Windows 10 geht sporadisch ins Internet - Prgramme sind manchmal sehr langsam oder starten nicht

libaki · 05.02.2019, 20:24

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 4.02.2019
durchgeführt von ki (Administrator) auf KI-PCMEDION2012 (05-02-2019 11:26:37)
Gestartet von C:\Users\ki\Desktop
Geladene Profile: ki (Verfügbare Profile: ki & admin2 & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Genie9) C:\Program Files\Genie9\Zoolz2\ZoolzService.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\FABS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.19011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.10601.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avanquest Software) C:\Program Files\eXpert PDF 10\creator-ws.exe
(LULU SOFTWARE LIMITED) C:\Program Files\Soda PDF 8\creator-ws.exe
(LULU Software) C:\Program Files\Soda PDF Desktop\creator-ws.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\ki\Desktop\FRST64(1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [177928 2018-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754416 2018-11-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4785640 2018-11-23] (Acronis International GmbH -> )
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKKid\AVKCKS.exe,
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-03-18] (Apple Inc. -> Apple Inc.)
HKLM\...\Drivers32: [vidc.ffds] => C:\WINDOWS\system32\ff_vfw.dll [127488 2013-03-13] ()
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [243746 2011-06-24] ()
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw64.dll [4035584 2012-07-01] (x264vfw project)
HKLM\...\Drivers32: [vidc.lags] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( )
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\...\Drivers32-x32: [vidc.ffds] => C:\WINDOWS\SysWOW64\ff_vfw.dll [112640 2013-03-13] ()
HKLM\...\Drivers32-x32: [vidc.xvid] => C:\WINDOWS\SysWOW64\xvidvfw.dll [242259 2011-06-24] ()
HKLM\...\Drivers32-x32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [4102656 2012-07-01] (x264vfw project)
HKLM\...\Drivers32-x32: [vidc.lags] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-11] (Google Inc -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2018-03-04]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{58f6ba5b-0000-0000-0000-500600000000}\bootwiz\asrm.bin

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{22e60306-d594-4276-8a62-50849289112a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b3c6bdab-6d75-49d3-871d-38b982e51877}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b3c6bdab-6d75-49d3-871d-38b982e51877}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: CHIP Best Deal BHO -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> C:\Program Files (x86)\chip\Internet Explorer\chip64.dll [2014-11-18] (Ciuvo GmbH -> )
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-18] (Google Inc -> Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Soda PDF 8 Helper -> {33779F20-17D7-4CC6-8248-78A4A78CEBFC} -> C:\Program Files (x86)\Soda PDF 8\creator-ie-helper.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Soda PDF Desktop Helper -> {A2792EEC-6618-4C4C-8ECF-B51ECB5DC2A1} -> C:\Program Files (x86)\Soda PDF Desktop\creator-ie-helper.dll [2017-03-23] (LULU Software -> LULU Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-18] (Google Inc -> Google Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: eXpert PDF 10 Helper -> {D9B7E477-2C0F-4BCA-B63F-9AF4E03D05E1} -> C:\Program Files (x86)\eXpert PDF 10\creator-ie-helper.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-04] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 15\SPMIEToolbar64.dll [2015-05-21] (Steganos Software GmbH -> Steganos Software GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-18] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Soda PDF 8 Toolbar - {A2689669-AD38-4AFD-B370-23E97E2B9D18} - C:\Program Files (x86)\Soda PDF 8\creator-ie-plugin.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 15\SPMIEToolbar.dll [2015-05-21] (Steganos Software GmbH -> Steganos Software GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-18] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Soda PDF Desktop Toolbar - {D53D09FE-B1AC-4EE8-AE26-FD43D8B4B62F} - C:\Program Files (x86)\Soda PDF Desktop\creator-ie-plugin.dll [2017-03-23] (LULU Software -> LULU Software)
Toolbar: HKLM-x32 - eXpert PDF 10 Toolbar - {570F0ABC-DF49-4A09-8687-79F921605B7A} - C:\Program Files (x86)\eXpert PDF 10\creator-ie-plugin.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-06-01] (Skype Software Sarl -> Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515 [2019-02-05]
FF Homepage: Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515 -> hxxps://www.google.de/
FF Extension: (OkayFreedom) - C:\Users\ki\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2018-12-17]
FF Extension: (WEB.DE MailCheck) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\browser-mailcheck@web.de.xpi [2018-12-31]
FF Extension: (Cliqz) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\cliqz@cliqz.com.xpi [2019-01-30]
FF Extension: (iCloud-Lesezeichen) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\firefoxdav@icloud.com.xpi [2018-08-01]
FF Extension: (Xmarks Bookmark Sync) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\foxmarks@kei.com.xpi [2017-12-05]
FF Extension: (Trusted Shops-Erweiterung) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\jid1-PBNne26X1Kn6hQ@jetpack.xpi [2018-10-12]
FF Extension: (Web of Trust) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2018-06-27]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
FF Extension: (OkayFreedom) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2017-04-11]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [Legacy]
FF Extension: (WEB.DE MailCheck) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\browser-mailcheck@web.de.xpi [2019-01-24]
FF HKLM\...\Firefox\Extensions: [soda_pdf_8_conv@sodapdf.com] - C:\Program Files\Soda PDF 8\resources\sodapdf8firefoxextension
FF Extension: (Soda PDF 8 Creator) - C:\Program Files\Soda PDF 8\resources\sodapdf8firefoxextension [2016-01-20] [Legacy] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [expert_pdf_10_conv@expert-pdf.com] - C:\Program Files\eXpert PDF 10\resources\expertpdf10firefoxextension
FF Extension: (eXpert PDF 10 Creator) - C:\Program Files\eXpert PDF 10\resources\expertpdf10firefoxextension [2017-07-20] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-10] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 15\spmplugin3
FF Extension: (Steganos Password Manager) - C:\Program Files (x86)\Steganos Password Manager 15\spmplugin3 [2016-03-08] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-07-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-07-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: eXpert PDF 10 -> C:\Program Files (x86)\eXpert PDF 10\np-previewer.dll [2016-12-02] (Avanquest Software)
FF Plugin-x32: Soda PDF 8 -> C:\Program Files (x86)\Soda PDF 8\np-previewer.dll [2016-01-11] (LULU SOFTWARE LIMITED)
FF Plugin-x32: Soda PDF Desktop -> C:\Program Files (x86)\Soda PDF Desktop\np-previewer.dll [2017-03-23] (LULU Software)
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: @soe.sony.com/installer,version=1.0.3 -> C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\s3j4fal3.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: SkypePlugin -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi.dll [2015-09-14] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: SkypePlugin64 -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi-x64.dll [2015-09-14] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: TorchVLC -> C:\Users\ki\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll [2015-03-18] (VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default [2019-02-03]
CHR Extension: (Bing) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-05-02]
CHR Extension: (Avira Browserschutz) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-01-10]
CHR Extension: (Skype) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jhpokclhnekmjlhknfihmghoblfgfeog] - C:\Program Files (x86)\chip\Chrome\chip-1.4.21.crx [2014-11-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [9532288 2019-01-04] (Emsisoft Ltd -> Emsisoft Ltd)
S3 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] (Wolters Kluwer Deutschland GmbH -> )
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [4380176 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-14] (Apple Inc. -> Apple Inc.)
S3 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
S3 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99200 2015-08-10] (Alcohol Soft -> Alcohol Soft Development Team)
S3 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-25] (Digital Wave Ltd -> Digital Wave Ltd.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302160 2018-12-13] (ESET, spol. s r.o. -> ESET)
R2 ExeLock; C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE [469352 2015-10-15] (abylonsoft_CodeSign -> )
S3 eXpert PDF 10; C:\Program Files\eXpert PDF 10\ws.exe [2321608 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
S3 eXpert PDF 10 CrashHandler; C:\Program Files\eXpert PDF 10\crash-handler-ws.exe [921288 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
R3 eXpert PDF 10 Creator; C:\Program Files\eXpert PDF 10\creator-ws.exe [733384 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
S3 eXpert PDF 10 Manager; C:\ProgramData\Avanquest Software\eXpert PDF 10 Manager\eXpert PDF 10\eXpert PDF 10 Manager.exe [963832 2016-02-10] (Avanquest UK Ltd -> Avanquest Software)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
S4 GSService; C:\Windows\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
S4 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2012-09-14] () [Datei ist nicht signiert]
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2018-06-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1765160 2018-11-23] (Acronis International GmbH -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [359944 2019-01-11] (Steganos Software GmbH -> Steganos Software GmbH)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2162064 2017-05-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3136920 2017-05-19] (Electronic Arts, Inc. -> Electronic Arts)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
S4 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-06-20] (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTMa\RpcAgentSrv.exe [76784 2015-12-20] (SiSoftware SPC -> SiSoftware)
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Flexera Software LLC -> Secunia)
S3 SODA Manager; C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe [873272 2015-08-11] (LULU SOFTWARE LIMITED -> LULU Software Limited)
S3 Soda PDF 8; C:\Program Files\Soda PDF 8\ws.exe [2263840 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
S3 Soda PDF 8 CrashHandler; C:\Program Files\Soda PDF 8\crash-handler-ws.exe [920352 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
R3 Soda PDF 8 Creator; C:\Program Files\Soda PDF 8\creator-ws.exe [733472 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
S3 Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2702184 2017-03-23] (LULU Software -> LULU Software)
R3 Soda PDF Desktop Creator; C:\Program Files\Soda PDF Desktop\creator-ws.exe [755048 2017-03-23] (LULU Software -> LULU Software)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] (Microsoft Windows -> )
S2 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-11-25] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
S2 StarMoney 11 Deluxe OnlineUpdate; C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\StarMoneyOnlineUpdate.exe [750568 2018-12-03] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 11 OnlineUpdate; C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe [750568 2018-12-03] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
S4 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [19456 2013-03-06] (Clarus, Inc.) [Datei ist nicht signiert]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH)
R3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [6926040 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo for iOS\DriverInstall.exe [103576 2015-11-04] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare)
R2 Zoolz 2 Service; C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [477000 2018-12-16] (Genie9 LTD -> Genie9)
S3 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> )
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> )
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-29] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-10-29] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2014-01-02] (iolo technologies, LLC -> EldoS Corporation)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-29] (ESET, spol. s r.o. -> ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R1 epp; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp.sys [168032 2019-01-07] (Emsisoft Ltd -> Emsisoft Ltd)
R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37064 2018-04-06] (Emsisoft Ltd -> Emsisoft Ltd)
R1 eppwfp; C:\Program Files (x86)\Emsisoft Anti-Malware\eppwfp.sys [131952 2019-01-02] (Emsisoft Ltd -> Emsisoft Ltd)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [667144 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 FSProFilter2; C:\WINDOWS\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (Alfa System Programming -> FSPro Labs)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-12-01] (Martin Malik - REALiX -> REALiX(tm))
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2013-02-25] (北京铠信神州科技有限责任公司 -> )
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] (Clarus, Inc. -> )
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] (Clarus, Inc. -> )
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoi.inf_amd64_3235b21d5787151d\nvlddmkm.sys [17544792 2018-12-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2019-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia -> Secunia)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-09-30] (iolo technologies, LLC -> EldoS Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1122200 2019-01-20] (Realtek Semiconductor Corp. -> Realtek )
R3 RTL8192su; C:\WINDOWS\System32\drivers\RTL8192su.sys [687616 2018-04-12] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2018-12-01] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R1 SLEE_19_DRIVER; C:\Windows\Sleen1964.sys [117848 2014-10-24] (Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus) -> Softwareentwicklung Remus - ArchiCrypt - )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-10-22] (Synaptics Incorporated -> Synaptics Incorporated)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [162360 2016-12-12] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [885880 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [173536 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2013-12-12] (Paragon Software GmbH -> )
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2013-12-12] (Paragon Software GmbH -> )
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2013-12-12] (Paragon Software GmbH -> )
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

Error(1) reading file: "C:\Users\ki\Downloads\Erinnerung - Schriftliche Bestätigung Umbaumaßnahme "
2019-02-05 11:26 - 2019-02-05 11:28 - 000038635 _____ C:\Users\ki\Desktop\FRST.txt
2019-02-05 11:26 - 2019-02-05 11:26 - 000000000 ____D C:\FRST
2019-02-05 11:25 - 2019-02-05 11:25 - 002433024 _____ (Farbar) C:\Users\ki\Downloads\FRST64(1).exe
2019-02-05 11:25 - 2019-02-05 11:25 - 002433024 _____ (Farbar) C:\Users\ki\Desktop\FRST64(1).exe
2019-02-05 10:55 - 2019-02-05 10:55 - 000380544 _____ C:\Users\ki\Downloads\2_1_Massage_und_Gleitgel_Aloe_Vera_300_ml_306207DR.pdf
2019-02-05 10:54 - 2019-02-05 10:54 - 000469643 _____ C:\Users\ki\Downloads\Soft_Touch_Vibrator_mit_gebogener_Spitze_12_5_cm_008896TO.pdf
2019-02-05 10:53 - 2019-02-05 10:53 - 000470912 _____ C:\Users\ki\Downloads\Vibrationsring_inklusive_Batterien_005666TO.pdf
2019-02-04 13:06 - 2019-02-04 13:06 - 000061450 _____ C:\Users\ki\Downloads\Berlin-Fahrt(1).pdf
2019-02-04 13:03 - 2019-02-04 13:03 - 000140167 _____ C:\Users\ki\Downloads\2019-KW06_Probenplan_korrigiert.pdf
2019-02-03 18:02 - 2019-02-03 18:02 - 000000000 ___HD C:\WINDOWS\AxInstSV
2019-02-02 23:12 - 2019-02-02 23:12 - 000000000 ____D C:\cobirescue
2019-02-02 19:59 - 2019-01-08 22:06 - 009189024 _____ C:\notfall.lnx
2019-02-02 19:59 - 2017-12-11 14:15 - 000000828 _____ C:\menu.lst
2019-02-02 19:59 - 2011-10-17 07:38 - 000217769 _____ C:\grldr
2019-02-02 19:59 - 2011-10-17 07:38 - 000009216 _____ C:\grldr.mbr
2019-02-02 19:50 - 2019-02-03 17:33 - 000000000 ____D C:\Program Files (x86)\RescueLoader
2019-02-01 21:15 - 2019-02-01 21:15 - 000140162 _____ C:\Users\ki\Downloads\2019-KW06_Probenplan.pdf
2019-02-01 10:36 - 2019-02-01 10:36 - 001296877 _____ C:\Users\ki\Downloads\week-2019-05.pdf
2019-02-01 10:36 - 2019-02-01 10:36 - 001296877 _____ C:\Users\ki\Downloads\week-2019-05(1).pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000356541 _____ C:\Users\ki\Downloads\elternbrief februar 2019.pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000082979 _____ C:\Users\ki\Downloads\Schulkalender-2019-2020-querformat.pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000010787 _____ C:\Users\ki\Downloads\Ferienplan_2019-2020.pdf
2019-01-31 18:13 - 2019-01-31 18:13 - 000000000 ____D C:\ProgramData\StarFinanz
2019-01-30 23:23 - 2019-01-30 23:23 - 000000000 ____D C:\ProgramData\Mozilla
2019-01-29 21:02 - 2019-01-29 21:02 - 000667144 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector(354).sys
2019-01-29 21:02 - 2019-01-29 10:45 - 000667144 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector.sys
2019-01-29 12:41 - 2019-02-03 16:40 - 000000000 ____D C:\Users\ki\Documents\wsusoffline115-1
2019-01-29 12:06 - 2019-01-29 12:06 - 005155328 _____ C:\Users\ki\Downloads\windowsdefender1593dt.msi
2019-01-29 10:46 - 2019-01-29 10:46 - 003947888 _____ (Acronis) C:\WINDOWS\system32\auto_reactivate.exe
2019-01-29 10:18 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-25 17:52 - 2019-01-25 17:52 - 000225631 _____ C:\Users\ki\Downloads\Jahresplan2019-01_25_Domspatzen_Chöre.pdf
2019-01-25 17:51 - 2019-01-25 17:51 - 000142431 _____ C:\Users\ki\Downloads\2019-KW05_Probenplan.pdf
2019-01-25 13:12 - 2019-01-25 13:12 - 000002918 _____ C:\Users\ki\Downloads\transcript(1).txt
2019-01-25 12:57 - 2019-01-25 12:57 - 000000803 _____ C:\Users\ki\Downloads\transcript.txt
2019-01-25 09:29 - 2019-01-25 09:29 - 010245888 _____ (Acronis) C:\Users\ki\Downloads\AcronisBackup_12.5_web.exe
2019-01-25 09:12 - 2019-01-25 09:12 - 006322446 _____ C:\Users\ki\Downloads\Handbuch PC.pdf
2019-01-23 11:24 - 2019-01-23 11:24 - 000040214 _____ C:\Users\ki\Downloads\Erstinformation(1).pdf
2019-01-23 10:05 - 2019-01-23 10:05 - 000185089 _____ C:\Users\ki\Downloads\Abfuhrkalender_2019.pdf
2019-01-22 21:47 - 2019-01-22 21:47 - 000240290 _____ C:\Users\ki\Downloads\m4_01_familie_lustig.docx(2).pdf
2019-01-22 11:44 - 2019-01-22 11:44 - 000000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2019-01-22 11:43 - 2019-01-29 10:44 - 000243472 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\volume_tracker.sys
2019-01-22 11:43 - 2019-01-29 10:44 - 000001278 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2019-01-22 11:43 - 2019-01-22 11:43 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2416.sys
2019-01-22 11:43 - 2019-01-22 11:43 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2310.sys
2019-01-21 13:10 - 2019-01-21 13:10 - 001011355 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_e07a6baa9f52ad1b6963a254442483dc58bd2a77.pdf
2019-01-21 13:10 - 2019-01-21 13:10 - 001011262 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_ec8e07990905a7dd7e1afca71d5dad88d05e4810.pdf
2019-01-21 13:09 - 2019-01-21 13:09 - 001011273 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_18d258071d847432af70aa72224b6cfaaf3bfcf1.pdf
2019-01-21 13:08 - 2019-01-21 13:08 - 001011335 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_02603c2f33748c27dfd5db1112274d0dda0ec8ee.pdf
2019-01-21 12:50 - 2019-01-21 12:50 - 000088603 _____ C:\Users\ki\Downloads\AKD-73659465278.pdf
2019-01-21 12:47 - 2019-01-21 12:52 - 574094312 _____ C:\Users\ki\Downloads\AcronisTrueImage2018.exe
2019-01-21 12:34 - 2019-01-21 12:34 - 000088620 _____ C:\Users\ki\Downloads\AKD-73651673788.pdf
2019-01-19 09:11 - 2019-01-19 09:11 - 000186896 _____ C:\Users\ki\Downloads\2019-KW04_Probenplan.pdf
2019-01-19 09:09 - 2019-01-19 09:09 - 000621253 _____ C:\Users\ki\Downloads\Dispo2019-01_07_Eltern.pdf
2019-01-18 09:39 - 2019-01-18 09:39 - 000071091 _____ C:\Users\ki\Downloads\RG150508157000.pdf
2019-01-17 20:38 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-17 20:38 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-17 20:38 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-17 20:38 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-17 20:37 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-17 20:37 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-17 20:37 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-17 20:37 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-17 20:37 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-17 20:37 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-17 20:37 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-17 20:37 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-17 20:37 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-17 20:37 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-17 20:37 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-17 20:37 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-17 20:37 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-17 20:37 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase(405).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 001363536 ____N (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes(582).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-17 20:37 - 2019-01-01 08:13 - 000436024 ____N (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0(486).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-17 20:37 - 2019-01-01 08:12 - 002765344 ____N (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil(470).dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6(489).dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-17 20:37 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-17 20:37 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-17 20:37 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-17 20:37 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-17 20:37 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-17 20:37 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-17 20:37 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-17 20:37 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-17 20:37 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001549824 ____N (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv(480).dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000662528 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov(585).dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-17 20:37 - 2019-01-01 07:43 - 001805312 ____N (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-17 20:37 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon(545).dll
2019-01-17 20:37 - 2019-01-01 07:42 - 004939776 ____N (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet(576).dll
2019-01-17 20:37 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 001159680 ____N (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss(514).dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000899072 ____N (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos(472).dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase(593).dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil(602).dll
2019-01-17 20:37 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-17 20:37 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-17 20:37 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-17 20:37 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 004514816 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet(630).dll
2019-01-17 20:37 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-17 20:37 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-17 20:37 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-17 20:37 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-01-17 20:37 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-17 20:37 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-17 20:37 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-17 20:37 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-17 20:37 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-01-17 20:37 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-17 20:37 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-01-17 20:37 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-17 20:37 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-17 20:37 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-01-17 20:37 - 2018-12-14 07:54 - 006032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-01-17 20:37 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1(411).dll
2019-01-17 20:37 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-01-17 20:37 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-17 20:37 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-01-17 20:37 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-17 20:37 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-17 10:08 - 2019-01-17 10:08 - 000061450 _____ C:\Users\ki\Downloads\Berlin-Fahrt.pdf
2019-01-16 21:59 - 2019-01-16 21:59 - 000175691 _____ C:\Users\ki\Downloads\Tickets_946202.pdf
2019-01-16 21:57 - 2019-01-16 21:57 - 000175687 _____ C:\Users\ki\Downloads\attachment(2)
2019-01-16 11:45 - 2019-01-16 11:45 - 000046551 _____ C:\Users\ki\Downloads\InsuranceCertificate(1).pdf
2019-01-16 11:44 - 2019-01-16 11:44 - 000070434 _____ C:\Users\ki\Downloads\G6KHNL(1).pdf
2019-01-15 16:59 - 2019-01-15 16:59 - 000193894 _____ C:\Users\ki\Downloads\merkhilfe_fuer_das_fach_mathematik_standard(3).pdf
2019-01-15 16:59 - 2019-01-15 16:59 - 000193894 _____ C:\Users\ki\Downloads\merkhilfe_fuer_das_fach_mathematik_standard(2).pdf
2019-01-15 00:09 - 2019-01-15 00:09 - 000114408 _____ C:\Users\ki\Downloads\WhatsApp Image 2019-01-14 at 21.09.59.jpeg
2019-01-14 12:40 - 2019-01-14 12:40 - 000001146 _____ C:\Users\Public\Desktop\OkayFreedom.lnk
2019-01-12 18:48 - 2019-01-17 10:48 - 000000000 ____D C:\Users\ki\Documents\BelegManager-Daten
2019-01-12 16:39 - 2019-01-12 16:39 - 000010495 _____ C:\Users\ki\Downloads\19elsdi1_elster_12.01.2019_16.36.pfx
2019-01-12 10:37 - 2019-01-12 10:37 - 000000000 ____D C:\Users\ki\AppData\Local\Phoenix360
2019-01-11 21:38 - 2019-01-11 21:38 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-01-11 21:38 - 2019-01-11 21:38 - 000002298 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2019-01-11 12:03 - 2019-01-11 12:03 - 000284090 _____ C:\Users\ki\Downloads\2017-05-24-einkommensteuerrechtliche-behandlung-von-vorsorgeaufwendungen_.pdf
2019-01-11 12:03 - 2019-01-11 12:03 - 000284090 _____ C:\Users\ki\Downloads\2017-05-24-einkommensteuerrechtliche-behandlung-von-vorsorgeaufwendungen_(1).pdf
2019-01-08 11:41 - 2019-01-08 11:41 - 000070434 _____ C:\Users\ki\Downloads\G6KHNL.pdf
2019-01-08 11:41 - 2019-01-08 11:41 - 000046551 _____ C:\Users\ki\Downloads\InsuranceCertificate.pdf
2019-01-08 11:08 - 2019-01-08 11:08 - 000191744 _____ C:\Users\ki\Downloads\WhatsApp Image 2018-11-24 at 12.34.28.jpeg
2019-01-08 10:02 - 2019-01-08 10:02 - 000166893 _____ C:\Users\ki\Downloads\FLIX-Buchung-1014888474(1).pdf

==================== Ein Monat (geänderte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-02-05 11:21 - 2012-07-29 18:31 - 000000000 ____D C:\daten
2019-02-05 11:17 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-05 11:14 - 2016-11-18 06:21 - 000000000 ____D C:\Users\ki\AppData\LocalLow\Mozilla
2019-02-05 11:10 - 2017-01-03 21:27 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-05 11:10 - 2017-01-03 21:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-05 11:09 - 2016-12-16 10:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-05 10:31 - 2018-05-02 06:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-04 16:37 - 2017-03-29 12:22 - 000000000 ____D C:\Program Files (x86)\StarMoney 11
2019-02-03 19:25 - 2017-11-04 18:26 - 000000000 ____D C:\Program Files (x86)\StarMoney 11 Deluxe
2019-02-03 18:11 - 2018-05-01 22:00 - 000000000 ____D C:\WINDOWS\system32\msmq
2019-02-03 18:03 - 2018-05-02 06:53 - 000000000 ____D C:\Users\ki
2019-02-03 17:52 - 2018-05-02 06:53 - 000000000 ____D C:\Users\DefaultAppPool
2019-02-03 17:52 - 2018-05-02 06:53 - 000000000 ____D C:\Users\admin2
2019-02-03 17:52 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-03 17:48 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\te-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\or-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\km-KH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\is-IS
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\id-ID
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\setup
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-02-03 17:48 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\be-BY
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\as-IN
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\IdentityCRL
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-02-03 17:39 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-02-03 17:39 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\servicing
2019-02-03 17:37 - 2018-06-13 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EverDoc
2019-02-03 17:37 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-03 17:37 - 2018-03-06 21:06 - 000000000 ____D C:\Users\ki\AppData\Local\ConnectedDevicesPlatform
2019-02-03 17:37 - 2017-03-02 13:40 - 000000000 ____D C:\Users\ki\AppData\Local\Nero_AG
2019-02-03 17:37 - 2017-03-01 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecom
2019-02-03 17:37 - 2016-11-16 19:51 - 000000000 ____D C:\Program Files\Soda PDF Desktop
2019-02-03 17:37 - 2015-11-13 11:31 - 000000000 ____D C:\Users\ki\Downloads\Soda PDF 8 Files
2019-02-03 17:37 - 2015-11-13 11:22 - 000000000 ____D C:\Users\ki\Documents\Soda PDF 8 Files
2019-02-03 17:37 - 2015-05-09 11:35 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-02-03 17:37 - 2015-04-06 21:14 - 000000000 ____D C:\Users\ki\AppData\Local\Torch
2019-02-03 17:37 - 2014-08-07 18:11 - 000000000 ____D C:\Users\ki\Downloads\_abelsoft
2019-02-03 17:37 - 2014-08-07 16:36 - 000000000 ____D C:\Users\ki\AppData\Local\Abelssoft
2019-02-03 17:37 - 2014-03-01 11:12 - 000000000 ____D C:\Users\ki\AppData\LocalLow\IObit
2019-02-03 17:37 - 2014-03-01 11:12 - 000000000 ____D C:\ProgramData\ProductData
2019-02-03 17:37 - 2013-03-13 07:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-02-03 17:37 - 2013-03-13 07:31 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-02-03 17:36 - 2018-04-08 22:31 - 000000000 ____D C:\Program Files\iTunes
2019-02-03 17:36 - 2017-05-10 19:44 - 000000000 ____D C:\Program Files (x86)\Yawcam
2019-02-03 17:36 - 2015-03-01 22:57 - 000000000 ____D C:\Program Files (x86)\WinHTTrack
2019-02-03 17:35 - 2015-11-29 11:37 - 000000000 ____D C:\Program Files (x86)\StarMoney 10
2019-02-03 17:35 - 2013-03-13 07:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-02-03 17:34 - 2018-12-20 10:27 - 000000000 ____D C:\Program Files (x86)\AntiRansomware
2019-02-03 17:34 - 2018-06-13 21:46 - 000000000 ____D C:\PrinterPlusPlus
2019-02-03 17:34 - 2017-05-06 21:14 - 000000000 ____D C:\Program Files (x86)\ The Secret Legacy DE
2019-02-03 17:34 - 2017-04-15 14:36 - 000000000 ____D C:\Program Files (x86)\Everdoc
2019-02-03 17:34 - 2016-12-08 00:14 - 000000000 ____D C:\Program Files (x86)\Abelssoft Undeleter
2019-02-03 17:34 - 2016-08-06 19:42 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0
2019-02-03 17:34 - 2015-12-31 11:31 - 000000000 ____D C:\Program Files (x86)\Anki-Latein
2019-02-03 17:34 - 2015-06-21 11:12 - 000000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2019-02-03 17:34 - 2011-07-18 21:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-03 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-02-03 17:00 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-03 16:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\registration
2019-02-03 16:40 - 2014-12-05 09:12 - 000000000 ____D C:\Users\ki\AppData\Roaming\Steganos
2019-02-03 16:35 - 2012-08-12 12:57 - 000000000 __RHD C:\MSOCache
2019-02-02 19:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-02 13:53 - 2018-05-03 11:31 - 000000000 ____D C:\Users\ki\AppData\Local\D3DSCache
2019-01-31 21:01 - 2018-11-27 16:45 - 000000000 ____D C:\Program Files\rempl
2019-01-31 10:04 - 2013-08-04 19:55 - 000000000 ____D C:\Users\ki\AppData\Local\ElevatedDiagnostics
2019-01-29 21:01 - 2016-07-29 11:36 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file(358).sys
2019-01-29 21:01 - 2015-11-26 11:36 - 000173536 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter(357).sys
2019-01-29 10:46 - 2016-01-11 21:51 - 000290520 _____ (Acronis International GmbH) C:\WINDOWS\system32\snapapiar64.dll
2019-01-29 10:46 - 2016-01-11 21:51 - 000000000 _RSHD C:\bootwiz
2019-01-29 10:45 - 2015-11-26 11:17 - 000390592 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2019-01-29 10:45 - 2015-11-26 11:10 - 000000000 ____D C:\ProgramData\Acronis
2019-01-29 10:44 - 2016-07-29 11:36 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2019-01-29 10:44 - 2016-07-29 11:36 - 000001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2019-01-29 10:44 - 2015-11-26 11:36 - 000374264 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2019-01-29 10:44 - 2015-11-26 11:36 - 000173536 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2019-01-29 10:44 - 2015-11-26 11:16 - 000885880 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2019-01-29 10:44 - 2015-11-26 11:16 - 000693768 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2019-01-29 10:33 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI(407)
2019-01-29 10:25 - 2016-12-15 18:59 - 000001911 _____ C:\Users\ki\Desktop\System Mechanic - täglich.lnk
2019-01-29 10:20 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-24 12:18 - 2016-01-08 21:13 - 000000000 ____D C:\Users\ki\AppData\Local\Packages
2019-01-22 11:43 - 2012-10-12 13:40 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2019-01-21 10:41 - 2017-03-02 13:44 - 000000520 _____ C:\WINDOWS\Tasks\ki.job
2019-01-21 10:39 - 2017-03-02 13:44 - 000000382 _____ C:\WINDOWS\Tasks\ki NBAgent 6 0.job
2019-01-21 10:37 - 2017-03-02 13:41 - 000000552 _____ C:\WINDOWS\Tasks\ki Nero LIVEBackup 6 0.job
2019-01-21 10:32 - 2018-01-08 11:37 - 000001248 _____ C:\Users\ki\Desktop\Freecom Hard Drive Info.lnk
2019-01-20 22:58 - 2018-12-01 20:17 - 000002369 _____ C:\Users\Public\Desktop\Driver Booster 6.lnk
2019-01-20 22:57 - 2018-03-04 19:27 - 001122200 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2019-01-20 22:56 - 2018-03-04 19:16 - 000070024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2019-01-18 11:42 - 2012-11-18 18:30 - 000000000 ___RD C:\Users\ki\Documents\Scanned Documents
2019-01-17 21:58 - 2013-08-15 02:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-17 20:53 - 2011-07-18 21:31 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-17 20:50 - 2009-07-14 03:34 - 000000478 _____ C:\WINDOWS\win.ini
2019-01-17 12:39 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI(99)
2019-01-14 12:40 - 2018-03-07 10:22 - 000000000 ____D C:\Program Files (x86)\OkayFreedom
2019-01-14 12:40 - 2017-11-05 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2019-01-12 18:48 - 2012-10-03 17:09 - 000000000 ____D C:\Users\ki\AppData\Local\AAV
2019-01-12 18:48 - 2012-10-03 16:35 - 000000000 ____D C:\ProgramData\AAV
2019-01-12 17:46 - 2016-03-09 22:30 - 000000000 ____D C:\Users\ki\AppData\Roaming\elsterformular
2019-01-12 10:48 - 2018-03-22 17:38 - 000000000 ____D C:\ProgramData\Phoenix360
2019-01-12 10:37 - 2018-11-18 22:38 - 000002110 _____ C:\Users\Public\Desktop\System Mechanic.lnk
2019-01-12 10:37 - 2017-05-20 07:57 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-12 10:32 - 2014-08-04 15:14 - 000000000 ____D C:\Users\ki\AppData\Local\Downloaded Installations
2019-01-12 10:02 - 2012-10-03 17:09 - 000000000 ____D C:\Users\ki\Documents\Steuerfälle
2019-01-11 21:39 - 2017-07-19 07:10 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-11 21:37 - 2012-07-29 09:27 - 000000000 ____D C:\Program Files\Google
2019-01-11 21:37 - 2012-07-29 09:27 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-11 21:35 - 2017-07-18 08:09 - 000001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2019-01-11 21:35 - 2016-01-14 16:18 - 000000442 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1434372108.job
2019-01-11 21:35 - 2015-06-15 13:41 - 000000000 ____D C:\Program Files (x86)\Opera
2019-01-10 18:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-07 09:00 - 2015-11-03 19:25 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-10-27 10:35 - 2013-10-27 10:35 - 000000432 _____ () C:\Users\ki\AppData\Roaming\.backup.dm
2014-06-30 23:20 - 2014-06-30 23:20 - 000000000 _____ () C:\Users\ki\AppData\Roaming\gdfw.log
2014-06-30 23:20 - 2014-06-30 23:20 - 000000779 _____ () C:\Users\ki\AppData\Roaming\gdscan.log
2014-01-10 10:51 - 2014-01-10 10:51 - 000000000 _____ () C:\Users\ki\AppData\Roaming\pdfconverter
2016-01-14 18:54 - 2015-12-08 15:13 - 015568896 _____ () C:\Users\ki\AppData\Roaming\Sandra.mdb
2017-11-17 10:34 - 2017-11-17 10:47 - 503043688 _____ () C:\Users\ki\AppData\Local\AcronisTrueImage2016_6595.exe
2016-01-10 20:43 - 2016-12-18 17:20 - 000007680 _____ () C:\Users\ki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-03-05 09:01 - 2018-03-06 22:46 - 000034048 _____ () C:\Users\ki\AppData\Local\parallels-pax.log
2013-07-07 19:23 - 2013-07-07 19:23 - 000007619 _____ () C:\Users\ki\AppData\Local\Resmon.ResmonCfg
2012-07-29 18:31 - 2012-07-29 18:31 - 000017408 _____ () C:\Users\ki\AppData\Local\WebpageIcons.db

Einige Dateien in TEMP:
====================
2019-01-29 10:44 - 2019-01-29 10:44 - 000117264 _____ () C:\Users\ki\AppData\Local\Temp\AcronisProductUpdateUtility.exe
2019-02-03 18:13 - 2018-12-06 09:46 - 007842600 ____N () C:\Users\ki\AppData\Local\Temp\repair60.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\dllhost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dllhost.exe => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-05-02 06:41

==================== Ende von FRST.txt ============================

M-K-D-B · 05.02.2019, 20:44

Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen.

