Roaming\wie_zum_Wiederherstellen_von_Dateien.html
2016-09-09 10:22 - 2016-09-09 10:22 - 0001248 _____ () C:\Users\aquarana\AppData\Roaming\wie_zum_Wiederherstellen_von_Dateien.txt
2015-03-24 13:34 - 2015-03-24 13:34 - 0156065 _____ () C:\Users\aquarana\AppData\Local\ars.cache
2015-03-24 13:35 - 2015-03-24 13:35 - 0393688 _____ () C:\Users\aquarana\AppData\Local\census.cache
2012-03-05 09:34 - 2016-01-04 22:32 - 0018944 _____ () C:\Users\aquarana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-11 18:01 - 2014-03-11 18:01 - 0000275 _____ () C:\Users\aquarana\AppData\Local\HamsterAudioConverterSettings.cfg
2015-03-24 13:04 - 2015-03-24 13:04 - 0000036 _____ () C:\Users\aquarana\AppData\Local\housecall.guid.cache
2015-03-29 15:46 - 2015-03-29 15:46 - 0000337 _____ () C:\Users\aquarana\AppData\Local\Perfmon.PerfmonCfg
2014-08-13 14:46 - 2014-08-13 14:46 - 0041717 _____ () C:\Users\aquarana\AppData\Local\recently-used.xbel
2012-06-16 18:35 - 2013-09-17 09:03 - 0007608 _____ () C:\Users\aquarana\AppData\Local\Resmon.ResmonCfg
2015-03-24 13:21 - 2015-03-24 13:21 - 0000010 _____ () C:\Users\aquarana\AppData\Local\sponge.last.runtime.cache
2015-04-16 19:38 - 2015-04-16 19:38 - 0000000 _____ () C:\Users\aquarana\AppData\Local\{B1735633-A938-49F8-A1A3-491970EB1D23}
2015-04-17 20:43 - 2015-04-17 20:43 - 0000000 _____ () C:\Users\aquarana\AppData\Local\{F83C40AF-A731-4C8A-B349-81568689EED3}
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Program Files (x86)\Common Files\Canon\UPW\2.0.0.0\UPWClean.exe
Einige Dateien in TEMP:
====================
C:\Users\aquarana\AppData\Local\Temp\avgnt.exe
C:\Users\aquarana\AppData\Local\Temp\avguirn_08154579858.exe
C:\Users\aquarana\AppData\Local\Temp\avguirn_08424267807.exe
C:\Users\aquarana\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\aquarana\AppData\Local\Temp\libeay32.dll
C:\Users\aquarana\AppData\Local\Temp\msvcr120.dll
C:\Users\aquarana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\aquarana\AppData\Local\Temp\sqlite3.dll
C:\Users\Max Muster\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-09-01 13:35
==================== Ende von FRST.txt ============================
|
|
14.09.2016, 13:04
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 - Malware - Dateien in .ENC verschluesselt Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.09.2016, 14:09
| #21 |
| | PDFforge - gelöscht Erledigt. Beeindruckend, wie viele Dateien mit so einem Programm einher gehen. Ist mein Computer jetzt "geheilt"? Danke für die Unterstützung! |
|
14.09.2016, 15:01
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 - Malware - Dateien in .ENC verschluesselt FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.09.2016, 16:11
| #23 |
| | Fixlog.txtCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-09-2016
durchgeführt von aquarana (14-09-2016 16:36:59) Run:1
Gestartet von D:\
Geladene Profile: aquarana (Verfügbare Profile: aquarana & admin & Max Muster)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
emptytemp:
*****************
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 150851429 B
Java, Flash, Steam htmlcache => 540 B
Windows/system/drivers => 2503666558 B
Edge => 0 B
Chrome => 353503327 B
Firefox => 219120170 B
Opera => 279103720 B
Temp, IE cache, history, cookies, recent:
Default => 4248 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42354570 B
systemprofile32 => 87626 B
LocalService => 49632 B
NetworkService => 1813238 B
aquarana => 3395492035 B
admin => 787503 B
Max Muster => 7528773 B
RecycleBin => 224345 B
EmptyTemp: => 6.5 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 16:39:22 ====
|
|
14.09.2016, 20:20
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 - Malware - Dateien in .ENC verschluesselt Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.09.2016, 06:11
| #25 |
| | Security-Check-ERgebnisCode:
ATTFilter Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Java 8 Update 91
Java version 32-bit out of Date!