Bitte vergewissere dich zuerst, dass du die folgenden Regeln und Hinweise für eine Analyse inklusive Bereinigung gelesen und verstanden hast:
Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Die Logdatei Addition.txt fehlt, bitte nachreichen.

libaki · 06.02.2019, 09:54

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 4.02.2019
durchgeführt von ki (05-02-2019 11:29:34)
Gestartet von C:\Users\ki\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-05-02 06:14:56)
Start-Modus: Normal

==================== Konten: =========

admin2 (S-1-5-21-453296214-1327697751-653560176-1007 - Administrator - Enabled) => C:\Users\admin2
Administrator (S-1-5-21-453296214-1327697751-653560176-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-453296214-1327697751-653560176-503 - Limited - Disabled)
Gast (S-1-5-21-453296214-1327697751-653560176-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-453296214-1327697751-653560176-1006 - Limited - Enabled)
ki (S-1-5-21-453296214-1327697751-653560176-1001 - Administrator - Enabled) => C:\Users\ki
WDAGUtilityAccount (S-1-5-21-453296214-1327697751-653560176-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Abelssoft Undeleter (HKLM-x32\...\{1FB7B731-3479-4128-8299-A53922E47675}_is1) (Version: 4.0 - Abelssoft)
abylon APP-BLOCKER 2015.5 (Privatversion) (HKLM-x32\...\abylonprotectionmanagerapp-blocker_is1) (Version: 2015.5 - abylonsoft)
abylon BASIC 16.00.2 (Privatversion) (HKLM\...\abylonprotectionmanagerbasic_is1) (Version: 16.00.2 - abylonsoft)
Acronis True Image (HKLM-x32\...\{97F880B8-30EB-4E94-A142-0D2AE3601BC8}) (Version: 23.4.14690 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{97F880B8-30EB-4E94-A142-0D2AE3601BC8}Visible) (Version: 23.4.14690 - Acronis)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - )
Anki (HKLM-x32\...\Anki) (Version:  - )
AntiRansomware 2018 (HKLM-x32\...\AbAppId-82_is1) (Version: 18.1 - Abelssoft)
Any Video Converter 6.1.5 (HKLM-x32\...\Any Video Converter) (Version: 6.1.5 - Anvsoft)
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A05FDFEC-4377-49E0-82CB-B6D1386E89DA}) (Version: 11.3.0.9 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.11 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 2.0.0.8 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Botanicula (HKLM-x32\...\Botanicula) (Version: 1.0 - Amanita Design, s.r.o.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CHIP Best Deal (HKLM-x32\...\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}) (Version: 1.4.21 - Ciuvo GmbH)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.53 - Cliqz.com)
Cole2k Media - Codec Pack (Advanced) 8.0.2 (HKLM-x32\...\Cole2k Media - Codec Pack) (Version: 8.0.2 - Cole2k Media)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.53.0 - OEM) Hidden
concept/design onlineTV 15 (HKLM-x32\...\{C9F7D843-78C5-4A81-A350-D39F00E80178}_is1) (Version: 15.18.12.1 - concept/design GmbH)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden
Cut Out 3.0 (HKLM-x32\...\Cut Out_is1) (Version:  - Franzis.de)
Cut Out pro 4.0 (HKLM\...\Cut Out pro 4_is1) (Version:  - Franzis.de)
Cut Out pro 4.0 (HKLM-x32\...\Cut Out pro 4_is1) (Version:  - Franzis.de)
CutOut 5.0 professional (HKLM\...\CutOut 5 professional_is1) (Version: 5.0 - Franzis.de)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.2408 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Das große Franzis Know-how-Paket DIGITALE FOTOGRAFIE (HKLM-x32\...\Das große Franzis Know-how-Paket DIGITALE FOTOGRAFIE_is1) (Version:  - )
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 2.4.2.14 - INTENIUM GmbH)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.11.64.1020 - Electronic Arts Inc.)
Driver Booster 6 (HKLM-x32\...\Driver Booster_is1) (Version: 6.1.0 - IObit)
Driver Easy 5.6.0 (HKLM\...\DriverEasy_is1) (Version: 5.6.0 - Easeware)
DriverMax 9 (HKLM-x32\...\DMX5_is1) (Version: 9.38.0.268 - Innovative Solutions)
EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.1.7.20160205 - Landesfinanzdirektion Thüringen)
EmRegSysSetup (HKLM-x32\...\{F981214A-0688-45E0-9329-B08BB26B74F9}) (Version: 1.6.0.1306 - Engelmann GmbH) Hidden
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
Erbschaftsplaner (HKLM-x32\...\{8ECA57C8-5C32-4196-B84B-C05818D5CB88}) (Version: 9.01.4 - Wolters Kluwer Deutschland GmbH)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 11.0.159.0 - ESET, spol. s r.o.)
EverDoc 2018 (HKLM-x32\...\{CE690D98-4029-4620-879D-8018BF9CFBEC}_is1) (Version: 3.26 - Abelssoft)
EverDoc Printer++ (64bit) (HKLM\...\{D8156771-98B2-4A23-8122-C904F2410DF1}) (Version: 1.0.0 - Printer++)
eXpert PDF 10 Asian Fonts Pack (HKLM\...\{E56F569B-E087-4408-BAC8-EAFF9808C40B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Convert Module (HKLM\...\{14EAE63C-8627-4FAC-89CD-E1BC5F6BE400}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Create Module (HKLM\...\{7A58AA20-FCA7-47AD-B766-1DC0E363E514}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Edit Module (HKLM\...\{04F3C8D3-E68A-420E-955C-D6EA51434DD3}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Forms Module (HKLM\...\{8E26322E-3348-4BC7-AA55-7E7A82A3391B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Insert Module (HKLM\...\{50DF4766-CCD7-4BEB-B46F-728F6526077F}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 OCR Module (HKLM\...\{13E8528E-D6ED-459E-AEB2-CC0E8E68962A}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Review Module (HKLM\...\{39B5B664-DD6B-4397-83B3-BFF70B18B8B5}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Secure Module (HKLM\...\{FB5E4A8D-421B-47A1-82DE-28630F24476B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 View Module (HKLM\...\{CAB4BBED-DD47-4857-8E46-C34F3B295080}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
File Repair (HKLM-x32\...\File Repair_is1) (Version:  - File Repair)
FileFusion 2018 (HKLM-x32\...\8FFF2B94-7E68-4C49-8CF8-46C7AC3033B9_is1) (Version: 1.22 - Abelssoft)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Formatwandler 2014 (HKLM-x32\...\{c27f2a3d-93d7-4112-b0ba-424b59be1ad2}) (Version: 6.0.5060.20182 - S.A.D.)
Formatwandler2014Setup (HKLM-x32\...\{34F7D819-71A6-420A-9DBB-0FF9A3DBF108}) (Version: 6.0.0.1311 - Engelmann Media GmbH) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.16.525 - Digital Wave Ltd)
Freecom Hard Drive Info 1.05 (HKLM-x32\...\Freecom Hard Drive Info_is1) (Version:  - Freecom)
Freecom Product Update 1.06 (HKLM-x32\...\Freecom Product Update_is1) (Version:  - Freecom)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HDR projects photo (64-Bit) (HKLM\...\HDR_PROJECTS_2_1_3BF7CE82_is1) (Version: 2.26 - Franzis Verlag GmbH)
HDX4DirectShowFilter (HKLM-x32\...\{EED2BE94-5D8F-4D1B-AECC-88F645262E68}) (Version: 1.0.0.1305 - Engelmann GmbH) Hidden
iCloud (HKLM\...\{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}) (Version: 7.4.0.111 - Apple Inc.)
Incomedia WebSite X5 v11 - Compact (HKLM-x32\...\{C6AE8967-DF23-42DF-B362-8263A5496338}_is1) (Version: 11.0.8.31 - Incomedia s.r.l.)
Incomedia WebSite X5 v11 - Home (HKLM-x32\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.2.14 - Incomedia s.r.l.)
Incomedia WebSite X5 v12 - Home (HKLM-x32\...\{D25ADC00-2219-495D-A577-F14D1BE72756}_is1) (Version: 12.0.9.30 - Incomedia s.r.l.)
InfoBibliothek (HKLM-x32\...\{F5FB4B71-6301-11D4-9AD1-00A0C9B0C5F6}) (Version:  - Akademische Arbeitsgemeinschaft)
InfoBibliothek 2 (HKLM-x32\...\{78D7D7CD-A06B-4514-ACBD-8055BF945A8E}) (Version: 1.08.03.01 - Akademische Arbeitsgemeinschaft Verlag Wolters Kluwer GmbH)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
iTunes (HKLM\...\{BC437DDC-48E8-4089-9EA0-58414984466E}) (Version: 12.7.4.76 - Apple Inc.)
JackKeane2 (HKLM-x32\...\JackKeane2) (Version:  - )
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeyDepot (HKLM\...\KeyDepot_is1) (Version: 3.20 - Abelssoft)
K-Lite Mega Codec Pack 10.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Lern-o-Mat (HKLM-x32\...\{37BFAE1E-D0E3-4C98-905C-FBBC4305843E}) (Version:  - )
Macromedia Dreamweaver MX 2004 (HKLM-x32\...\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}) (Version: 7.0 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.5 - Macromedia)
Macromedia Fireworks MX 2004 (HKLM-x32\...\{E583ED6F-BD99-4066-A420-C815BF692B69}) (Version: 7 - Macromedia)
Macromedia Flash MX 2004 (HKLM-x32\...\{2F353D44-73BB-4971-B31D-F7642E9E9531}) (Version: 7 - Macromedia)
Macromedia FreeHand MXa (HKLM-x32\...\{939740B5-0064-4779-854A-8C1086181C05}) (Version: 11.0.1 - Macromedia)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (HKLM\...\{4745C004-7D5D-42BB-816A-79BF29C3A65C}) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{4745C004-7D5D-42BB-816A-79BF29C3A65C}) (Version: 4.3.2.0 - MAGIX Software GmbH)
MAGIX Music Maker 2013 (HKLM\...\{E7F7CA64-C0FC-4499-BC4D-C764E24CA67B}) (Version: 19.0.7.67 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2013 (HKLM-x32\...\MX.{E7F7CA64-C0FC-4499-BC4D-C764E24CA67B}) (Version: 19.0.7.67 - MAGIX Software GmbH)
MAGIX Music Maker 2013 Trial Soundpools (HKLM\...\{D826D424-4166-40D5-A70C-9C3A78F01ACD}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2013 Plus (HKLM\...\{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}) (Version: 12.0.1.4 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Plus (HKLM-x32\...\MAGIX_{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}) (Version: 12.0.1.4 - MAGIX AG)
MAGIX Video deluxe 2016 Plus (HKLM\...\{E2795C69-E7BE-4AD7-AD29-77DD7E9263C2}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Plus (HKLM\...\MX.{E2795C69-E7BE-4AD7-AD29-77DD7E9263C2}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Plus Update (HKLM\...\{90158760-3F6F-495C-999D-645767BCEF2C}) (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Plus Update (HKLM\...\{9C94F5B0-D567-4FE8-BCE3-EE1BE03BF1EE}) (Version: 15.0.0.77 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus 2013 Update (HKLM\...\{E6FD1013-27CC-4122-96EE-5E2ED42B3C40}) (Version: 12.0.4.2 - MAGIX AG) Hidden
MAGIX Video easy SE (HKLM\...\{D0498EA9-0858-4E1B-B25A-C907ACD15E67}) (Version: 3.0.1.41 - MAGIX AG) Hidden
MAGIX Video easy SE (HKLM-x32\...\MAGIX_{D0498EA9-0858-4E1B-B25A-C907ACD15E67}) (Version: 3.0.1.41 - MAGIX AG)
Manager (HKLM-x32\...\{330A7F6B-389D-4E1B-9746-791FEED7C126}) (Version: 10.0.3.26918 - Avanquest Software) Hidden
MatheAss 8.2 (HKLM-x32\...\MatheAss_is1) (Version:  - MatheAss)
MatheGrafix 10 (Version 10.2) (HKLM-x32\...\MatheGrafix 10_is1) (Version:  - )
Medion Home Cinema (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.) Hidden
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 65.0 (x64 de) (HKLM\...\Mozilla Firefox 65.0 (x64 de)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
mufin player 2.5 (HKLM\...\{56BE895E-C1B1-4692-B030-200AB920AA98}) (Version: 2.5.1.255 - mufin GmbH) Hidden
mufin player 2.5 (HKLM-x32\...\MAGIX_{56BE895E-C1B1-4692-B030-200AB920AA98}) (Version: 2.5.1.255 - mufin GmbH)
My Lockbox 3.9 (HKLM\...\My Lockbox_is1) (Version: 3.9 - )
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
MyKeyFinder 2018 (HKLM-x32\...\{c6396ed4-bdba-4f98-8739-767cb6bd16e6}_is1) (Version: 7.2 - Abelssoft)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
NebenkostenAbrechnung (HKLM-x32\...\{DD7B3EBE-EB93-493C-9400-1E4EE8A3889A}) (Version: 4.02.6 - Akademische Arbeitsgemeinschaft)
NebenkostenAbrechnung 2016 (HKLM-x32\...\{8033F294-375C-4FCC-9080-48A9460D9A98}) (Version: 5.01.6 - Akademische Arbeitsgemeinschaft)
NebenkostenAbrechnung 2017 (HKLM-x32\...\{AA1E9035-0D45-4052-AED6-83E1D55450B7}) (Version: 6.02.3 - Wolters Kluwer Deutschland GmbH)
NebenkostenAbrechnung 2018 (HKLM-x32\...\{A1E71C08-087A-47C7-88BD-80A1F58DA606}) (Version: 7.01.5 - Wolters Kluwer Deutschland GmbH)
NebenkostenBerater (HKLM-x32\...\{C53576FF-2304-499E-8595-BECFA97C5ADC}) (Version: 1.00.4 - Akademische Arbeitsgemeinschaft)
Nero BackItUp 11 Essentials CDPack (HKLM-x32\...\{BD0516DD-705C-441F-A30D-1CC289895309}) (Version: 11.0.00200 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
NetObjects Fusion 12.0 (HKLM-x32\...\{0354854F-F8B8-4AA8-9944-93A1A5533DD2}) (Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (HKLM-x32\...\{051F9CB0-1499-4A0E-A861-CB19A5AAA906}) (Version: 12.00.5000.5041 - NetObjects) Hidden
NetObjects Fusion 12.0 (HKLM-x32\...\{B962E962-6369-4F66-AF35-79CB39270D12}) (Version: 12.00.5000.5041 - NetObjects) Hidden
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.8.4 - Steganos Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paragon Drive Copy™ 14 Professional (HKLM\...\{24371D30-7CFF-11DE-B053-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PC-WELT Datensafe Version 3.0.1.3632 (HKLM-x32\...\PC-WELT Datensafe 1_is1) (Version: 3.0.1.3632 - PC-WELT)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Speed Converter (HKLM\...\{EC38DB84-B902-4F2D-92D7-297E4E3A0A2A}_is1) (Version: 1.0 - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PhotoFilmStrip 2.0.0 (HKLM-x32\...\PhotoFilmStrip_is1) (Version: 2.0.0 - Jens Gï¿½pfert)
PhotoFilmStrip 3.0.2 (HKLM\...\PhotoFilmStrip_is1) (Version: 3.0.2 - Jens Göpfert)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Readiris Pro 14 (HKLM-x32\...\{64A9C130-E372-48E9-B31E-E04A42382751}) (Version: 14.00.5526 - I.R.I.S.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8351 - Realtek Semiconductor Corp.)
RipTiger Extras 4.5.4 (HKLM-x32\...\{2EE6D53B-957E-48d1-801B-0B7DE81BACED}_is1) (Version: 4.5.4 - cyan soft ltd)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.148 - Clarus)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.01.16.02 - Samsung Electronics Co., Ltd.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.23.04 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.26.00 - Samsung Electronics Co., Ltd.)
Samsung SCX-472x Series (HKLM-x32\...\Samsung SCX-472x Series) (Version:  - Samsung Electronics Co., Ltd.)
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Schülerdatei (HKLM-x32\...\Schülerdatei_is1) (Version:  - )
Scratch 2 Offline Editor (HKLM-x32\...\{8EC964DA-D411-7B20-A99B-9962713680F1}) (Version: 255 - MIT Media Lab) Hidden
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 446 - MIT Media Lab)
Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.18.9 - NVIDIA Corporation) Hidden
SiSoftware Sandra Lite 2016.RTMa (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2596}_is1) (Version: 22.15.2016.1 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{8A9079EA-59DE-491F-937A-D421399B7762}) (Version: 7.6.0.295 - Skype Technologies S.A.)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Soda Manager (HKLM-x32\...\{C7C04652-1CE7-4790-AF71-F37C082C4044}) (Version: 8.0.0.0 - LULU Software Limited) Hidden
Soda PDF 8 Asian Fonts Pack (HKLM\...\{214DC3BA-0E51-401B-9FAC-512186CBE08B}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Business Module (HKLM\...\{FB66BC19-19C5-4211-855C-BFE388EBE773}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Convert Module (HKLM\...\{FDF19452-6439-43B3-AF1F-E84C301D7956}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Create Module (HKLM\...\{82994364-3EA2-4B4E-8265-A7A60E18254F}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Edit Module (HKLM\...\{DEBA93B7-89BE-41F3-8AB7-5A7BC2B56D2F}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Forms Module (HKLM\...\{5EDF1F34-0447-454C-BADB-E209EF0F6639}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Insert Module (HKLM\...\{B9AA0685-D11B-48B4-BDAE-190C5A696DD0}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 OCR Module (HKLM\...\{E972E48E-1F99-44BD-9018-02A61452D7D5}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Review Module (HKLM\...\{800C215F-F077-4F1D-9E69-BDDF9B1D990A}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Secure Module (HKLM\...\{0D76BDF5-298A-4387-93A4-EFFE4D61E0AF}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 View Module (HKLM\...\{AF490208-AD16-4608-82FE-4DC173321645}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF Desktop Asian Fonts Pack (HKLM\...\{5F6367B4-01D5-49B3-BDDE-57DEC193B11D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Convert Module (HKLM\...\{1E41EF6F-EDCD-41FA-8221-48B1BC58B61D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Create Module (HKLM\...\{5034E38F-CF0F-4886-B774-DF168A7BA5C0}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Edit Module (HKLM\...\{A40CDD7A-2708-4591-BD85-075BA6BAB453}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Forms Module (HKLM\...\{BE9C0706-9862-4DD0-BFE9-93951C197D8D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Insert Module (HKLM\...\{1A11B1AA-C1DA-4D51-85D2-B378BA07951C}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop OCR Module (HKLM\...\{A5FBED78-28E5-4652-98DA-EDD1302760D8}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Review Module (HKLM\...\{3F07016A-5061-4E3E-A62B-34362F9C3C63}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Secure Module (HKLM\...\{AF5B847F-6E87-4E8A-AEB8-33ACA3DE25C5}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop View Module (HKLM\...\{1210F4F8-B9D8-4956-BADD-FE9D74CB89BF}) (Version: 9.1.17.32812 - LULU Software) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StarMoney (HKLM-x32\...\{113B170E-9109-4EF0-8D70-4596A68E1873}) (Version: 6.0.0.313 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{1FCBD504-AB7D-4757-9A14-850348384B08}) (Version: 3.0.0.124 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{2E6951AE-6A91-4D23-959C-BA407FED3704}) (Version: 6.0.0.313 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{5A6DB7C1-E646-4842-A562-49C5EB8F2B47}) (Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{5C1209B1-FA1D-40D3-BA13-4ED9F0F31002}) (Version: 6.0.1.83 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{99D7711E-74BE-4920-8088-CB785D4C406F}) (Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{BA8CA518-A9B4-485C-AEE0-22E3F0E0E5F6}) (Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{E2F2B987-F2BC-4969-95F2-92099486B811}) (Version: 3.0.0.124 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{E771D898-9A06-4EEF-B84D-B2DB75080F3E}) (Version: 6.0.1.83 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{F902AB2B-7816-4CBD-A385-F2549F62956B}) (Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 10  (HKLM-x32\...\{1C51BBA9-A010-4098-AD87-D414CF872E12}) (Version: 10 - Star Finanz GmbH)
StarMoney 11  (HKLM-x32\...\{D81DBDD1-5FF9-48D1-8791-ACFF23AEC017}) (Version: 11 - Star Finanz GmbH)
StarMoney 11 Deluxe  (HKLM-x32\...\{E151227E-E09D-4657-9D64-58F2B4114F5D}) (Version: 11 - Star Finanz GmbH)
StarMoney 8.0  (HKLM-x32\...\{F5E1ED93-1898-41ED-B971-4F0F8E40FAF4}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0  (HKLM-x32\...\{B204FCA1-735D-4E6C-852F-050148A2B49A}) (Version: 9.0 - Star Finanz GmbH)
StartupStar (HKLM-x32\...\{C8A6121E-BE35-418D-91EF-A9536DA70B36}_is1) (Version: 9.0 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steganos Password Manager 15 (HKLM-x32\...\{B8F35E03-DC02-4CAB-AEF2-577B4CA25E8A}) (Version: 15.2.5 - Steganos Software GmbH)
Steganos Safe 16 (HKLM-x32\...\{F0EC576B-4985-4B60-929B-63F646BAAC1B}) (Version: 16.1 - Steganos Software GmbH)
Steganos Safe 17 (HKLM-x32\...\{F5545FAD-705B-4252-B7DD-E437044A15E1}) (Version: 17.1.2 - Steganos Software GmbH)
Steganos Safe 18 (HKLM-x32\...\{0A81476E-6553-443B-B34F-0BFE17ACAFFB}) (Version: 18.0.2 - Steganos Software GmbH)
SterJo Key Finder (HKLM-x32\...\{2F6B7734-A549-47B2-BE8D-CCB422F4EA9D}_is1) (Version: 1.8 - SterJo Software)
SteuerBerater 2014-2015 (HKLM-x32\...\{57FFBFD1-3865-4357-9A6F-3035EA807A17}) (Version: 15.09.0 - Akademische Arbeitsgemeinschaft)
SteuerBerater 2015-2016 (HKLM-x32\...\{342BD7F7-8BBD-403A-B09B-F3361A1365E3}) (Version: 15.11.0 - Akademische Arbeitsgemeinschaft)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{0DD6CFE2-C3A7-4286-A362-B13BC8AD553F}) (Version: 17.09.0 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{CADF44B6-B8A2-4398-B8FA-EDD157589B81}) (Version: 18.09.1 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.16.113 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.41.113 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2017  (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.37.88 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2018 (HKLM-x32\...\{A1D1FDBD-02F9-49B6-9EB2-2DC6B1D37E16}) (Version: 23.35.52 - Wolters Kluwer Deutschland GmbH)
Steuer-Spar-Erklärung Plus 2012 (HKLM-x32\...\{3BCDCC6A-3A47-4883-8A0C-55AC061316CB}) (Version: 17.17.11 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung Plus 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.43.178 - Akademische Arbeitsgemeinschaft)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Mechanic (HKLM-x32\...\{95129D61-FF52-4FA8-A403-3E31FC5D9696}) (Version: 18.5.1.208 - iolo technologies, LLC)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Secret Legacy DE Version 1.11 (HKLM-x32\...\{20067A8B-9363-45B9-B5D3-7845B276EBAF}_is1) (Version: 1.11 - )
The Silver Lining (HKLM-x32\...\{26ED4308-E0A5-4AE2-A1BC-7A55BC7DD32F}) (Version: 4.0.0 - Phoenix Online)
Toolbar Terminator (HKLM-x32\...\Toolbar Terminator_is1) (Version: 2.06 - Abelssoft)
Torch (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\Torch) (Version: 42.0.0.10338 - Torch Media, Inc) <==== ACHTUNG
Unmechanical (HKLM\...\UDK-c913fb41-1b8a-467f-9499-8ab2dd1ba145) (Version:  - Talawa Games - Teotl Studios)
Unsterbliche Liebe: Eine Vampirgeschichte (Vollversion) (HKLM-x32\...\Unsterbliche Liebe: Eine Vampirgeschichte (Vollversion)) (Version: 0.0.0.0 - INTENIUM GmbH)
Update for Skype for Business 2015 (KB4461557) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{BB7D10A9-A135-4EB8-82F1-8A25FEB1B327}) (Version:  - Microsoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WebM Project Directshow Filters (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\webmdshow) (Version:  - )
WhatsApp (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\WhatsApp) (Version: 0.2.6426 - WhatsApp)
Willi 2.130 (HKLM-x32\...\Willi_is1) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinFunktion Mathematik plus 20 (HKLM-x32\...\{CDBA97DF-63B9-44E7-B900-92E8165260C0}) (Version: 1.00.0000 - bhv Publishing GmbH)
WinHTTrack Website Copier 3.48-19 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinX HD Video Converter Deluxe 5.12.1 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WinX MediaTrans (HKLM-x32\...\WinX MediaTrans) (Version: 3.2 - Digiarty Software, Inc.)
Wondershare TunesGo Retro ( Version 4.8.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.8.3 - Wondershare)
Wondershare Video Converter Platinum HD 2012(Build 5.1.3.1) (HKLM-x32\...\Wondershare Video Converter Platinum HD 2012_is1) (Version:  - Wondershare Software)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Yawcam 0.6.0 (HKLM-x32\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version: 0.6.0 - Yawcam)
Zoolz2 (HKLM-x32\...\Zoolz2) (Version: 2.1 - Genie9)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-453296214-1327697751-653560176-1001_Classes\CLSID\{04419CEE-76E5-4487-B32E-68C0FD0C07E4}\InprocServer32 -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ContextMenuHandlers1: [!NetFax0] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax1] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax2] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax3] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax4] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax5] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax6] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax7] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> Keine Datei
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Keine Datei
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [eXpertPDF10_ManagerExt] -> {0D0BC151-74FD-4755-8F00-5CAD33DEB334} => C:\Program Files\eXpert PDF 10\creator-context-menu.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2015-08-31] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\x64\Incinerator.dll [2018-12-14] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-03-18] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1-x32: [SodaPDF8_ManagerExt] -> {3515E187-6607-4A1B-B616-26C7A7B4B32A} => C:\Program Files\Soda PDF 8\creator-context-menu.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
ContextMenuHandlers1-x32: [SodaPDFDesktop_ManagerExt] -> {526A2ADD-BD9B-40E5-9D45-75EF6313FCE4} => C:\Program Files\Soda PDF Desktop\context-menu.dll [2017-03-23] (LULU Software -> LULU Software)
ContextMenuHandlers1-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> Keine Datei
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> Keine Datei
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2-x32-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2-x32-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2-x32-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2-x32-x32: [SteganosShellExtension] -> {FAE0A3E0-3010-41BA-9DDC-A631394F047F} => C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll [2014-08-27] (Steganos Software GmbH -> )
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3-x32: [SteganosShellExtension] -> {FAE0A3E0-3010-41BA-9DDC-A631394F047F} => C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll [2014-08-27] (Steganos Software GmbH -> )
ContextMenuHandlers3-x32: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Keine Datei
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> Keine Datei
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\x64\Incinerator.dll [2018-12-14] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers4: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers6-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {005FF483-C399-428E-A248-A7C3C5E6A0B9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {017C2C94-4CAA-4479-8296-FA8237A76850} - System32\Tasks\{9CADD5AC-73EF-4AA4-BF15-C0220579CE08} => E:\UnmechanicalSetup.exe
Task: {07A2F410-0531-4518-B8E5-7C272634E1DB} - System32\Tasks\{E9D3106E-6A84-4C00-8C62-0D26D5B04A63} => C:\Riot Games\League of Legends\lol.launcher.exe
Task: {097C36B8-81DC-4BEA-919A-FD1C4C233811} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0A2CDD30-4E5D-48F3-836B-07F074373B81} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {0B2D7193-55BB-4AD0-BC9F-81910C75C9C2} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
Task: {0ED6EE64-CE9B-4B46-B09A-7EEE89FC490D} - System32\Tasks\{D55ED03E-EEAA-4724-9CF2-642C1745D0A0} => E:\Setup.exe
Task: {11976B1A-6D81-4209-A629-549A0F6BD412} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {19C1E80E-17B2-4866-AACF-EBD28B3CB91D} - System32\Tasks\{73B123F4-BB1A-4A78-9729-19DCC02943B8} => E:\UnmechanicalSetup.exe
Task: {1AA9EB57-B2A6-48FF-91E9-85F9F760FD79} - System32\Tasks\{9590372A-2D8A-4BF2-A579-A131305D9F3F} => E:\Setup.exe
Task: {210E3939-4E2C-4133-9318-A8F73EC00F0D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {22E0B6FD-6449-4877-8198-29734A3D091D} - System32\Tasks\{C1705EBC-84AD-48C0-9BAE-2C8F6A90D8CB} => E:\Setup.exe
Task: {24243E1D-F5AD-4948-8F67-7792EF2559A1} - System32\Tasks\Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: {270ACFEE-6BC2-480A-AE0A-6A82B2FAFC95} - System32\Tasks\Opera scheduled Autoupdate 1434372108 => C:\Program Files (x86)\Opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
Task: {2D6FB77B-67CF-4F7F-AA3C-70EDF20D237E} - System32\Tasks\{BFCF381A-450A-469C-ADDE-6F6B5F57D06C} => E:\Setup.exe
Task: {33E6120C-4918-44AA-A09A-2B9B9A32BB89} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {3435508B-53E3-49E6-A408-0A18572B4B6F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: {3930E452-5948-4A0A-BD8A-AA3E1AE53656} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B6A2309-D4C0-4A87-B670-CF5B8479F344} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3BB027E6-5FB0-4822-9C29-CB9BB40F6418} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {4599A38A-6DDB-4005-AF09-2E350148931E} - \iolo System Checkup -> Keine Datei <==== ACHTUNG
Task: {45B409AD-034D-4F23-A99B-072DEF830C85} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {46642FC4-9B88-4BFF-BCF9-8FA05171DD63} - System32\Tasks\{90A50835-D061-4E5A-B55D-AA819B9BF2D2} => E:\setup.exe
Task: {4CFBA724-AC35-40F1-9AA6-5C59074C32F4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {57F069D5-4C9F-4526-A80C-7F959EBE9C36} - System32\Tasks\Driver Booster SkipUAC (ki) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2018-11-01] (IObit Information Technology -> IObit)
Task: {582CE772-BC1A-4AAE-95A9-612E3F71F407} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5AD4B854-D0B1-4B16-9AEF-91CD1C477465} - System32\Tasks\{0522FF20-425B-4A33-9F00-A67F6020D2D1} => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe [2013-03-06] (Clarus, Inc. -> Clarus, Inc.)
Task: {5C83D2C2-4240-41BE-B399-E2B666121C70} - System32\Tasks\{9B161523-A1AB-49C1-8A95-D1DA0838C8A0} => C:\Windows\system32\pcalua.exe -a C:\Users\ki\Downloads\__setup\origin\EAProxyInstaller.exe -d C:\Users\ki\Downloads\__setup\origin
Task: {5E24DEE7-0319-4D5B-A92C-72A8AA0CE3D3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {61930305-F19E-4022-A0F5-9AFE4DA72D21} - System32\Tasks\{693DFF4A-33D2-4688-945B-E58745A679E2} => E:\Setup.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] (Microsoft Windows -> )
Task: {6C0903E5-E081-49B5-A180-CBDFBD47EA5C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {6F363371-5ED9-4E16-A65A-DBC8F673B26A} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: {711158E6-B06F-471B-86C7-24188A5B82C1} - System32\Tasks\{0648C2C1-134B-44D0-8B68-2EF0E75BBA7D} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {72BBEF92-3230-482B-BB2E-2D66919CAE87} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {786E9AC0-E9C9-4121-BE57-6D0374AEEED1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7C1072AC-E5C1-4958-96E6-B4C18EA10170} - System32\Tasks\{6596D6D0-D533-4230-B0DE-897090408593} => E:\setup.exe
Task: {803D698F-2E53-48EF-875C-2278DF667F47} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {81C9863B-7FA7-4B5B-8724-6D0B80E88929} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {86BF9FEA-246B-4BF8-8D0F-35C7E87D2CC9} - System32\Tasks\{69F8A2B6-FF3E-4FAA-A527-BBE452D2D6FD} => E:\Setup.exe
Task: {86CB65FD-A669-46AB-8C40-44EA1B66F7A8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [2015-12-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {8B06F82D-A2F9-4620-B1CD-9FE4061DC117} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8DCA13C7-79D3-4267-BB09-F3CD32B45F31} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {932C4323-7164-4A14-81E7-96EC6F502B77} - System32\Tasks\{7CE09119-BA9C-40FC-B6CF-D788A2EAE78A} => E:\Setup.exe
Task: {95FD1E60-E0CE-45D0-8DAF-4CB256A794E9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {9DD09A7E-1129-4EE7-8921-B6081EA3D2D7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {A085CFC0-820A-42E8-9DB3-135E1E5EE0BE} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {A62730A4-775A-4CAB-A3A5-95E691C893FD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6420339-7020-4EA4-B0B8-6FF817DEA3F7} - System32\Tasks\{B80F7492-C5BB-48E2-A3F7-F0F78A8A97AE} => E:\Setup.exe
Task: {AC19F91D-88FB-4EE8-BCB3-9E436C9D4173} - System32\Tasks\{B7E5C3C4-CC9E-4E82-A368-A6ACB2EC3612} => C:\Program Files (x86)\PurpleHills\Hinter dem Spiegel 2 - Die Rache der Hexe\Hinter dem Spiegel 2 - Die Rache der Hexe.exe
Task: {AD7FAB58-15DC-4E7D-A4E1-60EE5974B9B7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF420AC6-CA29-4854-8452-097F3807D77A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B1755605-0002-40BC-A59E-ED40228951C7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B56855C3-CFA8-4744-90DD-C08B87E79145} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B5F353CE-6293-49C1-8158-8E7C22EB387F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B96C9C24-70D6-46E5-A7F3-75692D7EFF8F} - System32\Tasks\{3D04DC53-894A-434C-B973-CD7DF46009F7} => E:\Setup.exe
Task: {BC1F3F6C-F1E2-42CC-BA42-212625E078DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc -> Google Inc.)
Task: {BD2B3A81-5556-404C-80F1-DD22E14AB662} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDBDC914-38F2-46FF-BD95-416907B1EE4B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDF5C7EC-5DB2-4E20-A738-75EEB5769C36} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BF55D50F-4BD1-4281-8081-6E07C392CE0D} - System32\Tasks\{5253A38C-6B14-4535-A833-A02146A8D6DE} => E:\Setup.exe
Task: {C563629E-5497-4215-BC3B-DD04C07296C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C5CEF710-B82C-4803-9A56-EA0E655E94C6} - System32\Tasks\{77F5C58B-2213-42ED-9C3C-F3F5240FC611} => E:\UnmechanicalSetup.exe
Task: {C8F09960-D197-4F28-A1BC-FD496E178B92} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
Task: {C930D8A9-9D5E-4B82-9426-574EF5568749} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {CCD1963F-9C59-4686-AC1B-2DCDF36F512C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CF301B6E-11D9-471A-B3D2-C39BE39108AF} - System32\Tasks\{D41300D7-0B44-4C90-8A23-41DF48B40F61} => C:\Program Files (x86)\PurpleHills\Hinter dem Spiegel 2 - Die Rache der Hexe\Hinter dem Spiegel 2 - Die Rache der Hexe.exe
Task: {D24F4A6C-D68F-4228-A0D3-396DBF5E0385} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5CEE429-72A3-4AF6-8FC9-4B8CA91CDD4D} - System32\Tasks\{270FB380-866E-41F6-8DEA-26B1B4ED881E} => E:\Setup.exe
Task: {D6BDD73A-E61D-4BC5-A3B1-DDEA50ADEDA0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8CECB80-90EB-48A3-AFCA-A1EFE96085E2} - System32\Tasks\Abelssoft\ToolbarTerminator Background Guard => C:\Program Files (x86)\ToolbarTerminator\TTBackgroundGuard.exe [2015-10-20] (Microsoft)
Task: {DEE376CD-0049-412E-B9B3-C92B20E40170} - System32\Tasks\{6E62401D-3F6D-44C0-BC9E-E20A595F5953} => E:\Setup.exe
Task: {DF357ABB-C54F-4F80-846D-CB69F21A717E} - System32\Tasks\chipSWU => cscript.exe "C:\Program Files (x86)\chip\Internet Explorer\swu.vbs"
Task: {E03A5ED7-5F84-4B56-922C-07176FA9CCAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc -> Google Inc.)
Task: {E0A2C520-6FE9-4E4E-95C8-33B4BE9805D0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E6127866-8945-4453-B377-341872E47C62} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E7EAF5F9-12E0-4299-A829-013AA1BC8025} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe
Task: {EDCBC82A-6F80-4802-BADA-9E31595766CC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F0BD0592-FDCA-4385-84FC-E0BD7AFC8AA7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F553CEE9-0C11-49B7-8685-9C48DBBE33D4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {FDBB2CC5-172D-41B6-8B30-DC1538CBEE93} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DriverMax Notification.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\DriverMaxAgent.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\DriverMaxWelcome.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d25980b04c1a1a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ki NBAgent 6 0.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
Task: C:\WINDOWS\Tasks\ki Nero LIVEBackup 6 0.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe C:\Users\ki\AppData\Roaming\Nero\Nero 11\Nero BackItUp\Files\ki Nero LIVEBackup.nji
Task: C:\WINDOWS\Tasks\ki.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe C:\Users\ki\AppData\Roaming\Nero\Nero 11\Nero BackItUp\Files\ki.nji
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1434372108.job => C:\Program Files (x86)\Opera\launcher.exe
Task: C:\WINDOWS\Tasks\StartupStar Firewall.job => C:\Program Files (x86)\StartupStar\StartupStar.exe
Task: C:\WINDOWS\Tasks\Zoolz Start Backup.job => C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\ki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Web.de.lnk -> C:\Users\ki\AppData\Local\Torch\Application\torch.exe (Torch Media Inc.) ->  --run-by-ddi hxxp://web.de/

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-07-26 10:42 - 2013-07-26 10:42 - 000034304 _____ () C:\WINDOWS\System32\ssa3mlm.dll
2018-12-01 20:36 - 2018-12-01 20:36 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2015-08-10 16:58 - 2015-11-16 16:18 - 000020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 001157592 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2019-01-29 10:45 - 2019-01-29 10:45 - 006299944 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2015-12-05 17:39 - 2015-10-15 11:50 - 000469352 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE
2015-12-05 17:39 - 2015-09-28 20:06 - 002462568 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPToolsx64.dll
2015-12-05 17:39 - 2015-09-28 20:06 - 000320360 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPLangx64.dll
2015-12-05 17:39 - 2015-09-28 20:06 - 003275624 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPCmn32x64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 005835168 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-14 10:06 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2014-08-27 16:02 - 2014-08-27 16:02 - 000226656 _____ () C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-12 17:20 - 2018-04-12 17:20 - 026934272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.19011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-04-12 17:20 - 2018-04-12 17:20 - 008070656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.19011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-04-12 17:20 - 2018-04-12 17:20 - 010077184 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.19011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 000754416 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2018-11-23 13:02 - 2018-11-23 13:02 - 004785640 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2018-11-23 12:08 - 2018-11-23 12:08 - 007128176 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2018-04-12 17:20 - 2018-04-12 17:20 - 004369920 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.10601.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-04-12 17:21 - 2018-04-12 17:21 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.10601.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-04-12 17:18 - 2018-04-12 17:18 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-04-12 17:18 - 2018-04-12 17:18 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-04-12 17:18 - 2018-04-12 17:18 - 024677376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-04-12 17:18 - 2018-04-12 17:18 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\skypert.dll
2018-04-12 17:18 - 2018-04-12 17:18 - 000667648 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 000326688 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter64\pcs_io.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 000769056 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter64\archive3.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 000050608 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter64\winpthreads4.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 000289824 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter64\zstd.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 000189984 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter64\file_backup.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 000400416 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter64\onig.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 000475136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-04-12 17:22 - 2018-04-12 17:22 - 023358976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 015622144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 003101696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-11-23 12:59 - 2018-11-23 12:59 - 000099896 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schdevid.dll
2018-11-23 12:56 - 2018-11-23 12:56 - 023053136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 000413712 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 001087784 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\schedule.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000277538 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 002386352 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\xerces_c.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000160168 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\libevent.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2018-11-23 12:59 - 2018-11-23 12:59 - 003516192 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2018-11-23 12:59 - 2018-11-23 12:59 - 001168536 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\services_mms_addon.dll
2018-11-23 12:23 - 2018-11-23 12:23 - 000177416 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\archive3_adapter.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 000271392 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\pcs_io.dll
2018-11-23 12:09 - 2018-11-23 12:09 - 000042928 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\winpthreads4.dll
2018-11-23 12:09 - 2018-11-23 12:09 - 000225312 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\zstd.dll
2018-11-23 12:01 - 2018-11-23 12:01 - 000144400 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 000261336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 012280336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2018-11-23 12:12 - 2018-11-23 12:12 - 000820440 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp.dll
2018-11-23 12:27 - 2018-11-23 12:27 - 001450728 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp_ex.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 000055312 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2018-06-18 19:12 - 2018-06-18 19:12 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll
2018-11-23 12:00 - 2018-11-23 12:00 - 000680480 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\archive3.dll
2018-12-18 09:38 - 2018-11-13 07:15 - 001059304 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\libxml2.dll
2018-12-18 09:38 - 2017-01-23 16:49 - 000232800 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\PATCHW32.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000085992 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\zlib1.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000143336 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\lzma.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:2AE74FF9 [149]
AlternateDataStreams: C:\ProgramData\Temp:A8185163 [179]
AlternateDataStreams: C:\ProgramData\Temp:CBAF0C30 [170]
AlternateDataStreams: C:\Users\ki\Documents\Grundsicherung 2015.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\ki\Documents\Grundsicherung 2015.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-07-13 17:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\DATA\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\DATA;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Acronis\SnapAPI;C:\Program Files (x86)\Acronis\TrueImageHome;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.

MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: AAV UpdateService => 2
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: AxVirtualAHCISrv => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: eXpert PDF 10 Creator => 2
MSCONFIG\Services: eXpert PDF 10 Manager => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: prl_mobdisp => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SODA Manager => 2
MSCONFIG\Services: Soda PDF 8 Creator => 2
MSCONFIG\Services: Soda PDF Desktop Creator => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WiaRpc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Password Safe.lnk => C:\Windows\pss\Password Safe.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AshSnap => C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Snap\ashsnap.exe
MSCONFIG\startupreg: Clarus Drive Manager => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\ki\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: iLivid => "C:\Users\ki\AppData\Local\iLivid\iLivid.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SanDiskSecureAccess_Manager.exe => C:\Users\ki\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "abylon MANAGER.lnk"
HKLM\...\StartupApproved\StartupFolder: => "psi_tray.exe"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "EverDoc Printer++"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NBAgent"
HKLM\...\StartupApproved\Run32: => "OKAYFREEDOM Notifier"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\StartupFolder: => "abylon MANAGER.lnk"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "DriverMax_RESTART"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "Parallels Access"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{375C62FA-0328-426C-A90F-8E14A6A48AA7}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A3D6C04B-3F82-4BEE-9B86-BEF514EE4198}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3B825E31-1850-40D8-9A0B-CB6828580BDE}] => (Allow) C:\Program Files (x86)\Parallels\Parallels Access\Application\amd64\prl_pm_service.exe Keine Datei
FirewallRules: [{882087D2-5AB2-496F-88FB-7F304665E46F}] => (Allow) C:\Program Files (x86)\Parallels\Parallels Access\Application\amd64\prl_pm_service.exe Keine Datei
FirewallRules: [{1CFF46ED-1C7A-4E34-873C-FDA6C67E610E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia\VisionaireConfigurationTool.exe (Daedalic Entertainment)
FirewallRules: [{39F4B0C6-CCBC-4900-A548-7D0E1F8890B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia\VisionaireConfigurationTool.exe (Daedalic Entertainment)
FirewallRules: [{58F46302-DF00-49F6-93BD-C75A2376F7ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia\deponia.exe (Daedalic Entertainment GmbH)
FirewallRules: [{DEAE8620-9184-4A6C-B752-4B74B3101AB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia\deponia.exe (Daedalic Entertainment GmbH)
FirewallRules: [{BA50F258-E8A9-494E-A329-8A994C0C7332}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Keine Datei
FirewallRules: [{F0B9D49A-8A8A-43B7-9415-B9FA3117A897}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Keine Datei
FirewallRules: [{02F94258-0FA2-4025-9385-65FEA6B8102C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CDA5AB37-4271-4E73-AF66-630567156FCD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{69F0B276-CB4A-404E-8F23-629C0737076B}] => (Allow) C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{F946D9E5-C50A-4DAA-8DF1-FDCAD98BC616}] => (Allow) C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{A8A15DF8-875B-462E-93B6-C438DDC4A7A7}] => (Allow) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{F43B44D1-8199-432A-B364-BD57E890DAAD}] => (Allow) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{6FAFCD80-65B5-4355-A000-029AB9D06B44}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2016 Plus\Videodeluxe.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{E44DB1F0-2CFC-423D-932D-D5121F342CBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BEC2C1EC-A0A2-4B89-BB83-C42C32936AEF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EC3D0797-25F1-405B-8685-7070CE8E64F3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DD3588E0-DA42-4D0D-837B-8FFD09942BF1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A1A2124D-E2FC-4A09-B739-830E7682E6D7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{8E74A874-C528-4AA3-BA44-74BCF84251D1}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{54EE8838-B776-44DE-BE99-93CE332842D8}] => (Allow) C:\Users\ki\AppData\Local\Torch\Application\torch.exe (Torch Media Inc. -> Torch Media Inc.)
FirewallRules: [{CB9422C1-7434-44F8-82DD-99DB6C8B775D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{C5CEC898-F839-4B06-BCAD-6563DE0C77F6}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{964E188F-358F-47DC-928C-6F12539F3A01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D360A33-F337-419A-B164-6B97121E858C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B91AE59-F235-4EB6-920A-202A857204EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{504A19D1-CACB-413A-9DCF-4D68FBB5E638}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F5CC8541-B3CD-4E43-9A68-11407FECA13B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D5A6E017-5665-444B-AA37-9225FBB12CE8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5879CF0F-11CE-41B6-A3CD-A16A89DA0B77}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe Keine Datei
FirewallRules: [{6B781C15-1B45-4124-BF7E-F9ADCF1F3E45}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe Keine Datei
FirewallRules: [UDP Query User{25B90488-0FCB-4751-A6DB-8B77CF0E6A9D}C:\unmechanical\binaries\win32\udk.exe] => (Block) C:\unmechanical\binaries\win32\udk.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{8CF58272-2EE6-494D-8BDF-A20EF5C32394}C:\unmechanical\binaries\win32\udk.exe] => (Block) C:\unmechanical\binaries\win32\udk.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{5DA2853D-782A-4429-906E-0F4A24BBFEE3}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{AB76E6DD-0383-49DF-9183-1817280AC12C}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{EC4595DB-7DFC-4BC1-87F9-2825DBF0720A}] => (Allow) C:\Program Files (x86)\SAMSUNG\Easy Printer Manager\CDAS2PC\CDAS2PC.exe ()
FirewallRules: [{F83174F0-176F-42DD-B263-5903A5FDEDBB}] => (Allow) C:\Program Files (x86)\SAMSUNG\Easy Printer Manager\CDAS2PC\CDAS2PC.exe ()
FirewallRules: [{15127B90-3804-4F6A-A620-1EBC9BE4ADF1}] => (Allow) C:\Program Files (x86)\SAMSUNG\Easy Printer Manager\IDSAlert.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{8415B789-88ED-400E-8502-53F71913906F}] => (Allow) C:\Program Files (x86)\SAMSUNG\Easy Printer Manager\IDSAlert.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{9D0FC559-5DB6-4D62-9676-DF05A88E879E}] => (Allow) C:\Program Files (x86)\SAMSUNG\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{EABE00FE-F991-4E6F-AC9C-BB651CBF2CB3}] => (Allow) C:\Program Files (x86)\SAMSUNG\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{6828CE6C-62A1-4BA0-9001-0B37EA5C1433}] => (Allow) C:\Program Files (x86)\SAMSUNG\Easy Printer Manager\IDS.Application.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{426CB98F-CD9F-428B-84FA-80DAAFCE142E}] => (Allow) C:\Program Files (x86)\SAMSUNG\Easy Printer Manager\IDS.Application.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{106CFE5B-A9E2-460B-A7D0-B85F19E607B9}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe ()
FirewallRules: [{C7E37F00-5A80-489D-92D8-AB290B541B41}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe ()
FirewallRules: [{636EB336-E03D-459D-BA18-387F9B81F5A5}] => (Allow) C:\Windows\twain_32\Samsung\SCX472x\SCNSearch\USDAgent.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{B5933BF7-F279-450B-ACAD-D844B71651CD}] => (Allow) C:\Windows\twain_32\Samsung\SCX472x\SCNSearch\USDAgent.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{77AC6280-FE21-49BA-8076-274E945DA452}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FF11915-158F-4869-B4E8-4332EDA0446B}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{ACFB7A1A-8BDF-46F1-B017-B5DF22B7825F}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{E74F8B1C-82CA-46CD-8724-E6A746D069B1}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{A580524B-C046-42C8-8C98-474FB30FDEFA}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{80C47995-C377-41EE-A7AC-8FD125417B2B}] => (Allow) C:\Program Files (x86)\StarMoney 8.0\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{5DBEB3AF-B7D7-41A7-95F2-B5CAA71614B4}] => (Allow) C:\Program Files (x86)\StarMoney 8.0\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{72E2192D-DCCE-4CD3-A243-37F70AD72FB0}] => (Allow) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{125D2CC8-1917-44F8-AD07-F901E6DAEE60}] => (Allow) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{E4CDADA9-C8D9-4281-8D3A-641B906FF612}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FBC460B2-750C-4475-B1DF-F4E731598F8F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C0B4056E-B896-435C-BBE5-FF8029F17959}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CB2332EA-77AC-41DE-AD54-8B1B22BDC0F9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D63C74F5-9DCE-4F49-A501-D838905BB8A3}] => (Allow) LPort=1900
FirewallRules: [{3F0CB73A-4640-4B7B-A0AC-524E66E23823}] => (Allow) LPort=2869
FirewallRules: [{85832019-5E10-4687-9BE8-ECC6260C4DFB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8FD4C5AE-595E-498F-8798-C80B711E3A32}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTMa\RpcAgentSrv.exe (SiSoftware SPC -> SiSoftware)
FirewallRules: [{EAC2131E-C858-4016-A37A-39244DE143B9}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTMa\WNt600x64\RpcSandraSrv.exe (SiSoftware SPC -> SiSoftware)
FirewallRules: [{E36B8ACF-8359-403C-A78C-92A324CC7413}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{BC360F6F-15E7-41E1-B62B-85EB7905A5F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{BB7D5948-48ED-4EAB-A03A-F20FA33634CC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{723F00F3-C94A-4AA8-8B8C-ADEE384C6DDE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{22285455-4861-40CA-AF84-A47A465B99BC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{E9EB05C7-F1B2-4A42-9E0C-FB2F28F94450}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{8F52C9E2-B3DA-44A9-8BAA-6A4D8EE81A7D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{3BD7FF35-48D3-45BD-9FE9-BB13619E3476}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{7F27B019-7A82-44BC-BB74-111B9289FA8A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D7F35D4C-106D-4530-9335-56B85E3A1F47}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B179515E-4735-4291-92E8-091991AE3D0F}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe (Nero AG -> Nero AG)
FirewallRules: [UDP Query User{F25243EE-032E-48D1-A28D-87E3B7A7798B}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe (Nero AG -> Nero AG)
FirewallRules: [{1385DC69-A6B1-4BC0-9D65-8157D124AEB2}] => (Allow) C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{DFB62FF3-1428-4F6D-A4F4-81DC41F5E0B8}] => (Allow) C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{E9893F53-E371-4FBE-85C6-76B3704D2CE4}] => (Allow) C:\Program Files (x86)\StarMoney 11\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{D79CBD63-6CF9-4079-A770-69719C03945C}] => (Allow) C:\Program Files (x86)\StarMoney 11\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [TCP Query User{80BEE153-5774-41D5-A14D-E4CE9DA8D3AB}C:\programdata\oracle\java\javapath_target_11408312\javaw.exe] => (Block) C:\programdata\oracle\java\javapath_target_11408312\javaw.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{4CB35CD3-845A-495F-A93D-62177292CFD8}C:\programdata\oracle\java\javapath_target_11408312\javaw.exe] => (Block) C:\programdata\oracle\java\javapath_target_11408312\javaw.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [{71319923-89FC-4E6A-8881-F1F77EF8DFDA}] => (Allow) C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{88508942-A749-4B90-BB9F-A42A2337C1D6}] => (Allow) C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{C44D3FB8-92B1-4401-BFF0-2686661796B8}] => (Allow) C:\Program Files (x86)\StarMoney 11 Deluxe\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{053C25C9-2CA8-4A3F-9D9B-4915313877A3}] => (Allow) C:\Program Files (x86)\StarMoney 11 Deluxe\app\StarMoney.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{9BF1F087-EED4-4EED-A510-45C73278AFB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{28E175F7-20F5-44AF-81F4-7CEF8C980B20}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{40B34EE0-93AC-4B32-A958-1AE064C37D5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Sword 5\BS5.exe (Revolution Software Limited -> )
FirewallRules: [{DA323002-EA11-4CCE-8823-F6A4ABE779F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Sword 5\BS5.exe (Revolution Software Limited -> )
FirewallRules: [{984C0FBF-B229-4361-A13C-4DCBC8F3372B}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{7C54FC43-4952-4E98-9872-8E57189ED8E3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.1.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{AAB424B9-309E-4D64-952D-E0FFF643FF97}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.1.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{32903E7B-A05E-4543-8266-351A3EDBC343}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.1.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{CC2BE0C4-D747-49C6-A05A-607904A74E45}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.1.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{AE89B986-93F4-4AD2-9111-A4835C4C0A63}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.1.0\AutoUpdate.exe Keine Datei
FirewallRules: [{46927459-9BD1-43C6-97F3-7B8AF04198F3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.1.0\AutoUpdate.exe Keine Datei
FirewallRules: [{1E62C5DB-D5B2-461F-BFE8-911B85B92F95}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 15\onlineTV.exe (concept/design GmbH -> concept/design GmbH)
FirewallRules: [{3C7FA571-4E4E-471F-9DCB-A3A27A41ABE9}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 15\onlineTV.exe (concept/design GmbH -> concept/design GmbH)
FirewallRules: [{05C9090A-41FD-4AF2-9D29-85DC9EB55CB6}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{A3DE8ED1-6F58-4218-9781-2DE0B89909A3}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{86782259-2CA7-4787-8BF4-E4244A634285}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{B382C3E1-3ECE-41BB-BD2C-3A68C78EDE20}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{A07ECD6B-8B0E-4F38-9BAB-2E6F8BC29760}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{27CC4F54-9BAE-4869-B9C7-792561D2DE7A}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{87009C6B-D60A-49E0-8941-1CC239D00572}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{1D25E981-65EB-45CF-8EEB-5648BA48884C}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{6D657E7C-24AF-4D40-AD1E-50E22A0009CB}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{F4CEE049-1EA5-4B35-8983-7C845791147C}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{31527C75-B35E-4C7F-8A4A-E3A45140CF1A}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{8DC074CD-0399-454B-9CAB-448860DB5566}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{1D7764C7-8E9D-4BA8-A931-94A2B4AD56E1}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{8C17E322-3D6F-450B-9DD5-AE3F7541633B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{F58B7485-DF6A-47D4-95E9-B851EB8DA3B3}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{B06CC331-E1F5-4664-8A12-F75338EE7F76}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{ACF36966-2EBE-46B0-BAD5-65E47B2FCE8D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{215C33A1-57B6-4753-B4AF-01C6A35D6232}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> Acronis International GmbH)

==================== Wiederherstellungspunkte =========================

01-07-2018 22:37:12 Wiederherstellungsvorgang
15-07-2018 15:50:01 Windows Update
25-07-2018 17:29:47 alles ok
29-07-2018 15:38:13 Windows Update
29-07-2018 15:39:40 Windows Update
12-08-2018 15:56:07 Windows Update
17-08-2018 21:31:14 Windows Update
26-08-2018 15:51:41 Windows Update
02-09-2018 08:47:32 Windows Update
02-09-2018 08:48:56 Windows Update
10-09-2018 09:15:57 Windows Update
10-09-2018 09:17:39 Windows Update
30-09-2018 11:03:32 Windows Update
12-10-2018 08:58:14 Windows Update
15-10-2018 11:23:23 SteuerSparErklärung 2018 wurde installiert.
30-10-2018 11:20:32 Windows Update
30-10-2018 11:21:55 Windows Update
15-11-2018 09:19:01 Windows Update
27-11-2018 16:43:32 Windows Update
01-12-2018 20:53:07 nach treiberaktualisierung
14-12-2018 09:46:06 Windows Update
31-12-2018 21:23:01 Windows Update
17-01-2019 20:18:51 Windows Update
28-01-2019 09:08:13 Windows Update
29-01-2019 12:45:09 vor WSUS update
29-01-2019 14:23:23 Wiederherstellungsvorgang
03-02-2019 18:25:28 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/05/2019 11:30:29 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-12T10:30:29Z. Fehlercode: 0x80041315.

Error: (02/05/2019 11:29:59 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-12T10:29:59Z. Fehlercode: 0x80041315.

Error: (02/05/2019 11:29:29 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-12T10:29:29Z. Fehlercode: 0x80041315.

Error: (02/05/2019 11:28:59 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-12T10:28:59Z. Fehlercode: 0x80041315.

Error: (02/05/2019 11:28:29 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-12T10:28:29Z. Fehlercode: 0x80041315.

Error: (02/05/2019 11:27:59 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-12T10:27:59Z. Fehlercode: 0x80041315.

Error: (02/05/2019 11:27:29 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-12T10:27:29Z. Fehlercode: 0x80041315.

Error: (02/05/2019 11:26:59 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-12T10:26:59Z. Fehlercode: 0x80041315.


Systemfehler:
=============
Error: (02/03/2019 06:29:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Outlook 2013 (KB4461595) 32-Bit-Edition

Error: (02/03/2019 06:28:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Office 2013 (KB3172506) 32-Bit-Edition

Error: (02/03/2019 06:28:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Office 2013 (KB3039756) 32-Bit-Edition

Error: (02/03/2019 06:27:40 PM) (Source: DCOM) (EventID: 10016) (User: ki-PCmedion2012)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "ki-PCmedion2012\ki" (SID: S-1-5-21-453296214-1327697751-653560176-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/03/2019 06:15:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Synchronisierungshost_b9370" wurde mit folgendem Fehler beendet: 
In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (02/03/2019 06:10:11 PM) (Source: DCOM) (EventID: 10016) (User: ki-PCmedion2012)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "ki-PCmedion2012\ki" (SID: S-1-5-21-453296214-1327697751-653560176-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/03/2019 06:09:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde nicht richtig gestartet.

Error: (02/03/2019 06:03:23 PM) (Source: DCOM) (EventID: 10016) (User: ki-PCmedion2012)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "ki-PCmedion2012\ki" (SID: S-1-5-21-453296214-1327697751-653560176-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================

Date: 2019-02-04 13:03:59.113
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-02-04 13:03:58.367
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-02-04 13:03:58.282
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-02-04 13:03:58.204
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-02-04 13:03:58.116
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-02-03 16:24:34.534
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

Date: 2019-02-03 16:06:21.657
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

Date: 2019-02-03 11:21:28.963
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 16365.64 MB
Verfügbarer physikalischer RAM: 10540.39 MB
Summe virtueller Speicher: 32749.64 MB
Verfügbarer virtueller Speicher: 26676.13 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:118.26 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:26.24 GB) NTFS

\\?\Volume{b0840d3d-72b6-11e1-81c4-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{f36e9ecc-dada-11e1-b87d-8c89a5a3200d}\ (INTENSO-1TB) (Fixed) (Total:931.51 GB) (Free:469.41 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 58F6BA5B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
=
Disk: 1 (Size: 931.5 GB) (Disk ID: 0CD99F34)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ========

M-K-D-B · 06.02.2019, 16:26

Schritt 1
Die folgenden Programme sind veraltet, stören die Bereinigung oder es handelt sich um Werbesoftware bzw. unerwünschte Software (Adware, PUP) und müssen entfernt werden:

Deinstalliere über Start > Einstellungen > Apps (Windows 10) bzw. Start > Systemsteuerung > Programme deinstallieren (Windows 7) die folgenden Programme:
- CHIP Best Deal
- Cliqz
- Driver Booster
- DriverMax
- Torch
Starte den Rechner im Anschluss neu auf.
Gib eine kurze Rückmeldung, ob die Deinstallation erfolgreich war.

Schritt 2
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Einstellungen, scrolle nach unten und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Firewall wiederherstellen
- IPSec wiederherstellen
- Prefetch-Dateien löschen
- Proxy wiederherstellen
- IE-Policies wiederherstellen
- Chrome-Policies wiederherstellen
- Winsock wiederherstellen
Klicke nun auf Dashboard, dann auf Jetzt scannen und warte bis der Suchlauf abgeschlossen ist.
Klicke nun auf Bereinigen & Reparieren und bestätige mit Bereinigen & Neu Starten.

WICHTIG:
Sollte AdwCleaner nichts finden, klicke auf Grundlegende Reparatur ausführen und anschließend auf Bereinigen & Neu Starten.
Nach dem Neustart öffnet sich AdwCleaner automatisch. Klicke auf Log-Datei ansehen.
Poste mir deren Inhalt der Log-Datei mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt. (xx = fortlaufende Nummer).

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware.

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

eine Rückmeldung bezüglich der Deinstallationen,
die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die zwei neuen Logdateien von FRST.

libaki · 07.02.2019, 12:24

gestern wurde der Zugang zu web.de für 24 h gesperrt, heute nicht mehr.
Torch konnte nicht deinstalliert werden

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-02-06.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-07-2019
# Duration: 00:00:17
# OS:       Windows 10 Home
# Cleaned:  87
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\IObit\Advanced SystemCare V7
Deleted       C:\Users\ki\AppData\LocalLow\IObit\Advanced SystemCare V7
Deleted       C:\Users\ki\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Windows\SysWOW64\C2MP
Deleted       C:\ProgramData\torchcrashhandler
Deleted       C:\Users\ki\AppData\Local\torch
Deleted       C:\Users\ki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Deleted       C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Deleted       C:\Users\ki\AppData\Roaming\UpdateStar Drivers
Deleted       C:\extensions

***** [ Files ] *****

Deleted       C:\Users\ki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
Deleted       C:\Users\ki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\Power Suite

***** [ Registry ] *****

Deleted       HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted       HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted       HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKU\S-1-5-18\Software\AppDataLow\Software\AskToolbar
Deleted       HKCU\Software\AppDataLow\Software\AskToolbar
Deleted       HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
Deleted       HKCU\Software\AskToolbar
Deleted       HKLM\Software\Wow6432Node\AskToolbar
Deleted       HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\iLivid
Deleted       HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Acronis Scheduler2 Service
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|UpdateStar Drivers
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ApnUpdater
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Deleted       HKCU\Software\torch
Deleted       HKLM\Software\Wow6432Node\torch
Deleted       HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-453296214-1327697751-653560176-1001\Software\Ciuvo
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Deleted       HKCU\Software\MozillaPlugins\TorchVLC
Deleted       HKLM\Software\Wow6432Node\Clients\StartMenuInternet\Torch
Deleted       HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
Deleted       HKLM\SOFTWARE\Classes\Applications\Torch.exe
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\GenericAskToolbar.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Deleted       HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\{20B9C05C-99C9-4BAB-B596-FB0C0E1C9F55}
Deleted       HKLM\Software\Classes\AppID\{20B9C05C-99C9-4BAB-B596-FB0C0E1C9F55}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24243E1D-F5AD-4948-8F67-7792EF2559A1}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24243E1D-F5AD-4948-8F67-7792EF2559A1}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Suite
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ttdetect.staticimgfarm.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\staticimgfarm.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ak.staticimgfarm.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ttdetect.staticimgfarm.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\staticimgfarm.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ak.staticimgfarm.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hp.myway.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hp.myway.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.solvusoft.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\solvusoft.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.solvusoft.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{54EE8838-B776-44DE-BE99-93CE332842D8}
Deleted       HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

Deleted       Bing Search Engine

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Windows Firewall
[+] Reset IPSec
[+] Reset Chromium Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [12354 octets] - [07/02/2019 10:13:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 07.02.19
Scan-Zeit: 10:32
Protokolldatei: 4b446eea-2abb-11e9-847b-8c89a5a3200d.json

-Softwaredaten-
Version: 3.7.1.2839
Komponentenversion: 1.0.538
Version des Aktualisierungspakets: 1.0.9152
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 17134.523)
CPU: x64
Dateisystem: NTFS
Benutzer: ki-PCmedion2012\ki

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 481813
Erkannte Bedrohungen: 10
In die Quarantäne verschobene Bedrohungen: 10
Abgelaufene Zeit: 20 Min., 38 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
PUP.Optional.GoodGame, C:\USERS\KI\APPDATA\ROAMING\DESKTOPICONGOODGAME, In Quarantäne, [3894], [538244],1.0.9152

Datei: 9
PUP.Optional.GoodGame, C:\USERS\KI\APPDATA\ROAMING\DESKTOPICONGOODGAME\GOODGAME.ICO, In Quarantäne, [3894], [538244],1.0.9152
PUP.Optional.ChipDe, C:\USERS\KI\DOWNLOADS\FREECOMMANDER XE 2015 - CHIP-INSTALLER.EXE, In Quarantäne, [499], [621518],1.0.9152
PUP.Optional.ChipDe, C:\USERS\KI\DOWNLOADS\ANKI-2.0.33 - CHIP-INSTALLER.EXE, In Quarantäne, [499], [621518],1.0.9152
PUP.Optional.ChipDe, C:\USERS\KI\DOWNLOADS\OPERA - CHIP-INSTALLER.EXE, In Quarantäne, [499], [621518],1.0.9152
PUP.Optional.ChipDe, C:\USERS\KI\DOWNLOADS\PORTABLEAPPS PLATFORM - CHIP-INSTALLER.EXE, In Quarantäne, [499], [621518],1.0.9152
PUP.Optional.ChipDe, C:\USERS\KI\DOWNLOADS\TEAMVIEWER PORTABLE - CHIP-INSTALLER.EXE, In Quarantäne, [499], [562568],1.0.9152
PUP.Optional.ChipDe, C:\USERS\KI\DOWNLOADS\WINDOWS INSTALLER MSI - CHIP-INSTALLER.EXE, In Quarantäne, [499], [621518],1.0.9152
PUP.Optional.ChipDe, C:\USERS\KI\DOWNLOADS\WEBSITE X5 COMPACT 11 - CHIP-INSTALLER.EXE, In Quarantäne, [499], [621518],1.0.9152
PUP.Optional.ChipDe, C:\USERS\KI\DOWNLOADS\SYSTEM MECHANIC - CHIP-INSTALLER.EXE, In Quarantäne, [499], [621518],1.0.9152

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

LastRegBack: 2018-05-02 06:41

==================== Ende von FRST.txt ============================

Code:

ATTFilter

LastRegBack: 2018-05-02 06:41

==================== Ende von FRST.txt ============================

Code:

ATTFilter

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 16365.64 MB
Verfügbarer physikalischer RAM: 12671.35 MB
Summe virtueller Speicher: 32749.64 MB
Verfügbarer virtueller Speicher: 28875.9 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:116.48 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:26.22 GB) NTFS
Drive e: () (Removable) (Total:1.87 GB) (Free:1.69 GB) FAT

\\?\Volume{b0840d3d-72b6-11e1-81c4-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 58F6BA5B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=1.9 GB) - (Type=06)

==================== Ende von Addition.txt ============================

M-K-D-B · 07.02.2019, 21:48

Die Logdateien von FRST (FRST.txt und Addition.txt) sind unvollständig.