Adobe Flash Player 23.0.0.162
Mozilla Firefox (48.0.2)
Mozilla Thunderbird (45.2.0)
Google Chrome (51.0.2704.103)
Google Chrome (52.0.2743.116)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Internet Manager OnlineUpdate ouc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
ESET sagte 40 mögliche Bedrohungen... Ich werde also die beiden anderen nochmals durchlaufen lassen, das dauert (2+6 Stunden) melde mich mit den Ergebnissen also erst morgen. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 15.09.2016 Suchlaufzeit: 07:47 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.09.15.04 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: aquarana Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 454579 Abgelaufene Zeit: 50 Min., 48 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 PUP.Optional.QuickShare, HKU\S-1-5-21-1676539162-533426384-2096430618-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [e58b017107930b2b2457543e966c7987], PUP.Optional.QuickShare, HKU\S-1-5-21-1676539162-533426384-2096430618-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [e58b017107930b2b2457543e966c7987], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 1 PUP.Optional.HelperBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=9d142baf-1439-4ff6-beaa-d8823d8b4cfd&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=9d142baf-1439-4ff6-beaa-d8823d8b4cfd&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}),Ersetzt,[640c8fe33b5fca6cdcfe7bfcf60eea16] Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.Spigot, C:\Windows\Installer\1ed08a26.msi, In Quarantäne, [f779c6ace6b4a195bd0747e624dd7b85], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 15.09.2016 Suchlaufzeit: 17:32 Protokolldatei: mbam-abend15-9.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.09.15.08 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: aquarana Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 455876 Abgelaufene Zeit: 59 Min., 46 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b4d9a9006d91584389326042ef616299
# end=init
# utc_time=2016-09-15 04:50:28
# local_time=2016-09-15 06:50:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b4d9a9006d91584389326042ef616299
# end=updated
# utc_time=2016-09-15 04:52:42
# local_time=2016-09-15 06:52:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Updated modules version: 30765
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b4d9a9006d91584389326042ef616299
# end=restart
# utc_time=2016-09-16 02:01:13
# local_time=2016-09-16 04:01:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1811 16777214 100 99 46770941 218543451 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 45037 225621123 0 0
# scanned=366671
# found=27
# cleaned=0
# scan_time=32911
sh=F13FED12BD97D2F4F352AB856AF56188F74A3B6F ft=1 fh=451c8cc6668feda5 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Application Updater\ApplicationUpdater.exe.vir"
sh=3A014BB4856D87987BEF0FDBC2C07983F337F728 ft=1 fh=ec54c215beaf7319 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe.vir"
sh=56B3E6858EE89D48914D1BEEB8E762C3117C2DFE ft=1 fh=bb0925726fca96b9 vn="Variante von Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Spigot\Search Settings\wth.dll.vir"
sh=2322F97BAB49362E94E51157A099A4F00062DFB8 ft=1 fh=096ad82feace8a1e vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Freeware.de\Freeware.deToolbarHelper.exe.vir"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Freeware.de\ldrtbFree.dll.vir"
sh=A2D929A9864513C0E8ED84AAD622EF6ADCC9B950 ft=1 fh=22c06217fc444ec5 vn="Win32/Toolbar.Conduit.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Freeware.de\prxtbFree.dll.vir"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Freeware.de\tbFree.dll.vir"
sh=28AA609FEAC1520EEDC7FF84332CD4F4C56585E5 ft=1 fh=409ffdbbb100bddc vn="Variante von Win32/Toolbar.Conduit.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Freeware.de\uninstall.exe.vir"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Winload\ldrtbWinl.dll.vir"
sh=A2D929A9864513C0E8ED84AAD622EF6ADCC9B950 ft=1 fh=22c06217fc444ec5 vn="Win32/Toolbar.Conduit.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Winload\prxtbWinl.dll.vir"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Winload\tbWinl.dll.vir"