Bitte den Suchlauf mit FRST wiederholen.

libaki · 08.02.2019, 12:20

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 6.02.2019
durchgeführt von ki (Administrator) auf KI-PCMEDION2012 (08-02-2019 12:04:14)
Gestartet von C:\Users\ki\Desktop
Geladene Profile: ki &  (Verfügbare Profile: ki & admin2 & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Genie9) C:\Program Files\Genie9\Zoolz2\ZoolzService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\FABS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
() C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe
() C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\VssRequestor64\vss_requestor.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Avanquest Software) C:\Program Files\eXpert PDF 10\creator-ws.exe
(Farbar) C:\Users\ki\Desktop\FRST64(1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [177928 2018-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754416 2018-11-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4785640 2018-11-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4231160 2019-01-29] (Steganos Software GmbH -> Steganos Software GmbH)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115206809\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115206873\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-03-18] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-453296214-1327697751-653560176-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115206930\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-03-18] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-453296214-1327697751-653560176-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207895\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115208114\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.ffds] => C:\WINDOWS\system32\ff_vfw.dll [127488 2013-03-13] ()
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [243746 2011-06-24] ()
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw64.dll [4035584 2012-07-01] (x264vfw project)
HKLM\...\Drivers32: [vidc.lags] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( )
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\...\Drivers32-x32: [vidc.ffds] => C:\WINDOWS\SysWOW64\ff_vfw.dll [112640 2013-03-13] ()
HKLM\...\Drivers32-x32: [vidc.xvid] => C:\WINDOWS\SysWOW64\xvidvfw.dll [242259 2011-06-24] ()
HKLM\...\Drivers32-x32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [4102656 2012-07-01] (x264vfw project)
HKLM\...\Drivers32-x32: [vidc.lags] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-11] (Google Inc -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2018-03-04]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{58f6ba5b-0000-0000-0000-500600000000}\bootwiz\asrm.bin

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-453296214-1327697751-653560176-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207895] => hxxp://127.0.0.1:8445/okayfreedom.pac
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{22e60306-d594-4276-8a62-50849289112a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b3c6bdab-6d75-49d3-871d-38b982e51877}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b3c6bdab-6d75-49d3-871d-38b982e51877}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-453296214-1327697751-653560176-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207895\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-453296214-1327697751-653560176-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207895 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: CHIP Best Deal BHO -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> C:\Program Files (x86)\chip\Internet Explorer\chip64.dll [2014-11-18] (Ciuvo GmbH -> )
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-18] (Google Inc -> Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Soda PDF 8 Helper -> {33779F20-17D7-4CC6-8248-78A4A78CEBFC} -> C:\Program Files (x86)\Soda PDF 8\creator-ie-helper.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Soda PDF Desktop Helper -> {A2792EEC-6618-4C4C-8ECF-B51ECB5DC2A1} -> C:\Program Files (x86)\Soda PDF Desktop\creator-ie-helper.dll [2017-03-23] (LULU Software -> LULU Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-18] (Google Inc -> Google Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: eXpert PDF 10 Helper -> {D9B7E477-2C0F-4BCA-B63F-9AF4E03D05E1} -> C:\Program Files (x86)\eXpert PDF 10\creator-ie-helper.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-04] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 15\SPMIEToolbar64.dll [2015-05-21] (Steganos Software GmbH -> Steganos Software GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-18] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Soda PDF 8 Toolbar - {A2689669-AD38-4AFD-B370-23E97E2B9D18} - C:\Program Files (x86)\Soda PDF 8\creator-ie-plugin.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 15\SPMIEToolbar.dll [2015-05-21] (Steganos Software GmbH -> Steganos Software GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-18] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Soda PDF Desktop Toolbar - {D53D09FE-B1AC-4EE8-AE26-FD43D8B4B62F} - C:\Program Files (x86)\Soda PDF Desktop\creator-ie-plugin.dll [2017-03-23] (LULU Software -> LULU Software)
Toolbar: HKLM-x32 - eXpert PDF 10 Toolbar - {570F0ABC-DF49-4A09-8687-79F921605B7A} - C:\Program Files (x86)\eXpert PDF 10\creator-ie-plugin.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-06-01] (Skype Software Sarl -> Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515 [2019-02-08]
FF Homepage: Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515 -> hxxps://www.google.de/
FF Extension: (WEB.DE MailCheck) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\browser-mailcheck@web.de.xpi [2018-12-31]
FF Extension: (Cliqz) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\cliqz@cliqz.com.xpi [2019-01-30]
FF Extension: (iCloud-Lesezeichen) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\firefoxdav@icloud.com.xpi [2018-08-01]
FF Extension: (Xmarks Bookmark Sync) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\foxmarks@kei.com.xpi [2017-12-05]
FF Extension: (Trusted Shops-Erweiterung) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\jid1-PBNne26X1Kn6hQ@jetpack.xpi [2018-10-12]
FF Extension: (Web of Trust) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2018-06-27]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
FF Extension: (OkayFreedom) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2017-04-11]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [Legacy]
FF Extension: (WEB.DE MailCheck) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\browser-mailcheck@web.de.xpi [2019-01-24]
FF HKLM\...\Firefox\Extensions: [soda_pdf_8_conv@sodapdf.com] - C:\Program Files\Soda PDF 8\resources\sodapdf8firefoxextension
FF Extension: (Soda PDF 8 Creator) - C:\Program Files\Soda PDF 8\resources\sodapdf8firefoxextension [2016-01-20] [Legacy] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [expert_pdf_10_conv@expert-pdf.com] - C:\Program Files\eXpert PDF 10\resources\expertpdf10firefoxextension
FF Extension: (eXpert PDF 10 Creator) - C:\Program Files\eXpert PDF 10\resources\expertpdf10firefoxextension [2017-07-20] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-10] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 15\spmplugin3
FF Extension: (Steganos Password Manager) - C:\Program Files (x86)\Steganos Password Manager 15\spmplugin3 [2016-03-08] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-07-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-07-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: eXpert PDF 10 -> C:\Program Files (x86)\eXpert PDF 10\np-previewer.dll [2016-12-02] (Avanquest Software)
FF Plugin-x32: Soda PDF 8 -> C:\Program Files (x86)\Soda PDF 8\np-previewer.dll [2016-01-11] (LULU SOFTWARE LIMITED)
FF Plugin-x32: Soda PDF Desktop -> C:\Program Files (x86)\Soda PDF Desktop\np-previewer.dll [2017-03-23] (LULU Software)
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: @soe.sony.com/installer,version=1.0.3 -> C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\s3j4fal3.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: SkypePlugin -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi.dll [2015-09-14] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: SkypePlugin64 -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi-x64.dll [2015-09-14] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184: @soe.sony.com/installer,version=1.0.3 -> C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\s3j4fal3.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184: SkypePlugin -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi.dll [2015-09-14] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184: SkypePlugin64 -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi-x64.dll [2015-09-14] (Skype Technologies S.A.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default [2019-02-07]
CHR Extension: (Bing Search Engine) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-05-02]
CHR Extension: (Avira Browserschutz) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-01-10]
CHR Extension: (Skype) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jhpokclhnekmjlhknfihmghoblfgfeog] - C:\Program Files (x86)\chip\Chrome\chip-1.4.21.crx [2014-11-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [9532288 2019-01-04] (Emsisoft Ltd -> Emsisoft Ltd)
S3 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] (Wolters Kluwer Deutschland GmbH -> )
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [4380176 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-14] (Apple Inc. -> Apple Inc.)
S3 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
S3 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99200 2015-08-10] (Alcohol Soft -> Alcohol Soft Development Team)
S3 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-25] (Digital Wave Ltd -> Digital Wave Ltd.) [Datei ist nicht signiert]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302160 2018-12-13] (ESET, spol. s r.o. -> ESET)
R2 ExeLock; C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE [469352 2015-10-15] (abylonsoft_CodeSign -> )
S3 eXpert PDF 10; C:\Program Files\eXpert PDF 10\ws.exe [2321608 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
S3 eXpert PDF 10 CrashHandler; C:\Program Files\eXpert PDF 10\crash-handler-ws.exe [921288 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
R3 eXpert PDF 10 Creator; C:\Program Files\eXpert PDF 10\creator-ws.exe [733384 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
S3 eXpert PDF 10 Manager; C:\ProgramData\Avanquest Software\eXpert PDF 10 Manager\eXpert PDF 10\eXpert PDF 10 Manager.exe [963832 2016-02-10] (Avanquest UK Ltd -> Avanquest Software)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
S4 GSService; C:\Windows\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
S4 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2012-09-14] () [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2018-06-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1765160 2018-11-23] (Acronis International GmbH -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [359944 2019-01-29] (Steganos Software GmbH -> Steganos Software GmbH)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2162064 2017-05-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3136920 2017-05-19] (Electronic Arts, Inc. -> Electronic Arts)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
S4 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-06-20] (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTMa\RpcAgentSrv.exe [76784 2015-12-20] (SiSoftware SPC -> SiSoftware) [Datei ist nicht signiert]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Flexera Software LLC -> Secunia)
S3 SODA Manager; C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe [873272 2015-08-11] (LULU SOFTWARE LIMITED -> LULU Software Limited)
S3 Soda PDF 8; C:\Program Files\Soda PDF 8\ws.exe [2263840 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
S3 Soda PDF 8 CrashHandler; C:\Program Files\Soda PDF 8\crash-handler-ws.exe [920352 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
S3 Soda PDF 8 Creator; C:\Program Files\Soda PDF 8\creator-ws.exe [733472 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
S3 Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2702184 2017-03-23] (LULU Software -> LULU Software)
S3 Soda PDF Desktop Creator; C:\Program Files\Soda PDF Desktop\creator-ws.exe [755048 2017-03-23] (LULU Software -> LULU Software)
R2 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-11-25] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 11 Deluxe OnlineUpdate; C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\StarMoneyOnlineUpdate.exe [750568 2018-12-03] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 11 OnlineUpdate; C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe [750568 2018-12-03] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
S4 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [19456 2013-03-06] (Clarus, Inc.) [Datei ist nicht signiert]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [6926040 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo for iOS\DriverInstall.exe [103576 2015-11-04] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare)
R2 Zoolz 2 Service; C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [477000 2018-12-16] (Genie9 LTD -> Genie9)
S3 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> ) [Datei ist nicht signiert]
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> ) [Datei ist nicht signiert]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-29] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-10-29] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2014-01-02] (iolo technologies, LLC -> EldoS Corporation)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-29] (ESET, spol. s r.o. -> ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
R1 epp; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp.sys [168032 2019-01-07] (Emsisoft Ltd -> Emsisoft Ltd)
R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37064 2018-04-06] (Emsisoft Ltd -> Emsisoft Ltd)
R1 eppwfp; C:\Program Files (x86)\Emsisoft Anti-Malware\eppwfp.sys [131952 2019-01-02] (Emsisoft Ltd -> Emsisoft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [667144 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 FSProFilter2; C:\WINDOWS\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (Alfa System Programming -> FSPro Labs)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-12-01] (Martin Malik - REALiX -> REALiX(tm))
S3 iaLPSSi_GPIO; C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128 2018-04-12] (Intel Corporation - Client Components Group -> Intel Corporation)
R3 ICCWDT; C:\WINDOWS\System32\drivers\ICCWDT.sys [39504 2018-12-01] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-02-07] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-02-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72864 2019-02-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-02-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-02-08] (Malwarebytes Corporation -> Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2013-02-25] (北京铠信神州科技有限责任公司 -> )
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] (Clarus, Inc. -> )
R3 MEIx64; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [195152 2016-04-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] (Clarus, Inc. -> )
R3 NVHDA; C:\WINDOWS\system32\drivers\nvhda64v.sys [227896 2018-12-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoi.inf_amd64_3235b21d5787151d\nvlddmkm.sys [17544792 2018-12-01] (NVIDIA Corporation -> NVIDIA Corporation)
S0 nvraid; C:\WINDOWS\System32\drivers\nvraid.sys [150424 2018-04-12] (Microsoft Windows -> NVIDIA Corporation)
S0 nvstor; C:\WINDOWS\System32\drivers\nvstor.sys [166304 2018-04-12] (Microsoft Windows -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2019-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia -> Secunia)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-09-30] (iolo technologies, LLC -> EldoS Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1122200 2019-01-20] (Realtek Semiconductor Corp. -> Realtek )
R3 RTL8192su; C:\WINDOWS\System32\drivers\RTL8192su.sys [687616 2018-04-12] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2018-12-01] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S0 SiSRaid2; C:\WINDOWS\System32\drivers\SiSRaid2.sys [44952 2018-04-12] (Microsoft Windows -> Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\WINDOWS\System32\drivers\sisraid4.sys [81816 2018-04-12] (Microsoft Windows -> Silicon Integrated Systems)
R1 SLEE_19_DRIVER; C:\Windows\Sleen1964.sys [117848 2014-10-24] (Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus) -> Softwareentwicklung Remus - ArchiCrypt - )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-10-22] (Synaptics Incorporated -> Synaptics Incorporated)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [162360 2016-12-12] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [885880 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [173536 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2013-12-12] (Paragon Software GmbH -> )
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2013-12-12] (Paragon Software GmbH -> )
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2013-12-12] (Paragon Software GmbH -> )
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [129008 2010-09-23] (CyberLink -> CyberLink)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

Error(1) reading file: "C:\Users\ki\Downloads\Erinnerung - Schriftliche Bestätigung Umbaumaßnahme "
2019-02-08 12:04 - 2019-02-08 12:08 - 000044173 _____ C:\Users\ki\Desktop\FRST.txt
2019-02-08 11:53 - 2019-02-08 11:53 - 000000000 ___HD C:\WINDOWS\AxInstSV
2019-02-08 11:50 - 2019-02-08 11:50 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-02-08 11:50 - 2019-02-08 11:50 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-02-08 11:50 - 2019-02-08 11:50 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-02-08 11:50 - 2019-02-08 11:50 - 000072864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-02-07 11:10 - 2019-02-07 11:11 - 000001355 _____ C:\Users\ki\Desktop\Addition-alt2.txt
2019-02-07 11:10 - 2019-02-07 11:11 - 000000102 _____ C:\Users\ki\Desktop\FRST-alt2.txt
2019-02-07 11:05 - 2019-02-07 11:05 - 000000000 ____D C:\Users\ki\Desktop\FRST-OlderVersion
2019-02-07 11:04 - 2019-02-07 11:04 - 000002588 _____ C:\Users\ki\Desktop\mbam.txt
2019-02-07 10:31 - 2019-02-07 10:31 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-02-07 10:31 - 2019-02-07 10:31 - 000000000 ____D C:\Users\ki\AppData\Local\mbamtray
2019-02-07 10:31 - 2019-02-07 10:31 - 000000000 ____D C:\Users\ki\AppData\Local\mbam
2019-02-07 10:30 - 2019-02-07 10:30 - 000001969 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-07 10:30 - 2019-02-07 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-07 10:30 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-02-07 10:30 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-07 10:24 - 2019-02-07 10:24 - 000011086 _____ C:\Users\ki\Desktop\AdwCleaner[C00].txt
2019-02-07 10:08 - 2019-02-07 10:14 - 000000000 ____D C:\AdwCleaner
2019-02-06 17:35 - 2019-02-06 17:35 - 000222836 _____ C:\Users\ki\Downloads\Tickets_956213.pdf
2019-02-06 17:01 - 2019-02-06 17:01 - 000222838 _____ C:\Users\ki\Downloads\attachment(4).pdf
2019-02-06 17:00 - 2019-02-06 17:01 - 000222845 _____ C:\Users\ki\Downloads\attachment(3)
2019-02-05 19:41 - 2019-02-05 19:41 - 000001146 _____ C:\Users\Public\Desktop\OkayFreedom.lnk
2019-02-05 11:29 - 2019-02-07 11:10 - 000097616 _____ C:\Users\ki\Desktop\Addition-alt.txt
2019-02-05 11:26 - 2019-02-08 12:04 - 000000000 ____D C:\FRST
2019-02-05 11:26 - 2019-02-07 11:10 - 000087114 _____ C:\Users\ki\Desktop\FRST-alt.txt
2019-02-05 11:25 - 2019-02-07 11:05 - 002433536 _____ (Farbar) C:\Users\ki\Desktop\FRST64(1).exe
2019-02-05 11:25 - 2019-02-05 11:25 - 002433024 _____ (Farbar) C:\Users\ki\Downloads\FRST64(1).exe
2019-02-05 10:55 - 2019-02-05 10:55 - 000380544 _____ C:\Users\ki\Downloads\2_1_Massage_und_Gleitgel_Aloe_Vera_300_ml_306207DR.pdf
2019-02-05 10:54 - 2019-02-05 10:54 - 000469643 _____ C:\Users\ki\Downloads\Soft_Touch_Vibrator_mit_gebogener_Spitze_12_5_cm_008896TO.pdf
2019-02-05 10:53 - 2019-02-05 10:53 - 000470912 _____ C:\Users\ki\Downloads\Vibrationsring_inklusive_Batterien_005666TO.pdf
2019-02-04 13:06 - 2019-02-04 13:06 - 000061450 _____ C:\Users\ki\Downloads\Berlin-Fahrt(1).pdf
2019-02-04 13:03 - 2019-02-04 13:03 - 000140167 _____ C:\Users\ki\Downloads\2019-KW06_Probenplan_korrigiert.pdf
2019-02-02 23:12 - 2019-02-02 23:12 - 000000000 ____D C:\cobirescue
2019-02-02 19:59 - 2019-01-08 22:06 - 009189024 _____ C:\notfall.lnx
2019-02-02 19:59 - 2017-12-11 14:15 - 000000828 _____ C:\menu.lst
2019-02-02 19:59 - 2011-10-17 07:38 - 000217769 _____ C:\grldr
2019-02-02 19:59 - 2011-10-17 07:38 - 000009216 _____ C:\grldr.mbr
2019-02-02 19:50 - 2019-02-03 17:33 - 000000000 ____D C:\Program Files (x86)\RescueLoader
2019-02-01 21:15 - 2019-02-01 21:15 - 000140162 _____ C:\Users\ki\Downloads\2019-KW06_Probenplan.pdf
2019-02-01 10:36 - 2019-02-01 10:36 - 001296877 _____ C:\Users\ki\Downloads\week-2019-05.pdf
2019-02-01 10:36 - 2019-02-01 10:36 - 001296877 _____ C:\Users\ki\Downloads\week-2019-05(1).pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000356541 _____ C:\Users\ki\Downloads\elternbrief februar 2019.pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000082979 _____ C:\Users\ki\Downloads\Schulkalender-2019-2020-querformat.pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000010787 _____ C:\Users\ki\Downloads\Ferienplan_2019-2020.pdf
2019-01-31 18:13 - 2019-01-31 18:13 - 000000000 ____D C:\ProgramData\StarFinanz
2019-01-30 23:23 - 2019-01-30 23:23 - 000000000 ____D C:\ProgramData\Mozilla
2019-01-29 21:02 - 2019-01-29 21:02 - 000667144 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector(354).sys
2019-01-29 21:02 - 2019-01-29 10:45 - 000667144 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector.sys
2019-01-29 12:41 - 2019-02-03 16:40 - 000000000 ____D C:\Users\ki\Documents\wsusoffline115-1
2019-01-29 12:06 - 2019-01-29 12:06 - 005155328 _____ C:\Users\ki\Downloads\windowsdefender1593dt.msi
2019-01-29 10:46 - 2019-01-29 10:46 - 003947888 _____ (Acronis) C:\WINDOWS\system32\auto_reactivate.exe
2019-01-29 10:18 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-25 17:52 - 2019-01-25 17:52 - 000225631 _____ C:\Users\ki\Downloads\Jahresplan2019-01_25_Domspatzen_Chöre.pdf
2019-01-25 17:51 - 2019-01-25 17:51 - 000142431 _____ C:\Users\ki\Downloads\2019-KW05_Probenplan.pdf
2019-01-25 13:12 - 2019-01-25 13:12 - 000002918 _____ C:\Users\ki\Downloads\transcript(1).txt
2019-01-25 12:57 - 2019-01-25 12:57 - 000000803 _____ C:\Users\ki\Downloads\transcript.txt
2019-01-25 09:29 - 2019-01-25 09:29 - 010245888 _____ (Acronis) C:\Users\ki\Downloads\AcronisBackup_12.5_web.exe
2019-01-25 09:12 - 2019-01-25 09:12 - 006322446 _____ C:\Users\ki\Downloads\Handbuch PC.pdf
2019-01-23 11:24 - 2019-01-23 11:24 - 000040214 _____ C:\Users\ki\Downloads\Erstinformation(1).pdf
2019-01-23 10:05 - 2019-01-23 10:05 - 000185089 _____ C:\Users\ki\Downloads\Abfuhrkalender_2019.pdf
2019-01-22 21:47 - 2019-01-22 21:47 - 000240290 _____ C:\Users\ki\Downloads\m4_01_familie_lustig.docx(2).pdf
2019-01-22 11:44 - 2019-01-22 11:44 - 000000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2019-01-22 11:43 - 2019-01-29 10:44 - 000243472 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\volume_tracker.sys
2019-01-22 11:43 - 2019-01-29 10:44 - 000001278 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2019-01-22 11:43 - 2019-01-22 11:43 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2416.sys
2019-01-22 11:43 - 2019-01-22 11:43 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2310.sys
2019-01-21 13:10 - 2019-01-21 13:10 - 001011355 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_e07a6baa9f52ad1b6963a254442483dc58bd2a77.pdf
2019-01-21 13:10 - 2019-01-21 13:10 - 001011262 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_ec8e07990905a7dd7e1afca71d5dad88d05e4810.pdf
2019-01-21 13:09 - 2019-01-21 13:09 - 001011273 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_18d258071d847432af70aa72224b6cfaaf3bfcf1.pdf
2019-01-21 13:08 - 2019-01-21 13:08 - 001011335 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_02603c2f33748c27dfd5db1112274d0dda0ec8ee.pdf
2019-01-21 12:50 - 2019-01-21 12:50 - 000088603 _____ C:\Users\ki\Downloads\AKD-73659465278.pdf
2019-01-21 12:47 - 2019-01-21 12:52 - 574094312 _____ C:\Users\ki\Downloads\AcronisTrueImage2018.exe
2019-01-21 12:34 - 2019-01-21 12:34 - 000088620 _____ C:\Users\ki\Downloads\AKD-73651673788.pdf
2019-01-19 09:11 - 2019-01-19 09:11 - 000186896 _____ C:\Users\ki\Downloads\2019-KW04_Probenplan.pdf
2019-01-19 09:09 - 2019-01-19 09:09 - 000621253 _____ C:\Users\ki\Downloads\Dispo2019-01_07_Eltern.pdf
2019-01-18 09:39 - 2019-01-18 09:39 - 000071091 _____ C:\Users\ki\Downloads\RG150508157000.pdf
2019-01-17 20:38 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-17 20:38 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-17 20:38 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-17 20:38 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-17 20:37 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-17 20:37 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-17 20:37 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-17 20:37 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-17 20:37 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-17 20:37 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-17 20:37 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-17 20:37 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-17 20:37 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-17 20:37 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-17 20:37 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-17 20:37 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-17 20:37 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-17 20:37 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase(405).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 001363536 ____N (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes(582).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-17 20:37 - 2019-01-01 08:13 - 000436024 ____N (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0(486).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-17 20:37 - 2019-01-01 08:12 - 002765344 ____N (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil(470).dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6(489).dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-17 20:37 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-17 20:37 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-17 20:37 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-17 20:37 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-17 20:37 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-17 20:37 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-17 20:37 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-17 20:37 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-17 20:37 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001549824 ____N (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv(480).dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000662528 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov(585).dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-17 20:37 - 2019-01-01 07:43 - 001805312 ____N (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-17 20:37 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon(545).dll
2019-01-17 20:37 - 2019-01-01 07:42 - 004939776 ____N (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet(576).dll
2019-01-17 20:37 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 001159680 ____N (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss(514).dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000899072 ____N (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos(472).dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase(593).dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil(602).dll
2019-01-17 20:37 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-17 20:37 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-17 20:37 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-17 20:37 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 004514816 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet(630).dll
2019-01-17 20:37 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-17 20:37 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-17 20:37 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-17 20:37 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-01-17 20:37 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-17 20:37 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-17 20:37 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-17 20:37 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-17 20:37 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-01-17 20:37 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-17 20:37 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-01-17 20:37 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-17 20:37 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-17 20:37 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-01-17 20:37 - 2018-12-14 07:54 - 006032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-01-17 20:37 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1(411).dll
2019-01-17 20:37 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-01-17 20:37 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-17 20:37 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-01-17 20:37 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-17 20:37 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-17 10:08 - 2019-01-17 10:08 - 000061450 _____ C:\Users\ki\Downloads\Berlin-Fahrt.pdf
2019-01-16 21:59 - 2019-01-16 21:59 - 000175691 _____ C:\Users\ki\Downloads\Tickets_946202.pdf
2019-01-16 21:57 - 2019-01-16 21:57 - 000175687 _____ C:\Users\ki\Downloads\attachment(2)
2019-01-16 11:45 - 2019-01-16 11:45 - 000046551 _____ C:\Users\ki\Downloads\InsuranceCertificate(1).pdf
2019-01-16 11:44 - 2019-01-16 11:44 - 000070434 _____ C:\Users\ki\Downloads\G6KHNL(1).pdf
2019-01-15 16:59 - 2019-01-15 16:59 - 000193894 _____ C:\Users\ki\Downloads\merkhilfe_fuer_das_fach_mathematik_standard(3).pdf
2019-01-15 16:59 - 2019-01-15 16:59 - 000193894 _____ C:\Users\ki\Downloads\merkhilfe_fuer_das_fach_mathematik_standard(2).pdf
2019-01-15 00:09 - 2019-01-15 00:09 - 000114408 _____ C:\Users\ki\Downloads\WhatsApp Image 2019-01-14 at 21.09.59.jpeg
2019-01-12 18:48 - 2019-01-17 10:48 - 000000000 ____D C:\Users\ki\Documents\BelegManager-Daten
2019-01-12 16:39 - 2019-01-12 16:39 - 000010495 _____ C:\Users\ki\Downloads\19elsdi1_elster_12.01.2019_16.36.pfx
2019-01-12 10:37 - 2019-01-12 10:37 - 000000000 ____D C:\Users\ki\AppData\Local\Phoenix360
2019-01-11 21:38 - 2019-01-11 21:38 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-01-11 21:38 - 2019-01-11 21:38 - 000002298 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2019-01-11 12:03 - 2019-01-11 12:03 - 000284090 _____ C:\Users\ki\Downloads\2017-05-24-einkommensteuerrechtliche-behandlung-von-vorsorgeaufwendungen_.pdf
2019-01-11 12:03 - 2019-01-11 12:03 - 000284090 _____ C:\Users\ki\Downloads\2017-05-24-einkommensteuerrechtliche-behandlung-von-vorsorgeaufwendungen_(1).pdf

==================== Ein Monat (geänderte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-02-08 12:06 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-08 12:01 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-08 11:58 - 2018-05-01 22:00 - 000000000 ____D C:\WINDOWS\system32\msmq
2019-02-08 11:57 - 2016-11-18 06:21 - 000000000 ____D C:\Users\ki\AppData\LocalLow\Mozilla
2019-02-08 11:51 - 2016-01-08 21:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-02-08 00:10 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-07 22:46 - 2018-05-02 06:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-07 16:33 - 2017-03-29 12:22 - 000000000 ____D C:\Program Files (x86)\StarMoney 11
2019-02-07 10:31 - 2015-02-14 13:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-07 10:30 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-07 10:14 - 2018-12-01 20:16 - 000000000 ____D C:\Users\ki\AppData\Roaming\IObit
2019-02-07 10:14 - 2014-03-01 11:12 - 000000000 ____D C:\Users\ki\AppData\LocalLow\IObit
2019-02-07 10:14 - 2014-03-01 11:08 - 000000000 ____D C:\ProgramData\IObit
2019-02-07 06:51 - 2017-11-04 18:26 - 000000000 ____D C:\Program Files (x86)\StarMoney 11 Deluxe
2019-02-07 06:50 - 2015-11-29 11:37 - 000000000 ____D C:\Program Files (x86)\StarMoney 10
2019-02-06 18:12 - 2014-03-01 11:12 - 000000000 ____D C:\ProgramData\ProductData
2019-02-06 17:18 - 2017-01-03 21:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-06 17:18 - 2016-12-16 10:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-06 08:46 - 2012-07-29 18:31 - 000000000 ____D C:\daten
2019-02-05 19:41 - 2018-03-07 10:22 - 000000000 ____D C:\Program Files (x86)\OkayFreedom
2019-02-05 19:41 - 2017-11-05 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2019-02-05 11:10 - 2017-01-03 21:27 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-03 18:03 - 2018-05-02 06:53 - 000000000 ____D C:\Users\ki
2019-02-03 17:52 - 2018-05-02 06:53 - 000000000 ____D C:\Users\DefaultAppPool
2019-02-03 17:52 - 2018-05-02 06:53 - 000000000 ____D C:\Users\admin2
2019-02-03 17:48 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\te-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\or-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\km-KH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\is-IS
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\id-ID
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\setup
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-02-03 17:48 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\be-BY
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\as-IN
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\IdentityCRL
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-02-03 17:39 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-02-03 17:39 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\servicing
2019-02-03 17:37 - 2018-06-13 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EverDoc
2019-02-03 17:37 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-03 17:37 - 2018-03-06 21:06 - 000000000 ____D C:\Users\ki\AppData\Local\ConnectedDevicesPlatform
2019-02-03 17:37 - 2017-03-02 13:40 - 000000000 ____D C:\Users\ki\AppData\Local\Nero_AG
2019-02-03 17:37 - 2017-03-01 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecom
2019-02-03 17:37 - 2016-11-16 19:51 - 000000000 ____D C:\Program Files\Soda PDF Desktop
2019-02-03 17:37 - 2015-11-13 11:31 - 000000000 ____D C:\Users\ki\Downloads\Soda PDF 8 Files
2019-02-03 17:37 - 2015-11-13 11:22 - 000000000 ____D C:\Users\ki\Documents\Soda PDF 8 Files
2019-02-03 17:37 - 2015-05-09 11:35 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-02-03 17:37 - 2014-08-07 18:11 - 000000000 ____D C:\Users\ki\Downloads\_abelsoft
2019-02-03 17:37 - 2014-08-07 16:36 - 000000000 ____D C:\Users\ki\AppData\Local\Abelssoft
2019-02-03 17:37 - 2013-03-13 07:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-02-03 17:37 - 2013-03-13 07:31 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-02-03 17:36 - 2018-04-08 22:31 - 000000000 ____D C:\Program Files\iTunes
2019-02-03 17:36 - 2017-05-10 19:44 - 000000000 ____D C:\Program Files (x86)\Yawcam
2019-02-03 17:36 - 2015-03-01 22:57 - 000000000 ____D C:\Program Files (x86)\WinHTTrack
2019-02-03 17:35 - 2013-03-13 07:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-02-03 17:34 - 2018-12-20 10:27 - 000000000 ____D C:\Program Files (x86)\AntiRansomware
2019-02-03 17:34 - 2018-06-13 21:46 - 000000000 ____D C:\PrinterPlusPlus
2019-02-03 17:34 - 2017-05-06 21:14 - 000000000 ____D C:\Program Files (x86)\ The Secret Legacy DE
2019-02-03 17:34 - 2017-04-15 14:36 - 000000000 ____D C:\Program Files (x86)\Everdoc
2019-02-03 17:34 - 2016-12-08 00:14 - 000000000 ____D C:\Program Files (x86)\Abelssoft Undeleter
2019-02-03 17:34 - 2016-08-06 19:42 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0
2019-02-03 17:34 - 2015-12-31 11:31 - 000000000 ____D C:\Program Files (x86)\Anki-Latein
2019-02-03 17:34 - 2015-06-21 11:12 - 000000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2019-02-03 17:34 - 2011-07-18 21:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-03 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-02-03 17:00 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-03 16:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\registration
2019-02-03 16:40 - 2014-12-05 09:12 - 000000000 ____D C:\Users\ki\AppData\Roaming\Steganos
2019-02-03 16:35 - 2012-08-12 12:57 - 000000000 __RHD C:\MSOCache
2019-02-02 19:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-02 13:53 - 2018-05-03 11:31 - 000000000 ____D C:\Users\ki\AppData\Local\D3DSCache
2019-01-31 21:01 - 2018-11-27 16:45 - 000000000 ____D C:\Program Files\rempl
2019-01-31 10:04 - 2013-08-04 19:55 - 000000000 ____D C:\Users\ki\AppData\Local\ElevatedDiagnostics
2019-01-29 21:01 - 2016-07-29 11:36 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file(358).sys
2019-01-29 21:01 - 2015-11-26 11:36 - 000173536 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter(357).sys
2019-01-29 10:46 - 2016-01-11 21:51 - 000290520 _____ (Acronis International GmbH) C:\WINDOWS\system32\snapapiar64.dll
2019-01-29 10:46 - 2016-01-11 21:51 - 000000000 _RSHD C:\bootwiz
2019-01-29 10:45 - 2015-11-26 11:17 - 000390592 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2019-01-29 10:45 - 2015-11-26 11:10 - 000000000 ____D C:\ProgramData\Acronis
2019-01-29 10:44 - 2016-07-29 11:36 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2019-01-29 10:44 - 2016-07-29 11:36 - 000001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2019-01-29 10:44 - 2015-11-26 11:36 - 000374264 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2019-01-29 10:44 - 2015-11-26 11:36 - 000173536 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2019-01-29 10:44 - 2015-11-26 11:16 - 000885880 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2019-01-29 10:44 - 2015-11-26 11:16 - 000693768 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2019-01-29 10:33 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI(407)
2019-01-29 10:25 - 2016-12-15 18:59 - 000001911 _____ C:\Users\ki\Desktop\System Mechanic - täglich.lnk
2019-01-29 10:20 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-24 12:18 - 2016-01-08 21:13 - 000000000 ____D C:\Users\ki\AppData\Local\Packages
2019-01-22 11:43 - 2012-10-12 13:40 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2019-01-21 10:41 - 2017-03-02 13:44 - 000000520 _____ C:\WINDOWS\Tasks\ki.job
2019-01-21 10:39 - 2017-03-02 13:44 - 000000382 _____ C:\WINDOWS\Tasks\ki NBAgent 6 0.job
2019-01-21 10:37 - 2017-03-02 13:41 - 000000552 _____ C:\WINDOWS\Tasks\ki Nero LIVEBackup 6 0.job
2019-01-21 10:32 - 2018-01-08 11:37 - 000001248 _____ C:\Users\ki\Desktop\Freecom Hard Drive Info.lnk
2019-01-20 22:57 - 2018-03-04 19:27 - 001122200 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2019-01-20 22:56 - 2018-03-04 19:16 - 000070024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2019-01-18 11:42 - 2012-11-18 18:30 - 000000000 ___RD C:\Users\ki\Documents\Scanned Documents
2019-01-17 21:58 - 2013-08-15 02:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-17 20:53 - 2011-07-18 21:31 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-17 20:50 - 2009-07-14 03:34 - 000000478 _____ C:\WINDOWS\win.ini
2019-01-17 12:39 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI(99)
2019-01-12 18:48 - 2012-10-03 17:09 - 000000000 ____D C:\Users\ki\AppData\Local\AAV
2019-01-12 18:48 - 2012-10-03 16:35 - 000000000 ____D C:\ProgramData\AAV
2019-01-12 17:46 - 2016-03-09 22:30 - 000000000 ____D C:\Users\ki\AppData\Roaming\elsterformular
2019-01-12 10:48 - 2018-03-22 17:38 - 000000000 ____D C:\ProgramData\Phoenix360
2019-01-12 10:37 - 2018-11-18 22:38 - 000002110 _____ C:\Users\Public\Desktop\System Mechanic.lnk
2019-01-12 10:37 - 2017-05-20 07:57 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-12 10:32 - 2014-08-04 15:14 - 000000000 ____D C:\Users\ki\AppData\Local\Downloaded Installations
2019-01-12 10:02 - 2012-10-03 17:09 - 000000000 ____D C:\Users\ki\Documents\Steuerfälle
2019-01-11 21:39 - 2017-07-19 07:10 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-11 21:37 - 2012-07-29 09:27 - 000000000 ____D C:\Program Files\Google
2019-01-11 21:37 - 2012-07-29 09:27 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-11 21:35 - 2017-07-18 08:09 - 000001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2019-01-11 21:35 - 2016-01-14 16:18 - 000000442 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1434372108.job
2019-01-11 21:35 - 2015-06-15 13:41 - 000000000 ____D C:\Program Files (x86)\Opera
2019-01-10 18:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-10-27 10:35 - 2013-10-27 10:35 - 000000432 _____ () C:\Users\ki\AppData\Roaming\.backup.dm
2014-06-30 23:20 - 2014-06-30 23:20 - 000000000 _____ () C:\Users\ki\AppData\Roaming\gdfw.log
2014-06-30 23:20 - 2014-06-30 23:20 - 000000779 _____ () C:\Users\ki\AppData\Roaming\gdscan.log
2014-01-10 10:51 - 2014-01-10 10:51 - 000000000 _____ () C:\Users\ki\AppData\Roaming\pdfconverter
2016-01-14 18:54 - 2015-12-08 15:13 - 015568896 _____ () C:\Users\ki\AppData\Roaming\Sandra.mdb
2017-11-17 10:34 - 2017-11-17 10:47 - 503043688 _____ () C:\Users\ki\AppData\Local\AcronisTrueImage2016_6595.exe
2016-01-10 20:43 - 2016-12-18 17:20 - 000007680 _____ () C:\Users\ki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-03-05 09:01 - 2018-03-06 22:46 - 000034048 _____ () C:\Users\ki\AppData\Local\parallels-pax.log
2013-07-07 19:23 - 2013-07-07 19:23 - 000007619 _____ () C:\Users\ki\AppData\Local\Resmon.ResmonCfg
2012-07-29 18:31 - 2012-07-29 18:31 - 000017408 _____ () C:\Users\ki\AppData\Local\WebpageIcons.db

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\dllhost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dllhost.exe => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-05-02 06:41

==================== Ende von FRST.txt ============================

--- --- ---

libaki · 08.02.2019, 12:22

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 6.02.2019
durchgeführt von ki (08-02-2019 12:08:59)
Gestartet von C:\Users\ki\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-05-02 06:14:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admin2 (S-1-5-21-453296214-1327697751-653560176-1007 - Administrator - Enabled) => C:\Users\admin2
Administrator (S-1-5-21-453296214-1327697751-653560176-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-453296214-1327697751-653560176-503 - Limited - Disabled)
Gast (S-1-5-21-453296214-1327697751-653560176-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-453296214-1327697751-653560176-1006 - Limited - Enabled)
ki (S-1-5-21-453296214-1327697751-653560176-1001 - Administrator - Enabled) => C:\Users\ki
WDAGUtilityAccount (S-1-5-21-453296214-1327697751-653560176-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Abelssoft Undeleter (HKLM-x32\...\{1FB7B731-3479-4128-8299-A53922E47675}_is1) (Version: 4.0 - Abelssoft)
abylon APP-BLOCKER 2015.5 (Privatversion) (HKLM-x32\...\abylonprotectionmanagerapp-blocker_is1) (Version: 2015.5 - abylonsoft)
abylon BASIC 16.00.2 (Privatversion) (HKLM\...\abylonprotectionmanagerbasic_is1) (Version: 16.00.2 - abylonsoft)
Acronis True Image (HKLM-x32\...\{97F880B8-30EB-4E94-A142-0D2AE3601BC8}) (Version: 23.4.14690 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{97F880B8-30EB-4E94-A142-0D2AE3601BC8}Visible) (Version: 23.4.14690 - Acronis)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - )
Anki (HKLM-x32\...\Anki) (Version:  - )
AntiRansomware 2018 (HKLM-x32\...\AbAppId-82_is1) (Version: 18.1 - Abelssoft)
Any Video Converter 6.1.5 (HKLM-x32\...\Any Video Converter) (Version: 6.1.5 - Anvsoft)
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A05FDFEC-4377-49E0-82CB-B6D1386E89DA}) (Version: 11.3.0.9 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.11 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 2.0.0.8 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Botanicula (HKLM-x32\...\Botanicula) (Version: 1.0 - Amanita Design, s.r.o.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CHIP Best Deal (HKLM-x32\...\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}) (Version: 1.4.21 - Ciuvo GmbH)
Cole2k Media - Codec Pack (Advanced) 8.0.2 (HKLM-x32\...\Cole2k Media - Codec Pack) (Version: 8.0.2 - Cole2k Media)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.53.0 - OEM) Hidden
concept/design onlineTV 15 (HKLM-x32\...\{C9F7D843-78C5-4A81-A350-D39F00E80178}_is1) (Version: 15.18.12.1 - concept/design GmbH)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden
Cut Out 3.0 (HKLM-x32\...\Cut Out_is1) (Version:  - Franzis.de)
Cut Out pro 4.0 (HKLM\...\Cut Out pro 4_is1) (Version:  - Franzis.de)
Cut Out pro 4.0 (HKLM-x32\...\Cut Out pro 4_is1) (Version:  - Franzis.de)
CutOut 5.0 professional (HKLM\...\CutOut 5 professional_is1) (Version: 5.0 - Franzis.de)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.2408 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Das große Franzis Know-how-Paket DIGITALE FOTOGRAFIE (HKLM-x32\...\Das große Franzis Know-how-Paket DIGITALE FOTOGRAFIE_is1) (Version:  - )
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 2.4.2.14 - INTENIUM GmbH)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.11.64.1020 - Electronic Arts Inc.)
Driver Easy 5.6.0 (HKLM\...\DriverEasy_is1) (Version: 5.6.0 - Easeware)
EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.1.7.20160205 - Landesfinanzdirektion Thüringen)
EmRegSysSetup (HKLM-x32\...\{F981214A-0688-45E0-9329-B08BB26B74F9}) (Version: 1.6.0.1306 - Engelmann GmbH) Hidden
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
Erbschaftsplaner (HKLM-x32\...\{8ECA57C8-5C32-4196-B84B-C05818D5CB88}) (Version: 9.01.4 - Wolters Kluwer Deutschland GmbH)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 11.0.159.0 - ESET, spol. s r.o.)
EverDoc 2018 (HKLM-x32\...\{CE690D98-4029-4620-879D-8018BF9CFBEC}_is1) (Version: 3.26 - Abelssoft)
EverDoc Printer++ (64bit) (HKLM\...\{D8156771-98B2-4A23-8122-C904F2410DF1}) (Version: 1.0.0 - Printer++)
eXpert PDF 10 Asian Fonts Pack (HKLM\...\{E56F569B-E087-4408-BAC8-EAFF9808C40B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Convert Module (HKLM\...\{14EAE63C-8627-4FAC-89CD-E1BC5F6BE400}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Create Module (HKLM\...\{7A58AA20-FCA7-47AD-B766-1DC0E363E514}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Edit Module (HKLM\...\{04F3C8D3-E68A-420E-955C-D6EA51434DD3}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Forms Module (HKLM\...\{8E26322E-3348-4BC7-AA55-7E7A82A3391B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Insert Module (HKLM\...\{50DF4766-CCD7-4BEB-B46F-728F6526077F}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 OCR Module (HKLM\...\{13E8528E-D6ED-459E-AEB2-CC0E8E68962A}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Review Module (HKLM\...\{39B5B664-DD6B-4397-83B3-BFF70B18B8B5}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Secure Module (HKLM\...\{FB5E4A8D-421B-47A1-82DE-28630F24476B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 View Module (HKLM\...\{CAB4BBED-DD47-4857-8E46-C34F3B295080}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
File Repair (HKLM-x32\...\File Repair_is1) (Version:  - File Repair)
FileFusion 2018 (HKLM-x32\...\8FFF2B94-7E68-4C49-8CF8-46C7AC3033B9_is1) (Version: 1.22 - Abelssoft)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Formatwandler 2014 (HKLM-x32\...\{c27f2a3d-93d7-4112-b0ba-424b59be1ad2}) (Version: 6.0.5060.20182 - S.A.D.)
Formatwandler2014Setup (HKLM-x32\...\{34F7D819-71A6-420A-9DBB-0FF9A3DBF108}) (Version: 6.0.0.1311 - Engelmann Media GmbH) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.16.525 - Digital Wave Ltd)
Freecom Hard Drive Info 1.05 (HKLM-x32\...\Freecom Hard Drive Info_is1) (Version:  - Freecom)
Freecom Product Update 1.06 (HKLM-x32\...\Freecom Product Update_is1) (Version:  - Freecom)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HDR projects photo (64-Bit) (HKLM\...\HDR_PROJECTS_2_1_3BF7CE82_is1) (Version: 2.26 - Franzis Verlag GmbH)
HDX4DirectShowFilter (HKLM-x32\...\{EED2BE94-5D8F-4D1B-AECC-88F645262E68}) (Version: 1.0.0.1305 - Engelmann GmbH) Hidden
iCloud (HKLM\...\{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}) (Version: 7.4.0.111 - Apple Inc.)
Incomedia WebSite X5 v11 - Compact (HKLM-x32\...\{C6AE8967-DF23-42DF-B362-8263A5496338}_is1) (Version: 11.0.8.31 - Incomedia s.r.l.)
Incomedia WebSite X5 v11 - Home (HKLM-x32\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.2.14 - Incomedia s.r.l.)
Incomedia WebSite X5 v12 - Home (HKLM-x32\...\{D25ADC00-2219-495D-A577-F14D1BE72756}_is1) (Version: 12.0.9.30 - Incomedia s.r.l.)
InfoBibliothek (HKLM-x32\...\{F5FB4B71-6301-11D4-9AD1-00A0C9B0C5F6}) (Version:  - Akademische Arbeitsgemeinschaft)
InfoBibliothek 2 (HKLM-x32\...\{78D7D7CD-A06B-4514-ACBD-8055BF945A8E}) (Version: 1.08.03.01 - Akademische Arbeitsgemeinschaft Verlag Wolters Kluwer GmbH)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
iTunes (HKLM\...\{BC437DDC-48E8-4089-9EA0-58414984466E}) (Version: 12.7.4.76 - Apple Inc.)
JackKeane2 (HKLM-x32\...\JackKeane2) (Version:  - )
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeyDepot (HKLM\...\KeyDepot_is1) (Version: 3.20 - Abelssoft)
K-Lite Mega Codec Pack 10.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Lern-o-Mat (HKLM-x32\...\{37BFAE1E-D0E3-4C98-905C-FBBC4305843E}) (Version:  - )
Macromedia Dreamweaver MX 2004 (HKLM-x32\...\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}) (Version: 7.0 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.5 - Macromedia)
Macromedia Fireworks MX 2004 (HKLM-x32\...\{E583ED6F-BD99-4066-A420-C815BF692B69}) (Version: 7 - Macromedia)
Macromedia Flash MX 2004 (HKLM-x32\...\{2F353D44-73BB-4971-B31D-F7642E9E9531}) (Version: 7 - Macromedia)
Macromedia FreeHand MXa (HKLM-x32\...\{939740B5-0064-4779-854A-8C1086181C05}) (Version: 11.0.1 - Macromedia)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (HKLM\...\{4745C004-7D5D-42BB-816A-79BF29C3A65C}) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{4745C004-7D5D-42BB-816A-79BF29C3A65C}) (Version: 4.3.2.0 - MAGIX Software GmbH)
MAGIX Music Maker 2013 (HKLM\...\{E7F7CA64-C0FC-4499-BC4D-C764E24CA67B}) (Version: 19.0.7.67 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2013 (HKLM-x32\...\MX.{E7F7CA64-C0FC-4499-BC4D-C764E24CA67B}) (Version: 19.0.7.67 - MAGIX Software GmbH)
MAGIX Music Maker 2013 Trial Soundpools (HKLM\...\{D826D424-4166-40D5-A70C-9C3A78F01ACD}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2013 Plus (HKLM\...\{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}) (Version: 12.0.1.4 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Plus (HKLM-x32\...\MAGIX_{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}) (Version: 12.0.1.4 - MAGIX AG)
MAGIX Video deluxe 2016 Plus (HKLM\...\{E2795C69-E7BE-4AD7-AD29-77DD7E9263C2}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Plus (HKLM\...\MX.{E2795C69-E7BE-4AD7-AD29-77DD7E9263C2}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Plus Update (HKLM\...\{90158760-3F6F-495C-999D-645767BCEF2C}) (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Plus Update (HKLM\...\{9C94F5B0-D567-4FE8-BCE3-EE1BE03BF1EE}) (Version: 15.0.0.77 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus 2013 Update (HKLM\...\{E6FD1013-27CC-4122-96EE-5E2ED42B3C40}) (Version: 12.0.4.2 - MAGIX AG) Hidden
MAGIX Video easy SE (HKLM\...\{D0498EA9-0858-4E1B-B25A-C907ACD15E67}) (Version: 3.0.1.41 - MAGIX AG) Hidden
MAGIX Video easy SE (HKLM-x32\...\MAGIX_{D0498EA9-0858-4E1B-B25A-C907ACD15E67}) (Version: 3.0.1.41 - MAGIX AG)
Malwarebytes Version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manager (HKLM-x32\...\{330A7F6B-389D-4E1B-9746-791FEED7C126}) (Version: 10.0.3.26918 - Avanquest Software) Hidden
MatheAss 8.2 (HKLM-x32\...\MatheAss_is1) (Version:  - MatheAss)
MatheGrafix 10 (Version 10.2) (HKLM-x32\...\MatheGrafix 10_is1) (Version:  - )
Medion Home Cinema (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.) Hidden
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 65.0 (x64 de) (HKLM\...\Mozilla Firefox 65.0 (x64 de)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
mufin player 2.5 (HKLM\...\{56BE895E-C1B1-4692-B030-200AB920AA98}) (Version: 2.5.1.255 - mufin GmbH) Hidden
mufin player 2.5 (HKLM-x32\...\MAGIX_{56BE895E-C1B1-4692-B030-200AB920AA98}) (Version: 2.5.1.255 - mufin GmbH)
My Lockbox 3.9 (HKLM\...\My Lockbox_is1) (Version: 3.9 - )
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
MyKeyFinder 2018 (HKLM-x32\...\{c6396ed4-bdba-4f98-8739-767cb6bd16e6}_is1) (Version: 7.2 - Abelssoft)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
NebenkostenAbrechnung (HKLM-x32\...\{DD7B3EBE-EB93-493C-9400-1E4EE8A3889A}) (Version: 4.02.6 - Akademische Arbeitsgemeinschaft)
NebenkostenAbrechnung 2016 (HKLM-x32\...\{8033F294-375C-4FCC-9080-48A9460D9A98}) (Version: 5.01.6 - Akademische Arbeitsgemeinschaft)
NebenkostenAbrechnung 2017 (HKLM-x32\...\{AA1E9035-0D45-4052-AED6-83E1D55450B7}) (Version: 6.02.3 - Wolters Kluwer Deutschland GmbH)
NebenkostenAbrechnung 2018 (HKLM-x32\...\{A1E71C08-087A-47C7-88BD-80A1F58DA606}) (Version: 7.01.5 - Wolters Kluwer Deutschland GmbH)
NebenkostenBerater (HKLM-x32\...\{C53576FF-2304-499E-8595-BECFA97C5ADC}) (Version: 1.00.4 - Akademische Arbeitsgemeinschaft)
Nero BackItUp 11 Essentials CDPack (HKLM-x32\...\{BD0516DD-705C-441F-A30D-1CC289895309}) (Version: 11.0.00200 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
NetObjects Fusion 12.0 (HKLM-x32\...\{0354854F-F8B8-4AA8-9944-93A1A5533DD2}) (Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (HKLM-x32\...\{051F9CB0-1499-4A0E-A861-CB19A5AAA906}) (Version: 12.00.5000.5041 - NetObjects) Hidden
NetObjects Fusion 12.0 (HKLM-x32\...\{B962E962-6369-4F66-AF35-79CB39270D12}) (Version: 12.00.5000.5041 - NetObjects) Hidden
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.8.5 - Steganos Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paragon Drive Copy™ 14 Professional (HKLM\...\{24371D30-7CFF-11DE-B053-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PC-WELT Datensafe Version 3.0.1.3632 (HKLM-x32\...\PC-WELT Datensafe 1_is1) (Version: 3.0.1.3632 - PC-WELT)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Speed Converter (HKLM\...\{EC38DB84-B902-4F2D-92D7-297E4E3A0A2A}_is1) (Version: 1.0 - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PhotoFilmStrip 2.0.0 (HKLM-x32\...\PhotoFilmStrip_is1) (Version: 2.0.0 - Jens Gï¿½pfert)
PhotoFilmStrip 3.0.2 (HKLM\...\PhotoFilmStrip_is1) (Version: 3.0.2 - Jens Göpfert)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Readiris Pro 14 (HKLM-x32\...\{64A9C130-E372-48E9-B31E-E04A42382751}) (Version: 14.00.5526 - I.R.I.S.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8351 - Realtek Semiconductor Corp.)
RipTiger Extras 4.5.4 (HKLM-x32\...\{2EE6D53B-957E-48d1-801B-0B7DE81BACED}_is1) (Version: 4.5.4 - cyan soft ltd)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.148 - Clarus)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.01.16.02 - Samsung Electronics Co., Ltd.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.23.04 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.26.00 - Samsung Electronics Co., Ltd.)
Samsung SCX-472x Series (HKLM-x32\...\Samsung SCX-472x Series) (Version:  - Samsung Electronics Co., Ltd.)
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Schülerdatei (HKLM-x32\...\Schülerdatei_is1) (Version:  - )
Scratch 2 Offline Editor (HKLM-x32\...\{8EC964DA-D411-7B20-A99B-9962713680F1}) (Version: 255 - MIT Media Lab) Hidden
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 446 - MIT Media Lab)
Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.18.9 - NVIDIA Corporation) Hidden
SiSoftware Sandra Lite 2016.RTMa (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2596}_is1) (Version: 22.15.2016.1 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{8A9079EA-59DE-491F-937A-D421399B7762}) (Version: 7.6.0.295 - Skype Technologies S.A.)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Soda Manager (HKLM-x32\...\{C7C04652-1CE7-4790-AF71-F37C082C4044}) (Version: 8.0.0.0 - LULU Software Limited) Hidden
Soda PDF 8 Asian Fonts Pack (HKLM\...\{214DC3BA-0E51-401B-9FAC-512186CBE08B}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Business Module (HKLM\...\{FB66BC19-19C5-4211-855C-BFE388EBE773}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Convert Module (HKLM\...\{FDF19452-6439-43B3-AF1F-E84C301D7956}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Create Module (HKLM\...\{82994364-3EA2-4B4E-8265-A7A60E18254F}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Edit Module (HKLM\...\{DEBA93B7-89BE-41F3-8AB7-5A7BC2B56D2F}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Forms Module (HKLM\...\{5EDF1F34-0447-454C-BADB-E209EF0F6639}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Insert Module (HKLM\...\{B9AA0685-D11B-48B4-BDAE-190C5A696DD0}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 OCR Module (HKLM\...\{E972E48E-1F99-44BD-9018-02A61452D7D5}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Review Module (HKLM\...\{800C215F-F077-4F1D-9E69-BDDF9B1D990A}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Secure Module (HKLM\...\{0D76BDF5-298A-4387-93A4-EFFE4D61E0AF}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 View Module (HKLM\...\{AF490208-AD16-4608-82FE-4DC173321645}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF Desktop Asian Fonts Pack (HKLM\...\{5F6367B4-01D5-49B3-BDDE-57DEC193B11D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Convert Module (HKLM\...\{1E41EF6F-EDCD-41FA-8221-48B1BC58B61D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Create Module (HKLM\...\{5034E38F-CF0F-4886-B774-DF168A7BA5C0}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Edit Module (HKLM\...\{A40CDD7A-2708-4591-BD85-075BA6BAB453}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Forms Module (HKLM\...\{BE9C0706-9862-4DD0-BFE9-93951C197D8D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Insert Module (HKLM\...\{1A11B1AA-C1DA-4D51-85D2-B378BA07951C}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop OCR Module (HKLM\...\{A5FBED78-28E5-4652-98DA-EDD1302760D8}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Review Module (HKLM\...\{3F07016A-5061-4E3E-A62B-34362F9C3C63}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Secure Module (HKLM\...\{AF5B847F-6E87-4E8A-AEB8-33ACA3DE25C5}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop View Module (HKLM\...\{1210F4F8-B9D8-4956-BADD-FE9D74CB89BF}) (Version: 9.1.17.32812 - LULU Software) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StarMoney (HKLM-x32\...\{113B170E-9109-4EF0-8D70-4596A68E1873}) (Version: 6.0.0.313 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{1FCBD504-AB7D-4757-9A14-850348384B08}) (Version: 3.0.0.124 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{2E6951AE-6A91-4D23-959C-BA407FED3704}) (Version: 6.0.0.313 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{5A6DB7C1-E646-4842-A562-49C5EB8F2B47}) (Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{5C1209B1-FA1D-40D3-BA13-4ED9F0F31002}) (Version: 6.0.1.83 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{99D7711E-74BE-4920-8088-CB785D4C406F}) (Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{BA8CA518-A9B4-485C-AEE0-22E3F0E0E5F6}) (Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{E2F2B987-F2BC-4969-95F2-92099486B811}) (Version: 3.0.0.124 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{E771D898-9A06-4EEF-B84D-B2DB75080F3E}) (Version: 6.0.1.83 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{F902AB2B-7816-4CBD-A385-F2549F62956B}) (Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 10  (HKLM-x32\...\{1C51BBA9-A010-4098-AD87-D414CF872E12}) (Version: 10 - Star Finanz GmbH)
StarMoney 11  (HKLM-x32\...\{D81DBDD1-5FF9-48D1-8791-ACFF23AEC017}) (Version: 11 - Star Finanz GmbH)
StarMoney 11 Deluxe  (HKLM-x32\...\{E151227E-E09D-4657-9D64-58F2B4114F5D}) (Version: 11 - Star Finanz GmbH)
StarMoney 8.0  (HKLM-x32\...\{F5E1ED93-1898-41ED-B971-4F0F8E40FAF4}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0  (HKLM-x32\...\{B204FCA1-735D-4E6C-852F-050148A2B49A}) (Version: 9.0 - Star Finanz GmbH)
StartupStar (HKLM-x32\...\{C8A6121E-BE35-418D-91EF-A9536DA70B36}_is1) (Version: 9.0 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steganos Password Manager 15 (HKLM-x32\...\{B8F35E03-DC02-4CAB-AEF2-577B4CA25E8A}) (Version: 15.2.5 - Steganos Software GmbH)
Steganos Safe 16 (HKLM-x32\...\{F0EC576B-4985-4B60-929B-63F646BAAC1B}) (Version: 16.1 - Steganos Software GmbH)
Steganos Safe 17 (HKLM-x32\...\{F5545FAD-705B-4252-B7DD-E437044A15E1}) (Version: 17.1.2 - Steganos Software GmbH)
Steganos Safe 18 (HKLM-x32\...\{0A81476E-6553-443B-B34F-0BFE17ACAFFB}) (Version: 18.0.2 - Steganos Software GmbH)
SterJo Key Finder (HKLM-x32\...\{2F6B7734-A549-47B2-BE8D-CCB422F4EA9D}_is1) (Version: 1.8 - SterJo Software)
SteuerBerater 2014-2015 (HKLM-x32\...\{57FFBFD1-3865-4357-9A6F-3035EA807A17}) (Version: 15.09.0 - Akademische Arbeitsgemeinschaft)
SteuerBerater 2015-2016 (HKLM-x32\...\{342BD7F7-8BBD-403A-B09B-F3361A1365E3}) (Version: 15.11.0 - Akademische Arbeitsgemeinschaft)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{0DD6CFE2-C3A7-4286-A362-B13BC8AD553F}) (Version: 17.09.0 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{CADF44B6-B8A2-4398-B8FA-EDD157589B81}) (Version: 18.09.1 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.16.113 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.41.113 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2017  (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.37.88 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2018 (HKLM-x32\...\{A1D1FDBD-02F9-49B6-9EB2-2DC6B1D37E16}) (Version: 23.35.52 - Wolters Kluwer Deutschland GmbH)
Steuer-Spar-Erklärung Plus 2012 (HKLM-x32\...\{3BCDCC6A-3A47-4883-8A0C-55AC061316CB}) (Version: 17.17.11 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung Plus 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.43.178 - Akademische Arbeitsgemeinschaft)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Mechanic (HKLM-x32\...\{95129D61-FF52-4FA8-A403-3E31FC5D9696}) (Version: 18.5.1.208 - iolo technologies, LLC)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Secret Legacy DE Version 1.11 (HKLM-x32\...\{20067A8B-9363-45B9-B5D3-7845B276EBAF}_is1) (Version: 1.11 - )
The Silver Lining (HKLM-x32\...\{26ED4308-E0A5-4AE2-A1BC-7A55BC7DD32F}) (Version: 4.0.0 - Phoenix Online)
Toolbar Terminator (HKLM-x32\...\Toolbar Terminator_is1) (Version: 2.06 - Abelssoft)
Unmechanical (HKLM\...\UDK-c913fb41-1b8a-467f-9499-8ab2dd1ba145) (Version:  - Talawa Games - Teotl Studios)
Unsterbliche Liebe: Eine Vampirgeschichte (Vollversion) (HKLM-x32\...\Unsterbliche Liebe: Eine Vampirgeschichte (Vollversion)) (Version: 0.0.0.0 - INTENIUM GmbH)
Update for Skype for Business 2015 (KB4461557) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{BB7D10A9-A135-4EB8-82F1-8A25FEB1B327}) (Version:  - Microsoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WebM Project Directshow Filters (HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\webmdshow) (Version:  - )
WebM Project Directshow Filters (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\webmdshow) (Version:  - )
WhatsApp (HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\WhatsApp) (Version: 0.2.6426 - WhatsApp)
WhatsApp (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\WhatsApp) (Version: 0.2.6426 - WhatsApp)
Willi 2.130 (HKLM-x32\...\Willi_is1) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinFunktion Mathematik plus 20 (HKLM-x32\...\{CDBA97DF-63B9-44E7-B900-92E8165260C0}) (Version: 1.00.0000 - bhv Publishing GmbH)
WinHTTrack Website Copier 3.48-19 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinX HD Video Converter Deluxe 5.12.1 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WinX MediaTrans (HKLM-x32\...\WinX MediaTrans) (Version: 3.2 - Digiarty Software, Inc.)
Wondershare TunesGo Retro ( Version 4.8.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.8.3 - Wondershare)
Wondershare Video Converter Platinum HD 2012(Build 5.1.3.1) (HKLM-x32\...\Wondershare Video Converter Platinum HD 2012_is1) (Version:  - Wondershare Software)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Yawcam 0.6.0 (HKLM-x32\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version: 0.6.0 - Yawcam)
Zoolz2 (HKLM-x32\...\Zoolz2) (Version: 2.1 - Genie9)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184_Classes\CLSID\{04419CEE-76E5-4487-B32E-68C0FD0C07E4}\InprocServer32 -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-453296214-1327697751-653560176-1001_Classes\CLSID\{04419CEE-76E5-4487-B32E-68C0FD0C07E4}\InprocServer32 -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ContextMenuHandlers1: [!NetFax0] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax1] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax2] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax3] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax4] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax5] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax6] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax7] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Keine Datei
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [eXpertPDF10_ManagerExt] -> {0D0BC151-74FD-4755-8F00-5CAD33DEB334} => C:\Program Files\eXpert PDF 10\creator-context-menu.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2015-08-31] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\x64\Incinerator.dll [2018-12-14] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-03-18] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1-x32: [SodaPDF8_ManagerExt] -> {3515E187-6607-4A1B-B616-26C7A7B4B32A} => C:\Program Files\Soda PDF 8\creator-context-menu.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
ContextMenuHandlers1-x32: [SodaPDFDesktop_ManagerExt] -> {526A2ADD-BD9B-40E5-9D45-75EF6313FCE4} => C:\Program Files\Soda PDF Desktop\context-menu.dll [2017-03-23] (LULU Software -> LULU Software)
ContextMenuHandlers1-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> Keine Datei
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2-x32-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2-x32-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2-x32-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2-x32-x32: [SteganosShellExtension] -> {FAE0A3E0-3010-41BA-9DDC-A631394F047F} => C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll [2014-08-27] (Steganos Software GmbH -> )
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3-x32: [SteganosShellExtension] -> {FAE0A3E0-3010-41BA-9DDC-A631394F047F} => C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll [2014-08-27] (Steganos Software GmbH -> )
ContextMenuHandlers3-x32: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Keine Datei
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\x64\Incinerator.dll [2018-12-14] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers4: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers6-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {005FF483-C399-428E-A248-A7C3C5E6A0B9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {017C2C94-4CAA-4479-8296-FA8237A76850} - System32\Tasks\{9CADD5AC-73EF-4AA4-BF15-C0220579CE08} => E:\UnmechanicalSetup.exe
Task: {07A2F410-0531-4518-B8E5-7C272634E1DB} - System32\Tasks\{E9D3106E-6A84-4C00-8C62-0D26D5B04A63} => C:\Riot Games\League of Legends\lol.launcher.exe
Task: {097C36B8-81DC-4BEA-919A-FD1C4C233811} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0A2CDD30-4E5D-48F3-836B-07F074373B81} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {0B2D7193-55BB-4AD0-BC9F-81910C75C9C2} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
Task: {0ED6EE64-CE9B-4B46-B09A-7EEE89FC490D} - System32\Tasks\{D55ED03E-EEAA-4724-9CF2-642C1745D0A0} => E:\Setup.exe
Task: {11976B1A-6D81-4209-A629-549A0F6BD412} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {19C1E80E-17B2-4866-AACF-EBD28B3CB91D} - System32\Tasks\{73B123F4-BB1A-4A78-9729-19DCC02943B8} => E:\UnmechanicalSetup.exe
Task: {1AA9EB57-B2A6-48FF-91E9-85F9F760FD79} - System32\Tasks\{9590372A-2D8A-4BF2-A579-A131305D9F3F} => E:\Setup.exe
Task: {210E3939-4E2C-4133-9318-A8F73EC00F0D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {22E0B6FD-6449-4877-8198-29734A3D091D} - System32\Tasks\{C1705EBC-84AD-48C0-9BAE-2C8F6A90D8CB} => E:\Setup.exe
Task: {270ACFEE-6BC2-480A-AE0A-6A82B2FAFC95} - System32\Tasks\Opera scheduled Autoupdate 1434372108 => C:\Program Files (x86)\Opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
Task: {2D6FB77B-67CF-4F7F-AA3C-70EDF20D237E} - System32\Tasks\{BFCF381A-450A-469C-ADDE-6F6B5F57D06C} => E:\Setup.exe
Task: {33E6120C-4918-44AA-A09A-2B9B9A32BB89} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {3435508B-53E3-49E6-A408-0A18572B4B6F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: {3930E452-5948-4A0A-BD8A-AA3E1AE53656} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B6A2309-D4C0-4A87-B670-CF5B8479F344} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3BB027E6-5FB0-4822-9C29-CB9BB40F6418} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {4599A38A-6DDB-4005-AF09-2E350148931E} - \iolo System Checkup -> Keine Datei <==== ACHTUNG
Task: {45B409AD-034D-4F23-A99B-072DEF830C85} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {46642FC4-9B88-4BFF-BCF9-8FA05171DD63} - System32\Tasks\{90A50835-D061-4E5A-B55D-AA819B9BF2D2} => E:\setup.exe
Task: {4CFBA724-AC35-40F1-9AA6-5C59074C32F4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {57F069D5-4C9F-4526-A80C-7F959EBE9C36} - System32\Tasks\Driver Booster SkipUAC (ki) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {582CE772-BC1A-4AAE-95A9-612E3F71F407} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5AD4B854-D0B1-4B16-9AEF-91CD1C477465} - System32\Tasks\{0522FF20-425B-4A33-9F00-A67F6020D2D1} => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe [2013-03-06] (Clarus, Inc. -> Clarus, Inc.)
Task: {5C83D2C2-4240-41BE-B399-E2B666121C70} - System32\Tasks\{9B161523-A1AB-49C1-8A95-D1DA0838C8A0} => C:\Windows\system32\pcalua.exe -a C:\Users\ki\Downloads\__setup\origin\EAProxyInstaller.exe -d C:\Users\ki\Downloads\__setup\origin
Task: {5E24DEE7-0319-4D5B-A92C-72A8AA0CE3D3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {61930305-F19E-4022-A0F5-9AFE4DA72D21} - System32\Tasks\{693DFF4A-33D2-4688-945B-E58745A679E2} => E:\Setup.exe
Task: {6C0903E5-E081-49B5-A180-CBDFBD47EA5C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {6F363371-5ED9-4E16-A65A-DBC8F673B26A} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: {711158E6-B06F-471B-86C7-24188A5B82C1} - System32\Tasks\{0648C2C1-134B-44D0-8B68-2EF0E75BBA7D} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {72BBEF92-3230-482B-BB2E-2D66919CAE87} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {786E9AC0-E9C9-4121-BE57-6D0374AEEED1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7C1072AC-E5C1-4958-96E6-B4C18EA10170} - System32\Tasks\{6596D6D0-D533-4230-B0DE-897090408593} => E:\setup.exe
Task: {803D698F-2E53-48EF-875C-2278DF667F47} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {81C9863B-7FA7-4B5B-8724-6D0B80E88929} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {86BF9FEA-246B-4BF8-8D0F-35C7E87D2CC9} - System32\Tasks\{69F8A2B6-FF3E-4FAA-A527-BBE452D2D6FD} => E:\Setup.exe
Task: {86CB65FD-A669-46AB-8C40-44EA1B66F7A8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [2015-12-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {8B06F82D-A2F9-4620-B1CD-9FE4061DC117} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8DCA13C7-79D3-4267-BB09-F3CD32B45F31} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {932C4323-7164-4A14-81E7-96EC6F502B77} - System32\Tasks\{7CE09119-BA9C-40FC-B6CF-D788A2EAE78A} => E:\Setup.exe
Task: {95FD1E60-E0CE-45D0-8DAF-4CB256A794E9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {9DD09A7E-1129-4EE7-8921-B6081EA3D2D7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {A085CFC0-820A-42E8-9DB3-135E1E5EE0BE} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {A62730A4-775A-4CAB-A3A5-95E691C893FD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6420339-7020-4EA4-B0B8-6FF817DEA3F7} - System32\Tasks\{B80F7492-C5BB-48E2-A3F7-F0F78A8A97AE} => E:\Setup.exe
Task: {AC19F91D-88FB-4EE8-BCB3-9E436C9D4173} - System32\Tasks\{B7E5C3C4-CC9E-4E82-A368-A6ACB2EC3612} => C:\Program Files (x86)\PurpleHills\Hinter dem Spiegel 2 - Die Rache der Hexe\Hinter dem Spiegel 2 - Die Rache der Hexe.exe
Task: {AD7FAB58-15DC-4E7D-A4E1-60EE5974B9B7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF420AC6-CA29-4854-8452-097F3807D77A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B1755605-0002-40BC-A59E-ED40228951C7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B56855C3-CFA8-4744-90DD-C08B87E79145} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B5F353CE-6293-49C1-8158-8E7C22EB387F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B96C9C24-70D6-46E5-A7F3-75692D7EFF8F} - System32\Tasks\{3D04DC53-894A-434C-B973-CD7DF46009F7} => E:\Setup.exe
Task: {BC1F3F6C-F1E2-42CC-BA42-212625E078DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc -> Google Inc.)
Task: {BD2B3A81-5556-404C-80F1-DD22E14AB662} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDBDC914-38F2-46FF-BD95-416907B1EE4B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDF5C7EC-5DB2-4E20-A738-75EEB5769C36} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BF55D50F-4BD1-4281-8081-6E07C392CE0D} - System32\Tasks\{5253A38C-6B14-4535-A833-A02146A8D6DE} => E:\Setup.exe
Task: {C563629E-5497-4215-BC3B-DD04C07296C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C5CEF710-B82C-4803-9A56-EA0E655E94C6} - System32\Tasks\{77F5C58B-2213-42ED-9C3C-F3F5240FC611} => E:\UnmechanicalSetup.exe
Task: {C8F09960-D197-4F28-A1BC-FD496E178B92} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
Task: {C930D8A9-9D5E-4B82-9426-574EF5568749} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {CCD1963F-9C59-4686-AC1B-2DCDF36F512C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CF301B6E-11D9-471A-B3D2-C39BE39108AF} - System32\Tasks\{D41300D7-0B44-4C90-8A23-41DF48B40F61} => C:\Program Files (x86)\PurpleHills\Hinter dem Spiegel 2 - Die Rache der Hexe\Hinter dem Spiegel 2 - Die Rache der Hexe.exe
Task: {D24F4A6C-D68F-4228-A0D3-396DBF5E0385} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5CEE429-72A3-4AF6-8FC9-4B8CA91CDD4D} - System32\Tasks\{270FB380-866E-41F6-8DEA-26B1B4ED881E} => E:\Setup.exe
Task: {D6BDD73A-E61D-4BC5-A3B1-DDEA50ADEDA0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8CECB80-90EB-48A3-AFCA-A1EFE96085E2} - System32\Tasks\Abelssoft\ToolbarTerminator Background Guard => C:\Program Files (x86)\ToolbarTerminator\TTBackgroundGuard.exe [2015-10-20] (Microsoft) [Datei ist nicht signiert]
Task: {DEE376CD-0049-412E-B9B3-C92B20E40170} - System32\Tasks\{6E62401D-3F6D-44C0-BC9E-E20A595F5953} => E:\Setup.exe
Task: {DF357ABB-C54F-4F80-846D-CB69F21A717E} - System32\Tasks\chipSWU => cscript.exe "C:\Program Files (x86)\chip\Internet Explorer\swu.vbs"
Task: {E03A5ED7-5F84-4B56-922C-07176FA9CCAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc -> Google Inc.)
Task: {E0A2C520-6FE9-4E4E-95C8-33B4BE9805D0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E6127866-8945-4453-B377-341872E47C62} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E7EAF5F9-12E0-4299-A829-013AA1BC8025} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe
Task: {EDCBC82A-6F80-4802-BADA-9E31595766CC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F0BD0592-FDCA-4385-84FC-E0BD7AFC8AA7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F553CEE9-0C11-49B7-8685-9C48DBBE33D4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {FDBB2CC5-172D-41B6-8B30-DC1538CBEE93} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DriverMax Notification.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\DriverMaxAgent.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\DriverMaxWelcome.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d25980b04c1a1a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ki NBAgent 6 0.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
Task: C:\WINDOWS\Tasks\ki Nero LIVEBackup 6 0.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe C:\Users\ki\AppData\Roaming\Nero\Nero 11\Nero BackItUp\Files\ki Nero LIVEBackup.nji
Task: C:\WINDOWS\Tasks\ki.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe C:\Users\ki\AppData\Roaming\Nero\Nero 11\Nero BackItUp\Files\ki.nji
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1434372108.job => C:\Program Files (x86)\Opera\launcher.exe
Task: C:\WINDOWS\Tasks\StartupStar Firewall.job => C:\Program Files (x86)\StartupStar\StartupStar.exe
Task: C:\WINDOWS\Tasks\Zoolz Start Backup.job => C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-07-26 10:42 - 2013-07-26 10:42 - 000034304 _____ () C:\WINDOWS\System32\ssa3mlm.dll
2018-12-01 20:36 - 2018-12-01 20:36 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2015-08-10 16:58 - 2015-11-16 16:18 - 000020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 001157592 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2019-01-29 10:45 - 2019-01-29 10:45 - 006299944 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2015-12-05 17:39 - 2015-10-15 11:50 - 000469352 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE
2015-12-05 17:39 - 2015-09-28 20:06 - 003275624 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPCmn32x64.dll
2015-12-05 17:39 - 2015-09-28 20:06 - 002462568 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPToolsx64.dll
2015-12-05 17:39 - 2015-09-28 20:06 - 000320360 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPLangx64.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 007128176 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2018-11-23 12:31 - 2018-11-23 12:31 - 001900792 _____ () C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe
2018-11-23 12:51 - 2018-11-23 12:51 - 019658816 _____ () C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
2018-11-23 12:08 - 2018-11-23 12:08 - 005835168 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-14 10:06 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2014-08-27 16:02 - 2014-08-27 16:02 - 000226656 _____ () C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 000754416 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2018-11-23 13:02 - 2018-11-23 13:02 - 004785640 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2010-12-17 18:13 - 2010-12-17 18:13 - 000438784 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2010-12-17 18:13 - 2010-12-17 18:13 - 000050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2018-11-23 12:59 - 2018-11-23 12:59 - 000099896 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schdevid.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000277538 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 002386352 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\xerces_c.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000160168 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\libevent.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2018-11-23 12:59 - 2018-11-23 12:59 - 003516192 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2018-11-23 12:59 - 2018-11-23 12:59 - 001168536 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\services_mms_addon.dll
2018-11-23 12:56 - 2018-11-23 12:56 - 023053136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 000413712 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2018-11-23 12:23 - 2018-11-23 12:23 - 000177416 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\archive3_adapter.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 000271392 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\pcs_io.dll
2018-11-23 12:09 - 2018-11-23 12:09 - 000225312 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\zstd.dll
2018-11-23 12:09 - 2018-11-23 12:09 - 000042928 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\winpthreads4.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 001087784 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\schedule.dll
2018-11-23 12:01 - 2018-11-23 12:01 - 000144400 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 000261336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2016-12-16 13:26 - 2016-01-28 15:33 - 001058624 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\libxml2.dll
2016-12-16 13:26 - 2011-01-13 11:44 - 000232800 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\PATCHW32.dll
2018-12-20 21:53 - 2018-11-13 07:15 - 001059304 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\libxml2.dll
2018-12-20 21:53 - 2017-01-23 17:49 - 000232800 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\PATCHW32.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000085992 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\zlib1.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000143336 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\lzma.dll
2018-12-18 09:38 - 2018-11-13 07:15 - 001059304 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\libxml2.dll
2018-12-18 09:38 - 2017-01-23 16:49 - 000232800 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\PATCHW32.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000143336 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\lzma.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000085992 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\zlib1.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2018-06-18 19:12 - 2018-06-18 19:12 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 000055312 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2018-11-23 12:27 - 2018-11-23 12:27 - 003049976 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\boot_assist.dll
2018-11-23 12:00 - 2018-11-23 12:00 - 000680480 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\archive3.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 012280336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2018-11-23 12:12 - 2018-11-23 12:12 - 000820440 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp.dll
2018-11-23 12:27 - 2018-11-23 12:27 - 001450728 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp_ex.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:2AE74FF9 [149]
AlternateDataStreams: C:\ProgramData\Temp:A8185163 [179]
AlternateDataStreams: C:\ProgramData\Temp:CBAF0C30 [170]
AlternateDataStreams: C:\Users\ki\Documents\Grundsicherung 2015.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\ki\Documents\Grundsicherung 2015.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-07-13 17:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\DATA\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\DATA;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Acronis\SnapAPI;C:\Program Files (x86)\Acronis\TrueImageHome;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115206809\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115206873\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-453296214-1327697751-653560176-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115206930\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\Control Panel\Desktop\\Wallpaper -> C:\Users\ki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-453296214-1327697751-653560176-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207895\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115208114\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.

MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: AAV UpdateService => 2
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: AxVirtualAHCISrv => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: eXpert PDF 10 Creator => 2
MSCONFIG\Services: eXpert PDF 10 Manager => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: prl_mobdisp => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SODA Manager => 2
MSCONFIG\Services: Soda PDF 8 Creator => 2
MSCONFIG\Services: Soda PDF Desktop Creator => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WiaRpc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Password Safe.lnk => C:\Windows\pss\Password Safe.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AshSnap => C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Snap\ashsnap.exe
MSCONFIG\startupreg: Clarus Drive Manager => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\ki\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SanDiskSecureAccess_Manager.exe => C:\Users\ki\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "abylon MANAGER.lnk"
HKLM\...\StartupApproved\StartupFolder: => "psi_tray.exe"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "EverDoc Printer++"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NBAgent"
HKLM\...\StartupApproved\Run32: => "OKAYFREEDOM Notifier"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\StartupFolder: => "abylon MANAGER.lnk"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "DriverMax_RESTART"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "Parallels Access"
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\StartupApproved\StartupFolder: => "abylon MANAGER.lnk"
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\StartupApproved\Run: => "DriverMax_RESTART"
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-453296214-1327697751-653560176-1001.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02082019115207184\...\StartupApproved\Run: => "Parallels Access"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

01-07-2018 22:37:12 Wiederherstellungsvorgang
15-07-2018 15:50:01 Windows Update
25-07-2018 17:29:47 alles ok
29-07-2018 15:38:13 Windows Update
29-07-2018 15:39:40 Windows Update
12-08-2018 15:56:07 Windows Update
17-08-2018 21:31:14 Windows Update
26-08-2018 15:51:41 Windows Update
02-09-2018 08:47:32 Windows Update
02-09-2018 08:48:56 Windows Update
10-09-2018 09:15:57 Windows Update
10-09-2018 09:17:39 Windows Update
30-09-2018 11:03:32 Windows Update
12-10-2018 08:58:14 Windows Update
15-10-2018 11:23:23 SteuerSparErklärung 2018 wurde installiert.
30-10-2018 11:20:32 Windows Update
30-10-2018 11:21:55 Windows Update
15-11-2018 09:19:01 Windows Update
27-11-2018 16:43:32 Windows Update
01-12-2018 20:53:07 nach treiberaktualisierung
14-12-2018 09:46:06 Windows Update
31-12-2018 21:23:01 Windows Update
17-01-2019 20:18:51 Windows Update
28-01-2019 09:08:13 Windows Update
29-01-2019 12:45:09 vor WSUS update
29-01-2019 14:23:23 Wiederherstellungsvorgang
03-02-2019 18:25:28 Windows Update
06-02-2019 18:11:20 Removed CHIP Best Deal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/08/2019 12:10:26 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-15T11:10:26Z. Fehlercode: 0x80041315.

Error: (02/08/2019 12:09:56 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-15T11:09:56Z. Fehlercode: 0x80041315.

Error: (02/08/2019 12:09:26 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-15T11:09:26Z. Fehlercode: 0x80041315.

Error: (02/08/2019 12:08:56 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-15T11:08:56Z. Fehlercode: 0x80041315.

Error: (02/08/2019 12:08:26 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-15T11:08:26Z. Fehlercode: 0x80041315.

Error: (02/08/2019 12:07:56 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-15T11:07:56Z. Fehlercode: 0x80041315.

Error: (02/08/2019 12:07:26 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-15T11:07:26Z. Fehlercode: 0x80041315.

Error: (02/08/2019 12:06:56 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-15T11:06:56Z. Fehlercode: 0x80041315.


Systemfehler:
=============
Error: (02/08/2019 11:58:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Synchronisierungshost_10ff824" wurde mit folgendem Fehler beendet: 
In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (02/08/2019 11:55:56 AM) (Source: DCOM) (EventID: 10010) (User: ki-PCmedion2012)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/08/2019 11:55:56 AM) (Source: DCOM) (EventID: 10010) (User: ki-PCmedion2012)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/08/2019 11:55:56 AM) (Source: DCOM) (EventID: 10010) (User: ki-PCmedion2012)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/08/2019 11:55:56 AM) (Source: DCOM) (EventID: 10010) (User: ki-PCmedion2012)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/08/2019 11:54:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Synchronisierungshost_7df9f" wurde mit folgendem Fehler beendet: 
In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (02/08/2019 11:53:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Synchronisierungshost_7df9f" wurde mit folgendem Fehler beendet: 
In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (02/08/2019 11:50:32 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.


CodeIntegrity:
===================================

Date: 2019-02-07 10:51:19.044
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-07 10:51:12.500
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-07 10:50:54.326
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-07 10:50:42.781
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-07 10:50:40.275
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-07 10:50:39.765
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-07 10:50:39.195
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-07 10:50:26.228
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 16365.64 MB
Verfügbarer physikalischer RAM: 11203.14 MB
Summe virtueller Speicher: 32749.64 MB
Verfügbarer virtueller Speicher: 27551.23 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:114.94 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:26.22 GB) NTFS

\\?\Volume{b0840d3d-72b6-11e1-81c4-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 58F6BA5B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== Ende von Addition.txt ============================

--- --- ---

M-K-D-B · 08.02.2019, 22:21

Servus,

Schritt 1

Kopiere den gesamten Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
Task: {005FF483-C399-428E-A248-A7C3C5E6A0B9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {0A2CDD30-4E5D-48F3-836B-07F074373B81} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {33E6120C-4918-44AA-A09A-2B9B9A32BB89} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {3BB027E6-5FB0-4822-9C29-CB9BB40F6418} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {4599A38A-6DDB-4005-AF09-2E350148931E} - \iolo System Checkup -> Keine Datei <==== ACHTUNG
Task: {4CFBA724-AC35-40F1-9AA6-5C59074C32F4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {5C83D2C2-4240-41BE-B399-E2B666121C70} - System32\Tasks\{9B161523-A1AB-49C1-8A95-D1DA0838C8A0} => C:\Windows\system32\pcalua.exe -a C:\Users\ki\Downloads\__setup\origin\EAProxyInstaller.exe -d C:\Users\ki\Downloads\__setup\origin
Task: {5E24DEE7-0319-4D5B-A92C-72A8AA0CE3D3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {61930305-F19E-4022-A0F5-9AFE4DA72D21} - System32\Tasks\{693DFF4A-33D2-4688-945B-E58745A679E2} => E:\Setup.exe
Task: {6C0903E5-E081-49B5-A180-CBDFBD47EA5C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {711158E6-B06F-471B-86C7-24188A5B82C1} - System32\Tasks\{0648C2C1-134B-44D0-8B68-2EF0E75BBA7D} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {786E9AC0-E9C9-4121-BE57-6D0374AEEED1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {86BF9FEA-246B-4BF8-8D0F-35C7E87D2CC9} - System32\Tasks\{69F8A2B6-FF3E-4FAA-A527-BBE452D2D6FD} => E:\Setup.exe
Task: {8DCA13C7-79D3-4267-BB09-F3CD32B45F31} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {932C4323-7164-4A14-81E7-96EC6F502B77} - System32\Tasks\{7CE09119-BA9C-40FC-B6CF-D788A2EAE78A} => E:\Setup.exe
Task: {A085CFC0-820A-42E8-9DB3-135E1E5EE0BE} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {B1755605-0002-40BC-A59E-ED40228951C7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C930D8A9-9D5E-4B82-9426-574EF5568749} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {F553CEE9-0C11-49B7-8685-9C48DBBE33D4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C8F09960-D197-4F28-A1BC-FD496E178B92} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
C:\Program Files (x86)\Norton Internet Security CBE
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
CMD: ipconfig /flushdns
CMD: netsh winsock reset
RemoveProxy:
EmptyTemp:
End::

Starte nun FRST und klicke direkt den Entfernen Button. Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2

Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in das Suchfeld:
Code:
ATTFilter
```
SearchAll: torch;Advanced SystemCare;AskToolbar
         
```
Klicke auf den Button Datei-Suche.
FRST beginnt mit dem Suchlauf. Dieser kann einige Zeit dauern, bitte gedulde dich!
Am Ende wird eine Textdatei Search.txt erstellt.
Poste mir deren Inhalt mit deiner nächsten Antwort.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix (fixlog.txt),
die Logdatei des FRST-Suchlaufs (Search.txt),
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

libaki · 09.02.2019, 16:25

Code:

ATTFilter

Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 8.02.2019
durchgeführt von ki (09-02-2019 15:11:02) Run:1
Gestartet von C:\Users\ki\Desktop
Geladene Profile: ki (Verfügbare Profile: ki & admin2 & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
Task: {005FF483-C399-428E-A248-A7C3C5E6A0B9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {0A2CDD30-4E5D-48F3-836B-07F074373B81} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {33E6120C-4918-44AA-A09A-2B9B9A32BB89} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {3BB027E6-5FB0-4822-9C29-CB9BB40F6418} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {4599A38A-6DDB-4005-AF09-2E350148931E} - \iolo System Checkup -> Keine Datei <==== ACHTUNG
Task: {4CFBA724-AC35-40F1-9AA6-5C59074C32F4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {5C83D2C2-4240-41BE-B399-E2B666121C70} - System32\Tasks\{9B161523-A1AB-49C1-8A95-D1DA0838C8A0} => C:\Windows\system32\pcalua.exe -a C:\Users\ki\Downloads\__setup\origin\EAProxyInstaller.exe -d C:\Users\ki\Downloads\__setup\origin
Task: {5E24DEE7-0319-4D5B-A92C-72A8AA0CE3D3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {61930305-F19E-4022-A0F5-9AFE4DA72D21} - System32\Tasks\{693DFF4A-33D2-4688-945B-E58745A679E2} => E:\Setup.exe
Task: {6C0903E5-E081-49B5-A180-CBDFBD47EA5C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {711158E6-B06F-471B-86C7-24188A5B82C1} - System32\Tasks\{0648C2C1-134B-44D0-8B68-2EF0E75BBA7D} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {786E9AC0-E9C9-4121-BE57-6D0374AEEED1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {86BF9FEA-246B-4BF8-8D0F-35C7E87D2CC9} - System32\Tasks\{69F8A2B6-FF3E-4FAA-A527-BBE452D2D6FD} => E:\Setup.exe
Task: {8DCA13C7-79D3-4267-BB09-F3CD32B45F31} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {932C4323-7164-4A14-81E7-96EC6F502B77} - System32\Tasks\{7CE09119-BA9C-40FC-B6CF-D788A2EAE78A} => E:\Setup.exe
Task: {A085CFC0-820A-42E8-9DB3-135E1E5EE0BE} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {B1755605-0002-40BC-A59E-ED40228951C7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C930D8A9-9D5E-4B82-9426-574EF5568749} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {F553CEE9-0C11-49B7-8685-9C48DBBE33D4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C8F09960-D197-4F28-A1BC-FD496E178B92} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
C:\Program Files (x86)\Norton Internet Security CBE
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
CMD: ipconfig /flushdns
CMD: netsh winsock reset
RemoveProxy:
EmptyTemp:

*****************

HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8 => erfolgreich entfernt
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => erfolgreich verschoben
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.0 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => nicht gefunden
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => erfolgreich entfernt
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{005FF483-C399-428E-A248-A7C3C5E6A0B9}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{005FF483-C399-428E-A248-A7C3C5E6A0B9}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A2CDD30-4E5D-48F3-836B-07F074373B81}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A2CDD30-4E5D-48F3-836B-07F074373B81}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33E6120C-4918-44AA-A09A-2B9B9A32BB89}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33E6120C-4918-44AA-A09A-2B9B9A32BB89}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BB027E6-5FB0-4822-9C29-CB9BB40F6418}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BB027E6-5FB0-4822-9C29-CB9BB40F6418}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4599A38A-6DDB-4005-AF09-2E350148931E}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4599A38A-6DDB-4005-AF09-2E350148931E}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iolo System Checkup" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CFBA724-AC35-40F1-9AA6-5C59074C32F4}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CFBA724-AC35-40F1-9AA6-5C59074C32F4}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C83D2C2-4240-41BE-B399-E2B666121C70}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C83D2C2-4240-41BE-B399-E2B666121C70}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{9B161523-A1AB-49C1-8A95-D1DA0838C8A0} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9B161523-A1AB-49C1-8A95-D1DA0838C8A0}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E24DEE7-0319-4D5B-A92C-72A8AA0CE3D3}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E24DEE7-0319-4D5B-A92C-72A8AA0CE3D3}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61930305-F19E-4022-A0F5-9AFE4DA72D21}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61930305-F19E-4022-A0F5-9AFE4DA72D21}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{693DFF4A-33D2-4688-945B-E58745A679E2} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{693DFF4A-33D2-4688-945B-E58745A679E2}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C0903E5-E081-49B5-A180-CBDFBD47EA5C}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C0903E5-E081-49B5-A180-CBDFBD47EA5C}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{711158E6-B06F-471B-86C7-24188A5B82C1}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{711158E6-B06F-471B-86C7-24188A5B82C1}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{0648C2C1-134B-44D0-8B68-2EF0E75BBA7D} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0648C2C1-134B-44D0-8B68-2EF0E75BBA7D}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{786E9AC0-E9C9-4121-BE57-6D0374AEEED1}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786E9AC0-E9C9-4121-BE57-6D0374AEEED1}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86BF9FEA-246B-4BF8-8D0F-35C7E87D2CC9}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86BF9FEA-246B-4BF8-8D0F-35C7E87D2CC9}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{69F8A2B6-FF3E-4FAA-A527-BBE452D2D6FD} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{69F8A2B6-FF3E-4FAA-A527-BBE452D2D6FD}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8DCA13C7-79D3-4267-BB09-F3CD32B45F31}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DCA13C7-79D3-4267-BB09-F3CD32B45F31}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{932C4323-7164-4A14-81E7-96EC6F502B77}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{932C4323-7164-4A14-81E7-96EC6F502B77}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{7CE09119-BA9C-40FC-B6CF-D788A2EAE78A} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7CE09119-BA9C-40FC-B6CF-D788A2EAE78A}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A085CFC0-820A-42E8-9DB3-135E1E5EE0BE}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A085CFC0-820A-42E8-9DB3-135E1E5EE0BE}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1755605-0002-40BC-A59E-ED40228951C7}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1755605-0002-40BC-A59E-ED40228951C7}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C930D8A9-9D5E-4B82-9426-574EF5568749}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C930D8A9-9D5E-4B82-9426-574EF5568749}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F553CEE9-0C11-49B7-8685-9C48DBBE33D4}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F553CEE9-0C11-49B7-8685-9C48DBBE33D4}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8F09960-D197-4F28-A1BC-FD496E178B92}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8F09960-D197-4F28-A1BC-FD496E178B92}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Norton Internet Security CBE\Norton Error Processor => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Internet Security CBE\Norton Error Processor" => erfolgreich entfernt
"C:\Program Files (x86)\Norton Internet Security CBE" => nicht gefunden
================== ExportKey: ===================

[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths]

=== Ende von ExportKey ===

========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 315060051 B
Java, Flash, Steam htmlcache => 442240235 B
Windows/system/drivers => 684680 B
Edge => 10946752 B
Chrome => 7602563 B
Firefox => 457696033 B
Opera => 56042236 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 147134 B
LocalService => 0 B
NetworkService => 908 B
NetworkService => 0 B
ki => 18937387 B
admin2 => 373803 B
DefaultAppPool => 0 B

RecycleBin => 23692 B
EmptyTemp: => 1.2 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 15:16:39 ====

Code:

ATTFilter

Farbar Recovery Scan Tool (x64) Version: 8.02.2019
durchgeführt von ki (09-02-2019 15:28:13)
Gestartet von C:\Users\ki\Desktop
Start-Modus: Normal

================== Datei-Suche: "SearchAll: torch;Advanced SystemCare;AskToolbar" =============

Datei:
========
C:\Users\ki\AppData\Roaming\.technic\modpacks\tppi\config\TorchLevers.cfg
[2015-01-12 14:01][2015-01-12 14:01] 000002267 _____ () DED15B4E05398220503B6C5348A8561C [Datei ist nicht signiert]

C:\Users\ki\AppData\Roaming\.technic\modpacks\tppi\config\TorchLevers_TextureSupport.txt
[2015-01-12 14:01][2015-01-12 14:01] 000010885 _____ () 52F27BA86BF521C4AF78B5069AF8CB2A [Datei ist nicht signiert]

C:\Users\ki\AppData\Roaming\.technic\modpacks\ichuns-portalgun\mods\Torched-4.0.0.jar
[2015-08-08 09:37][2015-08-08 09:37] 000111674 _____ () B177AADD62AEAFBC67CCADBFBDF9481F [Datei ist nicht signiert]

C:\Users\ki\AppData\Roaming\.technic\modpacks\henrys-flans-mod-modpack\__MACOSX\Flan\Monolith Pack Version 3 Ausf. C\tools\._BlowTorch.txt
[2015-09-12 12:41][2015-09-12 12:41] 000000212 _____ () E132AEA75B15C7AB341906E19635A5EE [Datei ist nicht signiert]

C:\Users\ki\AppData\Roaming\.technic\modpacks\henrys-flans-mod-modpack\__MACOSX\Flan\Monolith Pack Version 3 Ausf. C\assets\flansmod\textures\items\._SuperBlowtorch.png
[2015-09-12 12:41][2015-09-12 12:41] 000000212 _____ () E132AEA75B15C7AB341906E19635A5EE [Datei ist nicht signiert]

C:\Users\ki\AppData\Roaming\.technic\modpacks\henrys-flans-mod-modpack\Flan\Monolith Pack Version 3 Ausf. C\tools\BlowTorch.txt
[2015-09-12 12:41][2015-09-12 12:41] 000000305 _____ () 6831149862B333DF9963F8D764249D48 [Datei ist nicht signiert]

C:\Users\ki\AppData\Roaming\.technic\modpacks\henrys-flans-mod-modpack\Flan\Monolith Pack Version 3 Ausf. C\assets\flansmod\textures\items\SuperBlowtorch.png
[2015-09-12 12:41][2015-09-12 12:41] 000000298 _____ () 447D7F8A8CF4E5B8AFD5645072F0FEEE [Datei ist nicht signiert]

C:\Users\ki\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\100\Torch_KU5EMPEJXXV5MS75EOGMQWCXNA
[2019-02-06 18:13][2019-02-06 18:13] 000004246 _____ () 62E479E4BF3E3F5A3034D11F6869E5DD [Datei ist nicht signiert]

C:\Users\ki\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\data\translations\torchlight_ii.translation
[2018-03-02 09:20][2018-03-02 09:20] 000058504 _____ () ACFA9FF0F47C08BDE2F6846CDFD889DE [Datei ist nicht signiert]

C:\Users\ki\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\data\icons\torchlight_ii.png
[2018-03-02 09:20][2018-03-02 09:20] 000009635 _____ () 9CEE8C0D573FC5EFE474D239D53B358C [Datei ist nicht signiert]

C:\Users\admin2\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\data\translations\torchlight_ii.translation
[2016-05-05 17:54][2016-05-05 17:54] 000058504 _____ () FAC0EBD7C63F9854BE48DD86440FC559 [Datei ist nicht signiert]

C:\Users\admin2\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\data\icons\torchlight_ii.png
[2016-05-05 17:54][2016-05-05 17:54] 000009635 _____ () 9CEE8C0D573FC5EFE474D239D53B358C [Datei ist nicht signiert]

C:\ProgramData\IObit\ASCDownloader\Advanced SystemCare.exe.dat
[2014-03-01 11:12][2014-03-01 11:12] 000000745 _____ () 619B81839B5938E09ACBDDF5F623B926 [Datei ist nicht signiert]

C:\Program Files (x86)\Digiarty\WinX_HD_Video_Converter_Deluxe\config\Video\to_BlackBerry_Torch9860_H264_Profile.plist
[2018-06-03 16:25][2017-10-20 17:36] 000005234 _____ () F83B815917A7E442ABB7346A7AB29992 [Datei ist nicht signiert]

C:\Program Files (x86)\Digiarty\WinX_HD_Video_Converter_Deluxe\config\Video\to_BlackBerry_Torch9860_MPEG4_Profile.plist
[2018-06-03 16:25][2017-10-20 17:36] 000005249 _____ () 878EA5FC25CB79B6F77ADD0F8F1A791C [Datei ist nicht signiert]

C:\Program Files (x86)\Digiarty\WinX_HD_Video_Converter_Deluxe\config\Video\to_BlackBerry_Torch9860_Xvid_Divx_Profile.plist
[2018-06-03 16:25][2017-10-20 17:36] 000005558 _____ () DD0E82CE7A1AC5A30739A4A79D3555C4 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\sound\Gameplay\gp_c01_s23_torche.wav
[2017-05-06 21:15][2010-12-16 01:45] 000091820 _____ () 09775ABB0106EF23BD3CFBBF59ABBFEA [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\lang\obj_22_torche.txt
[2017-05-06 21:14][2010-12-16 01:45] 000000016 _____ () 79C8079889C25C42CE02E1511FDF8374 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\lang\obj_s13_torche.txt
[2017-05-06 21:14][2010-12-16 01:45] 000000016 _____ () 79C8079889C25C42CE02E1511FDF8374 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee01.png
[2017-05-06 21:14][2010-12-16 01:45] 000010751 _____ () A0C56B7926C620BB2AA5E6E555272C69 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee02.png
[2017-05-06 21:14][2010-12-16 01:45] 000018699 _____ () 47CA109C9EE3A3EC3BB8372B00F44856 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee03.png
[2017-05-06 21:14][2010-12-16 01:45] 000022353 _____ () D6D9654336587905AEE0B9011940DC58 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee04.png
[2017-05-06 21:14][2010-12-16 01:45] 000027147 _____ () 58943870A0A2AD54D94C6C445C96625A [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee05.png
[2017-05-06 21:14][2010-12-16 01:45] 000030747 _____ () A8BB833AC081342DED7F399DFA6F6736 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee06.png
[2017-05-06 21:14][2010-12-16 01:45] 000038671 _____ () CF97B06D3B855D6D4C3E5BC1C121531E [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee07.png
[2017-05-06 21:14][2010-12-16 01:45] 000044243 _____ () 11F5A718D3257BD2D37C8B1D95C881F7 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee08.png
[2017-05-06 21:14][2010-12-16 01:45] 000052092 _____ () 30ED50890DE8C3987A29CCBA2DB4F2D9 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee09.png
[2017-05-06 21:14][2010-12-16 01:45] 000062379 _____ () 39F5D7FE2DB14B80584CC8D7F7A158C3 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee10.png
[2017-05-06 21:14][2010-12-16 01:45] 000060234 _____ () D17A20A93E1666FFF0A84785A7D8A42F [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee11.png
[2017-05-06 21:14][2010-12-16 01:45] 000066402 _____ () 5047C06D5C9933AD05CE7736C45773C0 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee12.png
[2017-05-06 21:14][2010-12-16 01:45] 000074179 _____ () 0556AFC75F69BB7D1CF8FEBA2FCECD00 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee13.png
[2017-05-06 21:14][2010-12-16 01:45] 000078132 _____ () FC244FD02BFE1A4FF1E56669D9C7FF5B [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\c01_s23_torcheallumee14.png
[2017-05-06 21:14][2010-12-16 01:45] 000076665 _____ () 4C0ADAE0934DD148397C4F23B820A4D5 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\obj_s23_torcheallumee.png
[2017-05-06 21:14][2010-12-16 01:45] 000035449 _____ () B1A760086347970A2308B2C21B4CAA1E [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s23\obj_s23_torcheeteinte.png
[2017-05-06 21:14][2010-12-16 01:45] 000020358 _____ () F33683DD3066633ABF7C9A5C6A6992EB [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_NB.png
[2017-05-06 21:14][2010-12-16 01:45] 000028204 _____ () DE3DA71017D0EB89A748C9ED86245543 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions01.png
[2017-05-06 21:14][2010-12-16 01:45] 000005869 _____ () D2054A3863F5E27FFFC5C4FD9130BD32 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions01_int.png
[2017-05-06 21:14][2010-12-16 01:45] 000008829 _____ () 570FC8E9151CB60E9B15E59097B4E6E6 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions02.png
[2017-05-06 21:14][2010-12-16 01:45] 000005382 _____ () D6DB2DBC88872B203FB0AF1C3B11B3D0 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions02_int.png
[2017-05-06 21:14][2010-12-16 01:45] 000008136 _____ () E1C4B0DF28340C99BF22BC1989169B9C [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions03.png
[2017-05-06 21:14][2010-12-16 01:45] 000005575 _____ () D441982DC831B3DFAF9336B505E589AF [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions03_int.png
[2017-05-06 21:14][2010-12-16 01:45] 000010304 _____ () 83C111E5001E7E8DC1F11C074FE05AF4 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions04.png
[2017-05-06 21:14][2010-12-16 01:45] 000007236 _____ () 5C1E93504B79B0988D8A4492EB63A629 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions04_int.png
[2017-05-06 21:14][2010-12-16 01:45] 000009951 _____ () 98E2EA0F989FE11D670CC886A8A7BF90 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions05.png
[2017-05-06 21:14][2010-12-16 01:45] 000006051 _____ () DA9B3D841777779EF5070AB91D2A774F [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions05_int.png
[2017-05-06 21:14][2010-12-16 01:45] 000009718 _____ () 0A1997B0D2A2646BF039095470EC5EB6 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions06.png
[2017-05-06 21:14][2010-12-16 01:45] 000004539 _____ () 5EF2F101D8A1C0CA9685ECDC95A22279 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions06_int.png
[2017-05-06 21:14][2010-12-16 01:45] 000006749 _____ () A4D2C15D689C3EAF40421622D415CB03 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions07.png
[2017-05-06 21:14][2010-12-16 01:45] 000005263 _____ () 7A05EB9D5B260369A35B5DEA18A5F65D [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions07_int.png
[2017-05-06 21:14][2010-12-16 01:45] 000006732 _____ () A24C2C4056CD2A71FE587399701B1054 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions08.png
[2017-05-06 21:14][2010-12-16 01:45] 000005083 _____ () 710A827D81538C5A9165BD779AF6ACD3 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s22\obj_s22_torche_portions08_int.png
[2017-05-06 21:14][2010-12-16 01:45] 000006855 _____ () A7C89A5929DD0E84B5508925BCAE7B0F [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\world\s13\obj_s13_torche.png
[2017-05-06 21:14][2010-12-16 01:45] 000007022 _____ () 505B01B8BC07E94B16F73D0FA5146113 [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\inventory\obj_22_torche.png
[2017-05-06 21:14][2010-12-16 01:45] 000003799 _____ () F09955A1C1B65A3C272D76C31FF91A0D [Datei ist nicht signiert]