sh=28AA609FEAC1520EEDC7FF84332CD4F4C56585E5 ft=1 fh=409ffdbbb100bddc vn="Variante von Win32/Toolbar.Conduit.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Winload\uninstall.exe.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Winload\WinloadToolbarHelper.exe.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aquarana\AppData\Local\Conduit\CT2319825\WinloadAutoUpdateHelper.exe.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aquarana\AppData\Local\Conduit\CT2736476\Freeware.deAutoUpdateHelper.exe.vir"
sh=988E557E6896F2607B38DE46886057F285BF1904 ft=1 fh=3177e4ef6375e796 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aquarana\AppData\Local\Temp\OCS\ocs_v6y.exe.vir"
sh=848C686280EAA04B172FCCFFBD312132A0C46172 ft=1 fh=7764b0effb0b9556 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aquarana\AppData\Local\Temp\OCS\ocs_v7f.exe.vir"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aquarana\AppData\LocalLow\Freeware.de\ldrtbFree.dll.vir"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aquarana\AppData\LocalLow\Freeware.de\tbFree.dll.vir"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aquarana\AppData\LocalLow\Winload\ldrtbWinl.dll.vir"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aquarana\AppData\LocalLow\Winload\tbWinl.dll.vir"
sh=8E5DBF8B21424D87453F1B45E44136704F8A61E5 ft=1 fh=36a8d98405898cf9 vn="Win32/Toolbar.Widgi.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Common Files\PDFCreator\Toolbar\pdfforge Toolbar-4_1_0_setup.exe"
sh=FC2E6B6F213C478CACC6E68EF86C5241B6AC0526 ft=1 fh=bed351e5e7d04ae2 vn="Variante von Win32/SpeedingUpMyPC.F Anwendung" ac=I fn="C:\Program Files (x86)\PC Manager Pro\PCManagerPro.exe"
sh=40620EF93F048B89F4A3CBBFB4641E449371B021 ft=1 fh=6345bc227f974c8b vn="Variante von Win32/Adware.SpeedingUpMyPC.AL Anwendung" ac=I fn="C:\Program Files (x86)\PC Manager Pro\PCManSmartScan.exe"
sh=5EB0425E9EC8C3DC356F8BF74B03296D7FA63112 ft=1 fh=732a9b357c220b8a vn="Win32/Toolbar.Widgi.Y evtl. unerwünschte Anwendung" ac=I fn="C:\programme-ag\Resources\VpPrinterSetup.exe"
|
|
16.09.2016, 08:43
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 - Malware - Dateien in .ENC verschluesselt Da muss noch einiges runter. Und du musst mal die Programme selber durchgehen und einiges an Müll entrümpeln; das was du behalten willst du regelmäßig updaten, zB LibreOffice liegt bei dir in einer alten 4.x Version vor! Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.09.2016, 17:13
| #27 |
| | Danke Ja, das hatte ich ohnehin vor. Es gibt keine Nachteile ohne Vorteile, gute Gelegenheit um auszumisten.  Danke für die Tipps, was ich löschen sollte: Kurze Rückmeldung den Antivirus-Launcher kann ich nicht löschen, wenn ich Antivirus Pro behalten will und den Spybot... behalte ich, der zeigt mir (allerdings nicht immer ;-) an, wenn sich was automatisch in die Registry schreiben will. Außer es gibt was Besseres? Hast du /Sie noch eine Empfehlung für Viren bzw. Malware-Sicherheits-SW? Und wie zeigt man sich bei euch erkenntlich außer durch ein ehrliches DANKE!!!!?  |
|
16.09.2016, 19:52
| #28 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 - Malware - Dateien in .ENC verschluesselt Spybot ist totaler Quatsch, absolut irrelevant/unnötig um sein System routinemäßigen Checks zu unterziehen und v.a. um ihn auch dauerhaft zu schützen. Dazu später mehr. Avira hat sein Image komplett verspielt mit der bräsigen Entscheidung, mit irgendwelchen dubiosen Firmen zusammenzuarbeiten. Hättest du ein normales Avira hätte ich dir normalerweise das hier gezeigt: Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.09.2016, 09:45
| #29 |
| | Ok-erledigt. Nun also auch Avira und Spybot deinstalliert. Wie jetzt schützen? Danke, |
|
17.09.2016, 17:52
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 - Malware - Dateien in .ENC verschluesselt FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Program Files (x86)\Common Files\PDFCreator\Toolbar
C:\Program Files (x86)\PC Manager Pro
C:\programme-ag\Resources\VpPrinterSetup.exe
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Win 7 - Malware - Dateien in .ENC verschluesselt |
| anbei, arten, dateien, geklickt, heute, hochstarten, malware, meinem, rechner, schäden, spammail, tagen, vermeide, vermutlich, win, win 7 |
dann auf 
und dann auf 
. 
Linear-Darstellung