C:\Program Files (x86)\ The Secret Legacy DE\media\graph\inventory\obj_22_torche_sans_ombre.png
[2017-05-06 21:14][2010-12-16 01:45] 000013557 _____ () 8AD5DDEF821EBD2B697E589C3E9092F2 [Datei ist nicht signiert]

C:\daten\_dieter\nachhilfe-eckert\_excel_2010_gkurs-akurs\trainer_user\k-ex2010-ak_buch\Begleitmedien zum Trainerband\01 - Wie Profis rechnen\kurse-2012\leifi-physik\leifi.physik.uni-muenchen.de\web_ph07_g8\leifitest\aufgab07\07_06_26\storchenschutz.jpg
[2008-01-19 13:58][2006-04-17 17:39] 000012298 _____ () 2E11FB0CA6A73709E4058FBCD80B0CFF [Datei ist nicht signiert]

C:\daten\_dieter\nachhilfe-eckert\_excel_2010_gkurs-akurs\trainer_user\k-ex2010-ak_buch\Begleitmedien zum Trainerband\01 - Wie Profis rechnen\kurse-2012\leifi-physik\leifi.physik.uni-muenchen.de\leifitest\aufgab10\10_04_06\storchenschutz.jpg
[2008-01-19 13:59][2002-11-01 23:25] 000012298 _____ () 2E11FB0CA6A73709E4058FBCD80B0CFF [Datei ist nicht signiert]

C:\daten\_dieter\motorrad-bach\kinder\storch1.jpg
[2012-09-14 13:20][2002-12-30 23:00] 000005961 _____ () C92CD7DCBB820D4C1C826E7A739B9554 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\73\Torch.lnk#7C10BF9D23010246
[2015-04-06 21:17][2015-04-08 20:34] 000001178 _____ () D7A5EA64967F1C189D99C0AB65BA5BFD [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\72\Torch.lnk#7C10BF9D23010246
[2015-04-06 21:17][2015-11-07 22:25] 000001399 _____ () 5B76195547A85E59B20F2371F1ED00A0 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\User Data\torch_shutdown_ms.txt#FEC508B88F53C3F0
[2018-09-09 09:14][2018-09-09 09:14] 000000005 _____ () AA08D859903D7F02507BE7FE73BE7A96 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed\1.0.0.7316_0\images\torch_search_button.png#9845782A29278849
[2015-04-06 21:17][2013-11-19 11:23] 000001592 _____ () DA2EC6923BDA3F3AA8CBF05EFD65A3E7 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed\1.0.0.7316_0\images\torch_search_button_focus.png#05C0DA71B9EC2784
[2015-04-06 21:17][2013-11-19 11:23] 000001774 _____ () 2F3FC2038A3D373476CD81123A029A41 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\User Data\Default\Extensions\gimjmfipknpppbpmkdenjjpfhobiiojk\1.1.0.10166_0\images\torch_32x32.png#8B231CC7B856B5EB
[2015-10-23 14:15][2015-05-25 11:13] 000001965 _____ () ED3D8A64FF68A01413FBB43C722A60A6 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo\1.2.0.10170_0\images\torch_32x32.png#8B231CC7B856B5EB
[2015-11-07 22:25][2015-05-25 11:13] 000001965 _____ () ED3D8A64FF68A01413FBB43C722A60A6 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Update\TorchCrashHandler.exe#6C820EE9C8B5E235
[2015-04-08 20:34][2015-09-24 11:40] 001217032 _____ (TorchMedia Inc.) 7169425FF53499C36838F07260A8D675 [Datei ist digital signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Update\TorchNotifier.exe#5DF25736ECB0C42F
[2015-04-08 20:34][2015-09-24 11:40] 001008136 _____ (TorchMedia Inc.) 34C3C96B59884523763768CF9542AD91 [Datei ist digital signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Update\Download\TorchSetup.exe#26090331D8187116
[2015-05-20 19:57][2015-10-23 14:21] 089878008 _____ (Torch Media, Inc) D41D8CD98F00B204E9800998ECF8427E [Datei ist digital signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Update\42.0.0.9895\TorchUpdate.exe#728CF011AC0C3E4A
[2015-08-13 17:52][2015-07-16 07:25] 001122816 _____ (Torch Media Inc.) 2F353E48314786E5D99CB799FC1625F5 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Update\42.0.0.10338\TorchUpdate.exe#728CF011AC0C3E4A
[2015-10-23 14:22][2015-09-24 09:44] 001122816 _____ (Torch Media Inc.) 095FEECA773111461D3D4C89D09F1AEF [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\old_torch.exe#A9057A4E14EC9119
[2015-04-06 21:16][2015-07-16 09:12] 000748552 _____ (Torch Media Inc.) 144B21DBCEFF38D4071F9BA12DF7294A [Datei ist digital signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\torch.exe#BB64A61D72911335
[2015-04-06 21:16][2015-09-24 11:39] 000748552 _____ (Torch Media Inc.) C0B942CF0D63C08510C65880455D031C [Datei ist digital signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.9895\torch_extensions\torchhelper.crx#7015AC54A09F06F8
[2015-08-13 17:52][2015-07-16 09:12] 000116329 _____ () 482C4ECFF8E162AA040773AAFA198684 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.9895\torch_extensions\torch_games_ext.crx#683F9AF498520621
[2015-08-13 17:52][2015-07-16 09:12] 000006620 _____ () A301E6174CE5E325CA7A621879D5D0AF [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.9895\torch_extensions\torch_music_ext.crx#3E148745BB717A5F
[2015-08-13 17:52][2015-07-16 09:12] 000344512 _____ () CE5CDAA118F87B287BCC5B0E8630906F [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.9895\torch_default_apps\torch_games_app.crx#E10A1B980384B65E
[2015-08-13 17:52][2015-07-16 09:12] 000005755 _____ () F30710D0B9135F24E0A523438C5ED6AF [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.9895\torch_default_apps\torch_music_app.crx#503385E792D1C907
[2015-08-13 17:52][2015-07-16 09:12] 000005624 _____ () 9CAFA4B0B285B4C5E6ADA209965F06E4 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.9895\torch_default_apps\torch_torrent_app.crx#4A605CB862CB339A
[2015-08-13 17:52][2015-07-16 09:12] 000005774 _____ () D05012AA5CAED1CCBE2D83ACE18F4EEC [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.9895\Extensions\TorchDeals.crx#2E86A46EF40BECE8
[2015-08-13 17:52][2015-07-16 09:12] 000043702 _____ () 96F789556701266D08161B12E4DEDC32 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.10338\torch_extensions\torchhelper.crx#7015AC54A09F06F8
[2015-10-23 14:22][2015-09-24 11:39] 000116329 _____ () 482C4ECFF8E162AA040773AAFA198684 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.10338\torch_extensions\torch_games_ext.crx#683F9AF498520621
[2015-10-23 14:22][2015-09-24 11:39] 000006620 _____ () A301E6174CE5E325CA7A621879D5D0AF [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.10338\torch_extensions\torch_music_ext.crx#3E148745BB717A5F
[2015-10-23 14:22][2015-09-24 11:39] 000344512 _____ () CE5CDAA118F87B287BCC5B0E8630906F [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.10338\torch_default_apps\torch_games_app.crx#E10A1B980384B65E
[2015-10-23 14:22][2015-09-24 11:39] 000005755 _____ () F30710D0B9135F24E0A523438C5ED6AF [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.10338\torch_default_apps\torch_music_app.crx#503385E792D1C907
[2015-10-23 14:22][2015-09-24 11:39] 000005624 _____ () 9CAFA4B0B285B4C5E6ADA209965F06E4 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.10338\torch_default_apps\torch_torrent_app.crx#4A605CB862CB339A
[2015-10-23 14:22][2015-09-24 11:39] 000005774 _____ () D05012AA5CAED1CCBE2D83ACE18F4EEC [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.10338\Extensions\TorchDeals.crx#2E86A46EF40BECE8
[2015-10-23 14:22][2015-09-24 11:39] 000043702 _____ () 96F789556701266D08161B12E4DEDC32 [Datei ist nicht signiert]

C:\AdwCleaner\Quarantine\v1\20190207.101400\4\torch\Torch.lnk#7C10BF9D23010246
[2015-04-06 21:17][2015-08-13 17:52] 000001190 _____ () 2A9C67981F66CEA41CB6C840E1865C4C [Datei ist nicht signiert]


Ordner:
========
2015-04-06 21:17 - 2018-05-02 06:57 _____ C:\Windows.old\Users\ki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-11-29 16:34 - 2014-11-29 16:34 _____ C:\Users\ki\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\data\wrappers\torchlight_ii
2015-05-08 21:10 - 2015-05-08 21:10 _____ C:\Users\admin2\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\data\wrappers\torchlight_ii
2014-03-01 11:12 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\65\Advanced SystemCare V7
2014-03-01 11:12 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\64\Advanced SystemCare V7
2018-12-01 20:18 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\63\Advanced SystemCare
2015-04-08 20:34 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\6\torchcrashhandler
2015-04-06 21:14 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch
2015-08-13 17:52 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.9895\torch_default_apps
2015-08-13 17:52 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.9895\torch_default_themes
2015-08-13 17:52 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.9895\torch_extensions
2015-10-23 14:22 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.10338\torch_default_apps
2015-10-23 14:22 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.10338\torch_default_themes
2015-10-23 14:22 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Application\42.0.0.10338\torch_extensions
2015-04-06 21:17 - 2019-02-07 10:14 _____ C:\AdwCleaner\Quarantine\v1\20190207.101400\4\torch

Registry:
========

===================== Suchergebnis für "torch" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.avi]
"VLC.backup"="Torch.avi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.avi]
"Torch.avi_backup"="VLC.avi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dib\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.flv]
"Torch.flv_backup"="emMP4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.gif\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithProgIds]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithProgIds]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ico\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jfif\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpe\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mfp\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mkv]
"Torch.mkv_backup"="MatroskaVideo"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mkv]
"VLC.backup"="Torch.mkv"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mov]
"VLC.backup"="Torch.mov"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mov]
"Torch.mov_backup"="QuickTime.mov"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mp4]
"VLC.backup"="Torch.mp4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mp4]
"Torch.mp4_backup"="QuickTime.mp4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pdf]
"Torch.pdf_backup"="AcroExch.Document.11"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pdf\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\OpenWithProgids]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.torrent]
"Torch.torrent_backup"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.torrent]
""="Torch.torrent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.vob]
"Torch.vob_backup"="VLC.vob"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.webm\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.webp\OpenWithProgids]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht\OpenWithProgIds]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml\OpenWithList\Torch.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml\OpenWithProgIds]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\TorchSetup-r285-n-bf(1).exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\TorchSetup-r285-n-bf(2).exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5DA8B048-EEB0-4c15-9BB9-F2CF953C4F47}]
""="NarratorCheckBox Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0782E2B9-1CD5-5C50-96EE-57BF108AD52D}]
""="__FITypedEventHandler_2_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorChannel_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorDataReceivedEventArgs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{16CF092A-D52E-5356-ABCC-12C343624460}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CAssignedAccess__CAssignedAccessApplication"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1A5CE0B7-527E-593F-8114-5A218497BE59}]
""="__FIIterator_1_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorChannel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D57E9EC-6582-59BF-9DFE-EF1F16EB9607}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CBindableObservableItem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2057B641-4B9B-5338-A19A-E9A951916775}]
""="__FVectorChangedEventHandler_1_Windows__CStorage__CStorageFolder"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{20D7186F-5C33-48D6-BEA2-D9E9E5AF5A95}]
""="IActiveMonitorChangedEventArgs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{264E19DC-8A37-4DDA-B863-D2323C263026}]
""="IActiveMonitorChangedHandler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2768FDA5-53F3-5AA9-BEDD-2F3DF0989FB7}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CApplicationModel__CWindowingEnvironment__CDisplayRegionId"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{37E9B7A9-7BE8-53E9-B733-BA2151DDE682}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CLogon__CCredProvData__CCredential"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48F0D465-6E92-5CF9-9EEC-044593D75899}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CLogon__CCredProvData__CCredentialBucket"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{525019B7-F775-5795-9237-6B23381B30A9}]
""="__FVectorChangedEventHandler_1_Windows__CApplicationModel__CContacts__CInternal__CIContactActionControl"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{575933df-34fe-4480-af15-07691f3d5d9b}]
""="__x_Windows_CFoundation_CCollections_CIVectorChangedEventArgs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5AD94E9E-CB9F-43C7-97AD-AD2251D92B11}]
""="__x_Windows_CPerception_CAutomation_CMonitoring_CIPerceptionMonitorChannel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5C33E53F-A324-5529-895F-1B0BC96F86F8}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CLogon__CCredProvData__CUser"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609B110D-EE32-5153-BD07-6C6CFC90A87F}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CLogon__CSuggestedUsersData__CSuggestedUser"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6814B9F7-D52B-56F3-9764-1860E21FC29D}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CLogon__CCredProvData__CInternal__CICredentialGroupWithVisibility"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{78c6b6af-1777-5f03-9f99-95541630b5f2}]
""="VectorChangedEventHandler<float>"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{815E5EE0-E6B0-5A6B-83D1-D06F5B0CDB4A}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CShellLauncher__CShellLauncherCustomAction"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{818A7AC4-B8F9-5988-9A9C-0C3556AF7254}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CAssignedAccess__CAssignedAccessUserInfo"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8D898F19-2A9E-5F0F-A13E-0FB5E9FF7C76}]
""="VectorChangedEventHandler<SystemSettings.DataModel.ISettingItem>"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{962B35D1-B3D9-5A42-B9BD-F1F9321EF8FC}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CAssignedAccess__CAssignedAccessConfig"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A2BBA4BE-212B-55CB-9A03-7AC0F2CE40DF}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CApplicationModel__CWindowingEnvironment__CPresenterMode"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A7E07806-A2B4-5EE3-A17A-0C5564FC85EF}]
""="__FIVector_1_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorChannel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{b423a801-d35e-56b9-813b-00889536cb98}]
""="VectorChangedEventHandler<IInspectable>"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{b72880f5-ab9b-504e-a9c2-d1c6d4713861}]
""="VectorChangedEventHandler_1_Windows__CManagement__CProvisioning__CIPackage"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{cb6c396f-4861-5296-b14b-bd90b941a3e0}]
""="VectorChangedEventHandler<HSTRING>"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CB7B988B-468A-5EAE-AFE4-DF8B005F80AF}]
""="__FVectorChangedEventHandler_1_Windows__CApplicationModel__CSearch__CCore__CSearchSuggestion"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D0C5E5EB-7285-5F95-9C8D-CC431188C916}]
""="__FIVectorView_1_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorChannel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DF845185-4343-558F-8E12-3DDDB176800F}]
""="__FVectorChangedEventHandler_1_Windows__CApplicationModel__CInternal__CDataTransfer__CClipboardHistoryItem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E0FCC5CC-A58E-5A1F-8250-6BD6D2BA3ED6}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CAssignedAccess__CAssignedAccessProfile"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F0F60957-07BD-5590-9935-26BB9186D48D}]
""="__FIIterable_1_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorChannel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FC1FE2D5-1109-5377-B402-9320A02F272D}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CAuth__CDeviceLock__CCredentialTimeoutOption"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FF0FF776-190E-55EB-8B91-1618D2352E15}]
""="__FVectorChangedEventHandler_1_Windows__CApplicationModel__CContacts__CInternal__CIContactActionControlItem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.avi]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.avi\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.avi\shell\open]
""="Open with Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.avi\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.flv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.flv\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.flv\shell\open]
""="Open with Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.flv\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mkv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mkv\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mkv\shell\open]
""="Open with Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mkv\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mov]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mov\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mov\shell\open]
""="Open with Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mov\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mp4]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mp4\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mp4\shell\open]
""="Open with Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.mp4\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.pdf]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.pdf\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.pdf\shell\open]
""="Open with Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.pdf\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.torrent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.torrent\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.torrent\shell\open]
""="Open with Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.torrent\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.vob]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.vob\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.vob\shell\open]
""="Open with Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Torch.vob\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA]
""="Torch HTML Document"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA\shell\open\command]
""=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe" -- "%1""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0782E2B9-1CD5-5C50-96EE-57BF108AD52D}]
""="__FITypedEventHandler_2_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorChannel_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorDataReceivedEventArgs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{16CF092A-D52E-5356-ABCC-12C343624460}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CAssignedAccess__CAssignedAccessApplication"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1A5CE0B7-527E-593F-8114-5A218497BE59}]
""="__FIIterator_1_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorChannel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1D57E9EC-6582-59BF-9DFE-EF1F16EB9607}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CBindableObservableItem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2057B641-4B9B-5338-A19A-E9A951916775}]
""="__FVectorChangedEventHandler_1_Windows__CStorage__CStorageFolder"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20D7186F-5C33-48D6-BEA2-D9E9E5AF5A95}]
""="IActiveMonitorChangedEventArgs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{264E19DC-8A37-4DDA-B863-D2323C263026}]
""="IActiveMonitorChangedHandler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2768FDA5-53F3-5AA9-BEDD-2F3DF0989FB7}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CApplicationModel__CWindowingEnvironment__CDisplayRegionId"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{37E9B7A9-7BE8-53E9-B733-BA2151DDE682}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CLogon__CCredProvData__CCredential"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{48F0D465-6E92-5CF9-9EEC-044593D75899}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CLogon__CCredProvData__CCredentialBucket"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{525019B7-F775-5795-9237-6B23381B30A9}]
""="__FVectorChangedEventHandler_1_Windows__CApplicationModel__CContacts__CInternal__CIContactActionControl"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{575933df-34fe-4480-af15-07691f3d5d9b}]
""="__x_Windows_CFoundation_CCollections_CIVectorChangedEventArgs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5AD94E9E-CB9F-43C7-97AD-AD2251D92B11}]
""="__x_Windows_CPerception_CAutomation_CMonitoring_CIPerceptionMonitorChannel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5C33E53F-A324-5529-895F-1B0BC96F86F8}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CLogon__CCredProvData__CUser"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{609B110D-EE32-5153-BD07-6C6CFC90A87F}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CLogon__CSuggestedUsersData__CSuggestedUser"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6814B9F7-D52B-56F3-9764-1860E21FC29D}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CLogon__CCredProvData__CInternal__CICredentialGroupWithVisibility"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{78c6b6af-1777-5f03-9f99-95541630b5f2}]
""="VectorChangedEventHandler<float>"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{815E5EE0-E6B0-5A6B-83D1-D06F5B0CDB4A}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CShellLauncher__CShellLauncherCustomAction"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{818A7AC4-B8F9-5988-9A9C-0C3556AF7254}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CAssignedAccess__CAssignedAccessUserInfo"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8D898F19-2A9E-5F0F-A13E-0FB5E9FF7C76}]
""="VectorChangedEventHandler<SystemSettings.DataModel.ISettingItem>"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{962B35D1-B3D9-5A42-B9BD-F1F9321EF8FC}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CAssignedAccess__CAssignedAccessConfig"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A2BBA4BE-212B-55CB-9A03-7AC0F2CE40DF}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CApplicationModel__CWindowingEnvironment__CPresenterMode"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A7E07806-A2B4-5EE3-A17A-0C5564FC85EF}]
""="__FIVector_1_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorChannel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{b423a801-d35e-56b9-813b-00889536cb98}]
""="VectorChangedEventHandler<IInspectable>"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{cb6c396f-4861-5296-b14b-bd90b941a3e0}]
""="VectorChangedEventHandler<HSTRING>"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{CB7B988B-468A-5EAE-AFE4-DF8B005F80AF}]
""="__FVectorChangedEventHandler_1_Windows__CApplicationModel__CSearch__CCore__CSearchSuggestion"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D0C5E5EB-7285-5F95-9C8D-CC431188C916}]
""="__FIVectorView_1_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorChannel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DF845185-4343-558F-8E12-3DDDB176800F}]
""="__FVectorChangedEventHandler_1_Windows__CApplicationModel__CInternal__CDataTransfer__CClipboardHistoryItem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E0FCC5CC-A58E-5A1F-8250-6BD6D2BA3ED6}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CAssignedAccess__CAssignedAccessProfile"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F0F60957-07BD-5590-9935-26BB9186D48D}]
""="__FIIterable_1_Windows__CPerception__CAutomation__CMonitoring__CPerceptionMonitorChannel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FC1FE2D5-1109-5377-B402-9320A02F272D}]
""="__FVectorChangedEventHandler_1_Windows__CInternal__CUI__CAuth__CDeviceLock__CCredentialTimeoutOption"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FF0FF776-190E-55EB-8B91-1618D2352E15}]
""="__FVectorChangedEventHandler_1_Windows__CApplicationModel__CContacts__CInternal__CIContactActionControlItem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI]
""="Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities]
"ApplicationDescription"="Torch is a web browser that runs webpages and applications with lightning speed. It's fast, stable, and easy to use. Browse the web more safely with malware and phishing protection built into Torch."

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities]
"ApplicationIcon"="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities]
"ApplicationName"="Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\FileAssociations]
".htm"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\FileAssociations]
".html"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\FileAssociations]
".shtml"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\FileAssociations]
".webp"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\FileAssociations]
".xht"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\FileAssociations]
".xhtml"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\Startmenu]
"StartMenuInternet"="Torch.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"ftp"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"http"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"https"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"irc"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"mailto"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"mms"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"news"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"nntp"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"sms"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"smsto"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"tel"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"urn"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\Capabilities\URLAssociations]
"webcal"="TorchHTML.KH6RXXLCPUM5EKXKFM5CSU24HI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\InstallInfo]
"HideIconsCommand"=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe" --hide-icons"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\InstallInfo]
"ReinstallCommand"=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe" --make-default-browser"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\InstallInfo]
"ShowIconsCommand"=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe" --show-icons"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI\shell\open\command]
""=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA]
""="Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities]
"ApplicationDescription"="Torch ist ein Webbrowser, der Webseiten und Apps in Sekundenschnelle lädt und dabei äußerst stabil und nutzerfreundlich ist. Dank des integrierten Malware- und Phishing-Schutzes können Sie bedenkenlos im Internet surfen."

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities]
"ApplicationIcon"="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities]
"ApplicationName"="Torch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\FileAssociations]
".htm"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\FileAssociations]
".html"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\FileAssociations]
".shtml"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\FileAssociations]
".xht"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\FileAssociations]
".xhtml"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\FileAssociations]
".webp"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\Startmenu]
"StartMenuInternet"="Torch.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"ftp"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"http"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"https"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"irc"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"mailto"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"mms"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"news"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"nntp"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"sms"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"smsto"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"tel"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"urn"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities\URLAssociations]
"webcal"="TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\InstallInfo]
"ReinstallCommand"=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe" --make-default-browser"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\InstallInfo]
"HideIconsCommand"=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe" --hide-icons"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\InstallInfo]
"ShowIconsCommand"=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe" --show-icons"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\shell\open\command]
""=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications]
"Torch.KU5EMPEJXXV5MS75EOGMQWCXNA"="Software\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\RegisteredApplications]
"Torch.KU5EMPEJXXV5MS75EOGMQWCXNA"="Software\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA\Capabilities"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\abylon\EXECUTIONLOCK\SETTINGS\EXELOCK\KIPROCESSES]
"torch.exe_STATUS"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\abylon\EXECUTIONLOCK\SETTINGS\EXELOCK\KIPROCESSES]
"torch.exe_SOURCE"="torch.exe"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\abylon\EXECUTIONLOCK\SETTINGS\EXELOCK\KIPROCESSES]
"torch.exe_DATE"="29.01.2017"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\abylon\EXECUTIONLOCK\SETTINGS\EXELOCK\KIPROCESSES]
"TorchUpdate.exe_STATUS"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\abylon\EXECUTIONLOCK\SETTINGS\EXELOCK\KIPROCESSES]
"TorchUpdate.exe_SOURCE"="TorchUpdate.exe"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\abylon\EXECUTIONLOCK\SETTINGS\EXELOCK\KIPROCESSES]
"TorchUpdate.exe_DATE"="29.01.2017"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\11354f77_0]
""="{0.0.0.00000000}.{0e7a8ca6-27ab-43e0-80f0-7def83bebedd}|\Device\HarddiskVolume2\Users\ki\AppData\Local\Torch\Application\torch.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ef1abe62_0]
""="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0887&subsys_14627728&rev_1003#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Users\ki\AppData\Local\Torch\Application\torch.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\App Paths\torch.exe]

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\App Paths\torch.exe]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\App Paths\torch.exe]
"Path"="C:\Users\ki\AppData\Local\Torch\Application"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Applications\Torch.exe_.ico"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Torch.avi_.avi"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Applications\Torch.exe_.bmp"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Applications\Torch.exe_.dib"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Applications\Torch.exe_.gif"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA_.htm"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA_.html"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Applications\Torch.exe_.jfif"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Applications\Torch.exe_.jpe"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Applications\Torch.exe_.jpg"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Torch.mkv_.mkv"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Torch.mov_.mov"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Torch.mp4_.mp4"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Torch.pdf_.pdf"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Applications\Torch.exe_.png"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA_http"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA_https"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Torch.vob_.VOB"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Applications\Torch.exe_.url"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA_mailto"="0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids]
"Torch.avi"=""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\OpenWithProgids]
"Torch.flv"=""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithList]
"e"="torch.exe"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"=""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithList]
"e"="torch.exe"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"=""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids]
"Torch.mkv"=""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids]
"Torch.mov"=""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids]
"Torch.mp4"=""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\OpenWithProgids]
"Torch.pdf"=""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"=""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\UserChoice]
"Progid"="Torch.torrent"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vob\OpenWithProgids]
"Torch.vob"=""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\ki\AppData\Local\Torch\Application\torch.exe"="0x5341435001000000000000000700000028000000086C0B002D460C0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000004ADA0500000000000600000006000000"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\.pdf]
"Torch.pdf_backup"="AcroExch.Document.11"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\.torrent]
"Torch.torrent_backup"="Torch.torrent"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\.torrent]
""="Torch.torrent"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\.webp\OpenWithProgids]
"TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA"=""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\ki\AppData\Local\Torch\Application\torch.exe.FriendlyAppName"="Torch"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\ki\AppData\Local\Torch\Application\torch.exe.ApplicationCompany"="Torch Media Inc."

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Magnet\DefaultIcon]
""=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe",0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Magnet\shell\open\command]
""=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe" -- "%1""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.avi]

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.avi\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.avi\shell\open]
""="Open with Torch"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.avi\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.flv]

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.flv\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.flv\shell\open]
""="Open with Torch"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.flv\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mkv]

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mkv\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mkv\shell\open]
""="Open with Torch"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mkv\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mov]

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mov\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mov\shell\open]
""="Open with Torch"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mov\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mp4]

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mp4\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mp4\shell\open]
""="Open with Torch"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mp4\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.pdf]

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.pdf\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.pdf\shell\open]
""="Open with Torch"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.pdf\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.torrent]

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.torrent\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.torrent\shell\open]
""="Open with Torch"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.torrent\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.vob]

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.vob\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.vob\shell\open]
""="Open with Torch"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.vob\shell\open\command]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe "%1""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA]

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA]
""="Torch HTML Document"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA\DefaultIcon]
""="C:\Users\ki\AppData\Local\Torch\Application\torch.exe,0"

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA\shell\open\command]
""=""C:\Users\ki\AppData\Local\Torch\Application\torch.exe" -- "%1""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Wow6432Node\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\LocalServer32]
""=""C:\Users\ki\AppData\Local\Torch\Application\42.0.0.10338\delegate_execute.exe""

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Wow6432Node\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\LocalServer32]
"ServerExecutable"="C:\Users\ki\AppData\Local\Torch\Application\42.0.0.10338\delegate_execute.exe"


===================== Suchergebnis für "Advanced SystemCare" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\IObit\Advanced SystemCare 7]


===================== Suchergebnis für "AskToolbar" ==========

[HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Ask.com]
"RegPath"="Software\AskToolbar\Macro"


====== Ende von Suche ======

Code:

ATTFilter

Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 8.02.2019
durchgeführt von ki (09-02-2019 15:11:02) Run:1
Gestartet von C:\Users\ki\Desktop
Geladene Profile: ki (Verfügbare Profile: ki & admin2 & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
Task: {005FF483-C399-428E-A248-A7C3C5E6A0B9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {0A2CDD30-4E5D-48F3-836B-07F074373B81} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {33E6120C-4918-44AA-A09A-2B9B9A32BB89} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {3BB027E6-5FB0-4822-9C29-CB9BB40F6418} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {4599A38A-6DDB-4005-AF09-2E350148931E} - \iolo System Checkup -> Keine Datei <==== ACHTUNG
Task: {4CFBA724-AC35-40F1-9AA6-5C59074C32F4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {5C83D2C2-4240-41BE-B399-E2B666121C70} - System32\Tasks\{9B161523-A1AB-49C1-8A95-D1DA0838C8A0} => C:\Windows\system32\pcalua.exe -a C:\Users\ki\Downloads\__setup\origin\EAProxyInstaller.exe -d C:\Users\ki\Downloads\__setup\origin
Task: {5E24DEE7-0319-4D5B-A92C-72A8AA0CE3D3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {61930305-F19E-4022-A0F5-9AFE4DA72D21} - System32\Tasks\{693DFF4A-33D2-4688-945B-E58745A679E2} => E:\Setup.exe
Task: {6C0903E5-E081-49B5-A180-CBDFBD47EA5C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {711158E6-B06F-471B-86C7-24188A5B82C1} - System32\Tasks\{0648C2C1-134B-44D0-8B68-2EF0E75BBA7D} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {786E9AC0-E9C9-4121-BE57-6D0374AEEED1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {86BF9FEA-246B-4BF8-8D0F-35C7E87D2CC9} - System32\Tasks\{69F8A2B6-FF3E-4FAA-A527-BBE452D2D6FD} => E:\Setup.exe
Task: {8DCA13C7-79D3-4267-BB09-F3CD32B45F31} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {932C4323-7164-4A14-81E7-96EC6F502B77} - System32\Tasks\{7CE09119-BA9C-40FC-B6CF-D788A2EAE78A} => E:\Setup.exe
Task: {A085CFC0-820A-42E8-9DB3-135E1E5EE0BE} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {B1755605-0002-40BC-A59E-ED40228951C7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C930D8A9-9D5E-4B82-9426-574EF5568749} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {F553CEE9-0C11-49B7-8685-9C48DBBE33D4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C8F09960-D197-4F28-A1BC-FD496E178B92} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
C:\Program Files (x86)\Norton Internet Security CBE
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
CMD: ipconfig /flushdns
CMD: netsh winsock reset
RemoveProxy:
EmptyTemp:

*****************

HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8 => erfolgreich entfernt
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => erfolgreich verschoben
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.0 => erfolgreich entfernt
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => nicht gefunden
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => nicht gefunden
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => erfolgreich entfernt
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{005FF483-C399-428E-A248-A7C3C5E6A0B9}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{005FF483-C399-428E-A248-A7C3C5E6A0B9}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A2CDD30-4E5D-48F3-836B-07F074373B81}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A2CDD30-4E5D-48F3-836B-07F074373B81}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33E6120C-4918-44AA-A09A-2B9B9A32BB89}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33E6120C-4918-44AA-A09A-2B9B9A32BB89}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BB027E6-5FB0-4822-9C29-CB9BB40F6418}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BB027E6-5FB0-4822-9C29-CB9BB40F6418}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4599A38A-6DDB-4005-AF09-2E350148931E}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4599A38A-6DDB-4005-AF09-2E350148931E}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iolo System Checkup" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CFBA724-AC35-40F1-9AA6-5C59074C32F4}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CFBA724-AC35-40F1-9AA6-5C59074C32F4}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C83D2C2-4240-41BE-B399-E2B666121C70}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C83D2C2-4240-41BE-B399-E2B666121C70}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{9B161523-A1AB-49C1-8A95-D1DA0838C8A0} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9B161523-A1AB-49C1-8A95-D1DA0838C8A0}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E24DEE7-0319-4D5B-A92C-72A8AA0CE3D3}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E24DEE7-0319-4D5B-A92C-72A8AA0CE3D3}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61930305-F19E-4022-A0F5-9AFE4DA72D21}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61930305-F19E-4022-A0F5-9AFE4DA72D21}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{693DFF4A-33D2-4688-945B-E58745A679E2} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{693DFF4A-33D2-4688-945B-E58745A679E2}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C0903E5-E081-49B5-A180-CBDFBD47EA5C}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C0903E5-E081-49B5-A180-CBDFBD47EA5C}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{711158E6-B06F-471B-86C7-24188A5B82C1}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{711158E6-B06F-471B-86C7-24188A5B82C1}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{0648C2C1-134B-44D0-8B68-2EF0E75BBA7D} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0648C2C1-134B-44D0-8B68-2EF0E75BBA7D}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{786E9AC0-E9C9-4121-BE57-6D0374AEEED1}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786E9AC0-E9C9-4121-BE57-6D0374AEEED1}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86BF9FEA-246B-4BF8-8D0F-35C7E87D2CC9}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86BF9FEA-246B-4BF8-8D0F-35C7E87D2CC9}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{69F8A2B6-FF3E-4FAA-A527-BBE452D2D6FD} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{69F8A2B6-FF3E-4FAA-A527-BBE452D2D6FD}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8DCA13C7-79D3-4267-BB09-F3CD32B45F31}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DCA13C7-79D3-4267-BB09-F3CD32B45F31}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{932C4323-7164-4A14-81E7-96EC6F502B77}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{932C4323-7164-4A14-81E7-96EC6F502B77}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{7CE09119-BA9C-40FC-B6CF-D788A2EAE78A} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7CE09119-BA9C-40FC-B6CF-D788A2EAE78A}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A085CFC0-820A-42E8-9DB3-135E1E5EE0BE}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A085CFC0-820A-42E8-9DB3-135E1E5EE0BE}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1755605-0002-40BC-A59E-ED40228951C7}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1755605-0002-40BC-A59E-ED40228951C7}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C930D8A9-9D5E-4B82-9426-574EF5568749}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C930D8A9-9D5E-4B82-9426-574EF5568749}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F553CEE9-0C11-49B7-8685-9C48DBBE33D4}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F553CEE9-0C11-49B7-8685-9C48DBBE33D4}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8F09960-D197-4F28-A1BC-FD496E178B92}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8F09960-D197-4F28-A1BC-FD496E178B92}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Norton Internet Security CBE\Norton Error Processor => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Internet Security CBE\Norton Error Processor" => erfolgreich entfernt
"C:\Program Files (x86)\Norton Internet Security CBE" => nicht gefunden
================== ExportKey: ===================

[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths]

=== Ende von ExportKey ===

========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 315060051 B
Java, Flash, Steam htmlcache => 442240235 B
Windows/system/drivers => 684680 B
Edge => 10946752 B
Chrome => 7602563 B
Firefox => 457696033 B
Opera => 56042236 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 147134 B
LocalService => 0 B
NetworkService => 908 B
NetworkService => 0 B
ki => 18937387 B
admin2 => 373803 B
DefaultAppPool => 0 B

RecycleBin => 23692 B
EmptyTemp: => 1.2 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 15:16:39 ====

libaki · 09.02.2019, 16:28

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 8.02.2019
durchgeführt von ki (Administrator) auf KI-PCMEDION2012 (09-02-2019 16:00:29)
Gestartet von C:\Users\ki\Desktop
Geladene Profile: ki (Verfügbare Profile: ki & admin2 & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Genie9) C:\Program Files\Genie9\Zoolz2\ZoolzService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\FABS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\ki\Desktop\FRST64(1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [177928 2018-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754416 2018-11-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4785640 2018-11-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4231160 2019-01-29] (Steganos Software GmbH -> Steganos Software GmbH)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-03-18] (Apple Inc. -> Apple Inc.)
HKLM\...\Drivers32: [vidc.ffds] => C:\WINDOWS\system32\ff_vfw.dll [127488 2013-03-13] ()
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [243746 2011-06-24] ()
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw64.dll [4035584 2012-07-01] (x264vfw project)
HKLM\...\Drivers32: [vidc.lags] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( )
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\...\Drivers32-x32: [vidc.ffds] => C:\WINDOWS\SysWOW64\ff_vfw.dll [112640 2013-03-13] ()
HKLM\...\Drivers32-x32: [vidc.xvid] => C:\WINDOWS\SysWOW64\xvidvfw.dll [242259 2011-06-24] ()
HKLM\...\Drivers32-x32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [4102656 2012-07-01] (x264vfw project)
HKLM\...\Drivers32-x32: [vidc.lags] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-11] (Google Inc -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2018-03-04]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{58f6ba5b-0000-0000-0000-500600000000}\bootwiz\asrm.bin

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{22e60306-d594-4276-8a62-50849289112a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b3c6bdab-6d75-49d3-871d-38b982e51877}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b3c6bdab-6d75-49d3-871d-38b982e51877}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: CHIP Best Deal BHO -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> C:\Program Files (x86)\chip\Internet Explorer\chip64.dll [2014-11-18] (Ciuvo GmbH -> )
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-18] (Google Inc -> Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Soda PDF 8 Helper -> {33779F20-17D7-4CC6-8248-78A4A78CEBFC} -> C:\Program Files (x86)\Soda PDF 8\creator-ie-helper.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Soda PDF Desktop Helper -> {A2792EEC-6618-4C4C-8ECF-B51ECB5DC2A1} -> C:\Program Files (x86)\Soda PDF Desktop\creator-ie-helper.dll [2017-03-23] (LULU Software -> LULU Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-18] (Google Inc -> Google Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: eXpert PDF 10 Helper -> {D9B7E477-2C0F-4BCA-B63F-9AF4E03D05E1} -> C:\Program Files (x86)\eXpert PDF 10\creator-ie-helper.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-04] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 15\SPMIEToolbar64.dll [2015-05-21] (Steganos Software GmbH -> Steganos Software GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-18] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Soda PDF 8 Toolbar - {A2689669-AD38-4AFD-B370-23E97E2B9D18} - C:\Program Files (x86)\Soda PDF 8\creator-ie-plugin.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 15\SPMIEToolbar.dll [2015-05-21] (Steganos Software GmbH -> Steganos Software GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-18] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Soda PDF Desktop Toolbar - {D53D09FE-B1AC-4EE8-AE26-FD43D8B4B62F} - C:\Program Files (x86)\Soda PDF Desktop\creator-ie-plugin.dll [2017-03-23] (LULU Software -> LULU Software)
Toolbar: HKLM-x32 - eXpert PDF 10 Toolbar - {570F0ABC-DF49-4A09-8687-79F921605B7A} - C:\Program Files (x86)\eXpert PDF 10\creator-ie-plugin.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-06-01] (Skype Software Sarl -> Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515 [2019-02-09]
FF Homepage: Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515 -> hxxps://www.google.de/
FF Extension: (WEB.DE MailCheck) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\browser-mailcheck@web.de.xpi [2018-12-31]
FF Extension: (Cliqz) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\cliqz@cliqz.com.xpi [2019-01-30]
FF Extension: (iCloud-Lesezeichen) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\firefoxdav@icloud.com.xpi [2018-08-01]
FF Extension: (Xmarks Bookmark Sync) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\foxmarks@kei.com.xpi [2017-12-05]
FF Extension: (Trusted Shops-Erweiterung) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\jid1-PBNne26X1Kn6hQ@jetpack.xpi [2018-10-12]
FF Extension: (Web of Trust) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2018-06-27]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
FF Extension: (OkayFreedom) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2017-04-11]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [Legacy]
FF Extension: (WEB.DE MailCheck) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\browser-mailcheck@web.de.xpi [2019-01-24]
FF HKLM\...\Firefox\Extensions: [soda_pdf_8_conv@sodapdf.com] - C:\Program Files\Soda PDF 8\resources\sodapdf8firefoxextension
FF Extension: (Soda PDF 8 Creator) - C:\Program Files\Soda PDF 8\resources\sodapdf8firefoxextension [2016-01-20] [Legacy] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [expert_pdf_10_conv@expert-pdf.com] - C:\Program Files\eXpert PDF 10\resources\expertpdf10firefoxextension
FF Extension: (eXpert PDF 10 Creator) - C:\Program Files\eXpert PDF 10\resources\expertpdf10firefoxextension [2017-07-20] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-10] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 15\spmplugin3
FF Extension: (Steganos Password Manager) - C:\Program Files (x86)\Steganos Password Manager 15\spmplugin3 [2016-03-08] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-07-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-07-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: eXpert PDF 10 -> C:\Program Files (x86)\eXpert PDF 10\np-previewer.dll [2016-12-02] (Avanquest Software)
FF Plugin-x32: Soda PDF 8 -> C:\Program Files (x86)\Soda PDF 8\np-previewer.dll [2016-01-11] (LULU SOFTWARE LIMITED)
FF Plugin-x32: Soda PDF Desktop -> C:\Program Files (x86)\Soda PDF Desktop\np-previewer.dll [2017-03-23] (LULU Software)
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: @soe.sony.com/installer,version=1.0.3 -> C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\s3j4fal3.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: SkypePlugin -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi.dll [2015-09-14] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: SkypePlugin64 -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi-x64.dll [2015-09-14] (Skype Technologies S.A.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default [2019-02-09]
CHR Extension: (Bing Search Engine) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-05-02]
CHR Extension: (Avira Browserschutz) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-01-10]
CHR Extension: (Skype) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jhpokclhnekmjlhknfihmghoblfgfeog] - C:\Program Files (x86)\chip\Chrome\chip-1.4.21.crx [2014-11-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [9532288 2019-01-04] (Emsisoft Ltd -> Emsisoft Ltd)
S3 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] (Wolters Kluwer Deutschland GmbH -> )
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [4380176 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-14] (Apple Inc. -> Apple Inc.)
S3 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
S3 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99200 2015-08-10] (Alcohol Soft -> Alcohol Soft Development Team)
S3 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-25] (Digital Wave Ltd -> Digital Wave Ltd.) [Datei ist nicht signiert]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302160 2018-12-13] (ESET, spol. s r.o. -> ESET)
R2 ExeLock; C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE [469352 2015-10-15] (abylonsoft_CodeSign -> )
S3 eXpert PDF 10; C:\Program Files\eXpert PDF 10\ws.exe [2321608 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
S3 eXpert PDF 10 CrashHandler; C:\Program Files\eXpert PDF 10\crash-handler-ws.exe [921288 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
S3 eXpert PDF 10 Creator; C:\Program Files\eXpert PDF 10\creator-ws.exe [733384 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
S3 eXpert PDF 10 Manager; C:\ProgramData\Avanquest Software\eXpert PDF 10 Manager\eXpert PDF 10\eXpert PDF 10 Manager.exe [963832 2016-02-10] (Avanquest UK Ltd -> Avanquest Software)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
S4 GSService; C:\Windows\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
S4 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2012-09-14] () [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2018-06-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1765160 2018-11-23] (Acronis International GmbH -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [359944 2019-01-29] (Steganos Software GmbH -> Steganos Software GmbH)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2162064 2017-05-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3136920 2017-05-19] (Electronic Arts, Inc. -> Electronic Arts)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
S4 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-06-20] (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTMa\RpcAgentSrv.exe [76784 2015-12-20] (SiSoftware SPC -> SiSoftware) [Datei ist nicht signiert]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Flexera Software LLC -> Secunia)
S3 SODA Manager; C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe [873272 2015-08-11] (LULU SOFTWARE LIMITED -> LULU Software Limited)
S3 Soda PDF 8; C:\Program Files\Soda PDF 8\ws.exe [2263840 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
S3 Soda PDF 8 CrashHandler; C:\Program Files\Soda PDF 8\crash-handler-ws.exe [920352 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
S3 Soda PDF 8 Creator; C:\Program Files\Soda PDF 8\creator-ws.exe [733472 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
S3 Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2702184 2017-03-23] (LULU Software -> LULU Software)
S3 Soda PDF Desktop Creator; C:\Program Files\Soda PDF Desktop\creator-ws.exe [755048 2017-03-23] (LULU Software -> LULU Software)
R2 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-11-25] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 11 Deluxe OnlineUpdate; C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\StarMoneyOnlineUpdate.exe [750568 2018-12-03] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 11 OnlineUpdate; C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe [750568 2018-12-03] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
S4 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [19456 2013-03-06] (Clarus, Inc.) [Datei ist nicht signiert]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [6926040 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo for iOS\DriverInstall.exe [103576 2015-11-04] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare)
R2 Zoolz 2 Service; C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [477000 2018-12-16] (Genie9 LTD -> Genie9)
S3 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> ) [Datei ist nicht signiert]
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> ) [Datei ist nicht signiert]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-29] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-10-29] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2014-01-02] (iolo technologies, LLC -> EldoS Corporation)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-29] (ESET, spol. s r.o. -> ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
R1 epp; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp.sys [168032 2019-01-07] (Emsisoft Ltd -> Emsisoft Ltd)
R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37064 2018-04-06] (Emsisoft Ltd -> Emsisoft Ltd)
R1 eppwfp; C:\Program Files (x86)\Emsisoft Anti-Malware\eppwfp.sys [131952 2019-01-02] (Emsisoft Ltd -> Emsisoft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [667144 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 FSProFilter2; C:\WINDOWS\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (Alfa System Programming -> FSPro Labs)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-12-01] (Martin Malik - REALiX -> REALiX(tm))
S3 iaLPSSi_GPIO; C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128 2018-04-12] (Intel Corporation - Client Components Group -> Intel Corporation)
R3 ICCWDT; C:\WINDOWS\System32\drivers\ICCWDT.sys [39504 2018-12-01] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-02-07] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-02-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72864 2019-02-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-02-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-02-09] (Malwarebytes Corporation -> Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2013-02-25] (北京铠信神州科技有限责任公司 -> )
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] (Clarus, Inc. -> )
R3 MEIx64; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [195152 2016-04-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] (Clarus, Inc. -> )
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoi.inf_amd64_3235b21d5787151d\nvlddmkm.sys [17544792 2018-12-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2019-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia -> Secunia)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-09-30] (iolo technologies, LLC -> EldoS Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1122200 2019-01-20] (Realtek Semiconductor Corp. -> Realtek )
R3 RTL8192su; C:\WINDOWS\System32\drivers\RTL8192su.sys [687616 2018-04-12] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2018-12-01] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R1 SLEE_19_DRIVER; C:\Windows\Sleen1964.sys [117848 2014-10-24] (Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus) -> Softwareentwicklung Remus - ArchiCrypt - )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-10-22] (Synaptics Incorporated -> Synaptics Incorporated)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [162360 2016-12-12] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [885880 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [173536 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2013-12-12] (Paragon Software GmbH -> )
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2013-12-12] (Paragon Software GmbH -> )
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2013-12-12] (Paragon Software GmbH -> )
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [129008 2010-09-23] (CyberLink -> CyberLink)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

Error(1) reading file: "C:\Users\ki\Downloads\Erinnerung - Schriftliche Bestätigung Umbaumaßnahme "
2019-02-09 16:00 - 2019-02-09 16:02 - 000038869 _____ C:\Users\ki\Desktop\FRST.txt
2019-02-09 15:28 - 2019-02-09 15:57 - 000067203 _____ C:\Users\ki\Desktop\Search.txt
2019-02-09 15:22 - 2019-02-09 15:22 - 000000000 ___HD C:\WINDOWS\AxInstSV
2019-02-09 15:20 - 2019-02-09 15:20 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-02-09 15:20 - 2019-02-09 15:20 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-02-09 15:20 - 2019-02-09 15:20 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-02-09 15:20 - 2019-02-09 15:20 - 000072864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-02-09 15:11 - 2019-02-09 15:16 - 000018906 _____ C:\Users\ki\Desktop\Fixlog.txt
2019-02-09 15:10 - 2019-02-09 15:10 - 000000000 ____D C:\Users\ki\Desktop\FRST-OlderVersion
2019-02-09 15:08 - 2019-02-09 15:10 - 000000000 ____D C:\Users\ki\Desktop\alt-trojaner
2019-02-08 19:53 - 2019-02-08 19:53 - 000141625 _____ C:\Users\ki\Downloads\2019-KW07_Probenplan.pdf
2019-02-08 19:53 - 2019-02-08 19:53 - 000140829 _____ C:\Users\ki\Downloads\2019-KW08_Probenplan.pdf
2019-02-07 11:04 - 2019-02-07 11:04 - 000002588 _____ C:\Users\ki\Desktop\mbam.txt
2019-02-07 10:31 - 2019-02-07 10:31 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-02-07 10:31 - 2019-02-07 10:31 - 000000000 ____D C:\Users\ki\AppData\Local\mbamtray
2019-02-07 10:31 - 2019-02-07 10:31 - 000000000 ____D C:\Users\ki\AppData\Local\mbam
2019-02-07 10:30 - 2019-02-07 10:30 - 000001969 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-07 10:30 - 2019-02-07 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-07 10:30 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-02-07 10:30 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-07 10:24 - 2019-02-07 10:24 - 000011086 _____ C:\Users\ki\Desktop\AdwCleaner[C00].txt
2019-02-07 10:08 - 2019-02-07 10:14 - 000000000 ____D C:\AdwCleaner
2019-02-06 17:35 - 2019-02-06 17:35 - 000222836 _____ C:\Users\ki\Downloads\Tickets_956213.pdf
2019-02-06 17:01 - 2019-02-06 17:01 - 000222838 _____ C:\Users\ki\Downloads\attachment(4).pdf
2019-02-06 17:00 - 2019-02-06 17:01 - 000222845 _____ C:\Users\ki\Downloads\attachment(3)
2019-02-05 19:41 - 2019-02-05 19:41 - 000001146 _____ C:\Users\Public\Desktop\OkayFreedom.lnk
2019-02-05 11:26 - 2019-02-09 16:00 - 000000000 ____D C:\FRST
2019-02-05 11:25 - 2019-02-09 15:10 - 002434048 _____ (Farbar) C:\Users\ki\Desktop\FRST64(1).exe
2019-02-05 11:25 - 2019-02-05 11:25 - 002433024 _____ (Farbar) C:\Users\ki\Downloads\FRST64(1).exe
2019-02-05 10:55 - 2019-02-05 10:55 - 000380544 _____ C:\Users\ki\Downloads\2_1_Massage_und_Gleitgel_Aloe_Vera_300_ml_306207DR.pdf
2019-02-05 10:54 - 2019-02-05 10:54 - 000469643 _____ C:\Users\ki\Downloads\Soft_Touch_Vibrator_mit_gebogener_Spitze_12_5_cm_008896TO.pdf
2019-02-05 10:53 - 2019-02-05 10:53 - 000470912 _____ C:\Users\ki\Downloads\Vibrationsring_inklusive_Batterien_005666TO.pdf
2019-02-04 13:06 - 2019-02-04 13:06 - 000061450 _____ C:\Users\ki\Downloads\Berlin-Fahrt(1).pdf
2019-02-04 13:03 - 2019-02-04 13:03 - 000140167 _____ C:\Users\ki\Downloads\2019-KW06_Probenplan_korrigiert.pdf
2019-02-02 23:12 - 2019-02-02 23:12 - 000000000 ____D C:\cobirescue
2019-02-02 19:59 - 2019-01-08 22:06 - 009189024 _____ C:\notfall.lnx
2019-02-02 19:59 - 2017-12-11 14:15 - 000000828 _____ C:\menu.lst
2019-02-02 19:59 - 2011-10-17 07:38 - 000217769 _____ C:\grldr
2019-02-02 19:59 - 2011-10-17 07:38 - 000009216 _____ C:\grldr.mbr
2019-02-02 19:50 - 2019-02-03 17:33 - 000000000 ____D C:\Program Files (x86)\RescueLoader
2019-02-01 21:15 - 2019-02-01 21:15 - 000140162 _____ C:\Users\ki\Downloads\2019-KW06_Probenplan.pdf
2019-02-01 10:36 - 2019-02-01 10:36 - 001296877 _____ C:\Users\ki\Downloads\week-2019-05.pdf
2019-02-01 10:36 - 2019-02-01 10:36 - 001296877 _____ C:\Users\ki\Downloads\week-2019-05(1).pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000356541 _____ C:\Users\ki\Downloads\elternbrief februar 2019.pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000082979 _____ C:\Users\ki\Downloads\Schulkalender-2019-2020-querformat.pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000010787 _____ C:\Users\ki\Downloads\Ferienplan_2019-2020.pdf
2019-01-31 18:13 - 2019-01-31 18:13 - 000000000 ____D C:\ProgramData\StarFinanz
2019-01-30 23:23 - 2019-01-30 23:23 - 000000000 ____D C:\ProgramData\Mozilla
2019-01-29 21:02 - 2019-01-29 21:02 - 000667144 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector(354).sys
2019-01-29 21:02 - 2019-01-29 10:45 - 000667144 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector.sys
2019-01-29 12:41 - 2019-02-03 16:40 - 000000000 ____D C:\Users\ki\Documents\wsusoffline115-1
2019-01-29 12:06 - 2019-01-29 12:06 - 005155328 _____ C:\Users\ki\Downloads\windowsdefender1593dt.msi
2019-01-29 10:46 - 2019-01-29 10:46 - 003947888 _____ (Acronis) C:\WINDOWS\system32\auto_reactivate.exe
2019-01-29 10:18 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-25 17:52 - 2019-01-25 17:52 - 000225631 _____ C:\Users\ki\Downloads\Jahresplan2019-01_25_Domspatzen_Chöre.pdf
2019-01-25 17:51 - 2019-01-25 17:51 - 000142431 _____ C:\Users\ki\Downloads\2019-KW05_Probenplan.pdf
2019-01-25 13:12 - 2019-01-25 13:12 - 000002918 _____ C:\Users\ki\Downloads\transcript(1).txt
2019-01-25 12:57 - 2019-01-25 12:57 - 000000803 _____ C:\Users\ki\Downloads\transcript.txt
2019-01-25 09:29 - 2019-01-25 09:29 - 010245888 _____ (Acronis) C:\Users\ki\Downloads\AcronisBackup_12.5_web.exe
2019-01-25 09:12 - 2019-01-25 09:12 - 006322446 _____ C:\Users\ki\Downloads\Handbuch PC.pdf
2019-01-23 11:24 - 2019-01-23 11:24 - 000040214 _____ C:\Users\ki\Downloads\Erstinformation(1).pdf
2019-01-23 10:05 - 2019-01-23 10:05 - 000185089 _____ C:\Users\ki\Downloads\Abfuhrkalender_2019.pdf
2019-01-22 21:47 - 2019-01-22 21:47 - 000240290 _____ C:\Users\ki\Downloads\m4_01_familie_lustig.docx(2).pdf
2019-01-22 11:44 - 2019-01-22 11:44 - 000000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2019-01-22 11:43 - 2019-01-29 10:44 - 000243472 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\volume_tracker.sys
2019-01-22 11:43 - 2019-01-29 10:44 - 000001278 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2019-01-22 11:43 - 2019-01-22 11:43 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2416.sys
2019-01-22 11:43 - 2019-01-22 11:43 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2310.sys
2019-01-21 13:10 - 2019-01-21 13:10 - 001011355 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_e07a6baa9f52ad1b6963a254442483dc58bd2a77.pdf
2019-01-21 13:10 - 2019-01-21 13:10 - 001011262 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_ec8e07990905a7dd7e1afca71d5dad88d05e4810.pdf
2019-01-21 13:09 - 2019-01-21 13:09 - 001011273 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_18d258071d847432af70aa72224b6cfaaf3bfcf1.pdf
2019-01-21 13:08 - 2019-01-21 13:08 - 001011335 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_02603c2f33748c27dfd5db1112274d0dda0ec8ee.pdf
2019-01-21 12:50 - 2019-01-21 12:50 - 000088603 _____ C:\Users\ki\Downloads\AKD-73659465278.pdf
2019-01-21 12:47 - 2019-01-21 12:52 - 574094312 _____ C:\Users\ki\Downloads\AcronisTrueImage2018.exe
2019-01-21 12:34 - 2019-01-21 12:34 - 000088620 _____ C:\Users\ki\Downloads\AKD-73651673788.pdf
2019-01-19 09:11 - 2019-01-19 09:11 - 000186896 _____ C:\Users\ki\Downloads\2019-KW04_Probenplan.pdf
2019-01-19 09:09 - 2019-01-19 09:09 - 000621253 _____ C:\Users\ki\Downloads\Dispo2019-01_07_Eltern.pdf
2019-01-18 09:39 - 2019-01-18 09:39 - 000071091 _____ C:\Users\ki\Downloads\RG150508157000.pdf
2019-01-17 20:38 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-17 20:38 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-17 20:38 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-17 20:38 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-17 20:37 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-17 20:37 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-17 20:37 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-17 20:37 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-17 20:37 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-17 20:37 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-17 20:37 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-17 20:37 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-17 20:37 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-17 20:37 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-17 20:37 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-17 20:37 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-17 20:37 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-17 20:37 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase(405).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 001363536 ____N (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes(582).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-17 20:37 - 2019-01-01 08:13 - 000436024 ____N (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0(486).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-17 20:37 - 2019-01-01 08:12 - 002765344 ____N (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil(470).dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6(489).dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-17 20:37 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-17 20:37 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-17 20:37 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-17 20:37 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-17 20:37 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-17 20:37 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-17 20:37 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-17 20:37 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-17 20:37 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001549824 ____N (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv(480).dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000662528 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov(585).dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-17 20:37 - 2019-01-01 07:43 - 001805312 ____N (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-17 20:37 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon(545).dll
2019-01-17 20:37 - 2019-01-01 07:42 - 004939776 ____N (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet(576).dll
2019-01-17 20:37 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 001159680 ____N (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss(514).dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000899072 ____N (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos(472).dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase(593).dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil(602).dll
2019-01-17 20:37 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-17 20:37 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-17 20:37 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-17 20:37 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 004514816 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet(630).dll
2019-01-17 20:37 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-17 20:37 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-17 20:37 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-17 20:37 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-01-17 20:37 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-17 20:37 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-17 20:37 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-17 20:37 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-17 20:37 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-01-17 20:37 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-17 20:37 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-01-17 20:37 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-17 20:37 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-17 20:37 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-01-17 20:37 - 2018-12-14 07:54 - 006032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-01-17 20:37 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1(411).dll
2019-01-17 20:37 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-01-17 20:37 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-17 20:37 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-01-17 20:37 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-17 20:37 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-17 10:08 - 2019-01-17 10:08 - 000061450 _____ C:\Users\ki\Downloads\Berlin-Fahrt.pdf
2019-01-16 21:59 - 2019-01-16 21:59 - 000175691 _____ C:\Users\ki\Downloads\Tickets_946202.pdf
2019-01-16 21:57 - 2019-01-16 21:57 - 000175687 _____ C:\Users\ki\Downloads\attachment(2)
2019-01-16 11:45 - 2019-01-16 11:45 - 000046551 _____ C:\Users\ki\Downloads\InsuranceCertificate(1).pdf
2019-01-16 11:44 - 2019-01-16 11:44 - 000070434 _____ C:\Users\ki\Downloads\G6KHNL(1).pdf
2019-01-15 16:59 - 2019-01-15 16:59 - 000193894 _____ C:\Users\ki\Downloads\merkhilfe_fuer_das_fach_mathematik_standard(3).pdf
2019-01-15 16:59 - 2019-01-15 16:59 - 000193894 _____ C:\Users\ki\Downloads\merkhilfe_fuer_das_fach_mathematik_standard(2).pdf
2019-01-15 00:09 - 2019-01-15 00:09 - 000114408 _____ C:\Users\ki\Downloads\WhatsApp Image 2019-01-14 at 21.09.59.jpeg
2019-01-12 18:48 - 2019-01-17 10:48 - 000000000 ____D C:\Users\ki\Documents\BelegManager-Daten
2019-01-12 16:39 - 2019-01-12 16:39 - 000010495 _____ C:\Users\ki\Downloads\19elsdi1_elster_12.01.2019_16.36.pfx
2019-01-12 10:37 - 2019-01-12 10:37 - 000000000 ____D C:\Users\ki\AppData\Local\Phoenix360
2019-01-11 21:38 - 2019-01-11 21:38 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-01-11 21:38 - 2019-01-11 21:38 - 000002298 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2019-01-11 12:03 - 2019-01-11 12:03 - 000284090 _____ C:\Users\ki\Downloads\2017-05-24-einkommensteuerrechtliche-behandlung-von-vorsorgeaufwendungen_.pdf
2019-01-11 12:03 - 2019-01-11 12:03 - 000284090 _____ C:\Users\ki\Downloads\2017-05-24-einkommensteuerrechtliche-behandlung-von-vorsorgeaufwendungen_(1).pdf

==================== Ein Monat (geänderte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-02-09 15:57 - 2018-05-02 06:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-09 15:54 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-09 15:22 - 2016-11-18 06:21 - 000000000 ____D C:\Users\ki\AppData\LocalLow\Mozilla
2019-02-09 15:18 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-09 15:15 - 2014-07-16 07:22 - 000000000 ____D C:\Users\ki\AppData\LocalLow\Temp
2019-02-09 15:11 - 2018-05-02 07:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security CBE
2019-02-08 12:01 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-08 11:58 - 2018-05-01 22:00 - 000000000 ____D C:\WINDOWS\system32\msmq
2019-02-08 11:51 - 2016-01-08 21:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-02-07 16:33 - 2017-03-29 12:22 - 000000000 ____D C:\Program Files (x86)\StarMoney 11
2019-02-07 10:31 - 2015-02-14 13:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-07 10:30 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-07 10:14 - 2018-12-01 20:16 - 000000000 ____D C:\Users\ki\AppData\Roaming\IObit
2019-02-07 10:14 - 2014-03-01 11:12 - 000000000 ____D C:\Users\ki\AppData\LocalLow\IObit
2019-02-07 10:14 - 2014-03-01 11:08 - 000000000 ____D C:\ProgramData\IObit
2019-02-07 06:51 - 2017-11-04 18:26 - 000000000 ____D C:\Program Files (x86)\StarMoney 11 Deluxe
2019-02-07 06:50 - 2015-11-29 11:37 - 000000000 ____D C:\Program Files (x86)\StarMoney 10
2019-02-06 18:12 - 2014-03-01 11:12 - 000000000 ____D C:\ProgramData\ProductData
2019-02-06 17:18 - 2017-01-03 21:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-06 17:18 - 2016-12-16 10:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-06 08:46 - 2012-07-29 18:31 - 000000000 ____D C:\daten
2019-02-05 19:41 - 2018-03-07 10:22 - 000000000 ____D C:\Program Files (x86)\OkayFreedom
2019-02-05 19:41 - 2017-11-05 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2019-02-05 11:10 - 2017-01-03 21:27 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-03 18:03 - 2018-05-02 06:53 - 000000000 ____D C:\Users\ki
2019-02-03 17:52 - 2018-05-02 06:53 - 000000000 ____D C:\Users\DefaultAppPool
2019-02-03 17:52 - 2018-05-02 06:53 - 000000000 ____D C:\Users\admin2
2019-02-03 17:48 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\te-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\or-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\km-KH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\is-IS
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\id-ID
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\setup
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-02-03 17:48 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\be-BY
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\as-IN
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\IdentityCRL
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-02-03 17:39 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-02-03 17:39 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\servicing
2019-02-03 17:37 - 2018-06-13 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EverDoc
2019-02-03 17:37 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-03 17:37 - 2018-03-06 21:06 - 000000000 ____D C:\Users\ki\AppData\Local\ConnectedDevicesPlatform
2019-02-03 17:37 - 2017-03-02 13:40 - 000000000 ____D C:\Users\ki\AppData\Local\Nero_AG
2019-02-03 17:37 - 2017-03-01 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecom
2019-02-03 17:37 - 2016-11-16 19:51 - 000000000 ____D C:\Program Files\Soda PDF Desktop
2019-02-03 17:37 - 2015-11-13 11:31 - 000000000 ____D C:\Users\ki\Downloads\Soda PDF 8 Files
2019-02-03 17:37 - 2015-11-13 11:22 - 000000000 ____D C:\Users\ki\Documents\Soda PDF 8 Files
2019-02-03 17:37 - 2015-05-09 11:35 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-02-03 17:37 - 2014-08-07 18:11 - 000000000 ____D C:\Users\ki\Downloads\_abelsoft
2019-02-03 17:37 - 2014-08-07 16:36 - 000000000 ____D C:\Users\ki\AppData\Local\Abelssoft
2019-02-03 17:37 - 2013-03-13 07:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-02-03 17:37 - 2013-03-13 07:31 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-02-03 17:36 - 2018-04-08 22:31 - 000000000 ____D C:\Program Files\iTunes
2019-02-03 17:36 - 2017-05-10 19:44 - 000000000 ____D C:\Program Files (x86)\Yawcam
2019-02-03 17:36 - 2015-03-01 22:57 - 000000000 ____D C:\Program Files (x86)\WinHTTrack
2019-02-03 17:35 - 2013-03-13 07:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-02-03 17:34 - 2018-12-20 10:27 - 000000000 ____D C:\Program Files (x86)\AntiRansomware
2019-02-03 17:34 - 2018-06-13 21:46 - 000000000 ____D C:\PrinterPlusPlus
2019-02-03 17:34 - 2017-05-06 21:14 - 000000000 ____D C:\Program Files (x86)\ The Secret Legacy DE
2019-02-03 17:34 - 2017-04-15 14:36 - 000000000 ____D C:\Program Files (x86)\Everdoc
2019-02-03 17:34 - 2016-12-08 00:14 - 000000000 ____D C:\Program Files (x86)\Abelssoft Undeleter
2019-02-03 17:34 - 2016-08-06 19:42 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0
2019-02-03 17:34 - 2015-12-31 11:31 - 000000000 ____D C:\Program Files (x86)\Anki-Latein
2019-02-03 17:34 - 2015-06-21 11:12 - 000000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2019-02-03 17:34 - 2011-07-18 21:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-03 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-02-03 17:00 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-03 16:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\registration
2019-02-03 16:40 - 2014-12-05 09:12 - 000000000 ____D C:\Users\ki\AppData\Roaming\Steganos
2019-02-03 16:35 - 2012-08-12 12:57 - 000000000 __RHD C:\MSOCache
2019-02-02 19:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-02 13:53 - 2018-05-03 11:31 - 000000000 ____D C:\Users\ki\AppData\Local\D3DSCache
2019-01-31 21:01 - 2018-11-27 16:45 - 000000000 ____D C:\Program Files\rempl
2019-01-31 10:04 - 2013-08-04 19:55 - 000000000 ____D C:\Users\ki\AppData\Local\ElevatedDiagnostics
2019-01-29 21:01 - 2016-07-29 11:36 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file(358).sys
2019-01-29 21:01 - 2015-11-26 11:36 - 000173536 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter(357).sys
2019-01-29 10:46 - 2016-01-11 21:51 - 000290520 _____ (Acronis International GmbH) C:\WINDOWS\system32\snapapiar64.dll
2019-01-29 10:46 - 2016-01-11 21:51 - 000000000 _RSHD C:\bootwiz
2019-01-29 10:45 - 2015-11-26 11:17 - 000390592 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2019-01-29 10:45 - 2015-11-26 11:10 - 000000000 ____D C:\ProgramData\Acronis
2019-01-29 10:44 - 2016-07-29 11:36 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2019-01-29 10:44 - 2016-07-29 11:36 - 000001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2019-01-29 10:44 - 2015-11-26 11:36 - 000374264 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2019-01-29 10:44 - 2015-11-26 11:36 - 000173536 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2019-01-29 10:44 - 2015-11-26 11:16 - 000885880 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2019-01-29 10:44 - 2015-11-26 11:16 - 000693768 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2019-01-29 10:33 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI(407)
2019-01-29 10:25 - 2016-12-15 18:59 - 000001911 _____ C:\Users\ki\Desktop\System Mechanic - täglich.lnk
2019-01-29 10:20 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-24 12:18 - 2016-01-08 21:13 - 000000000 ____D C:\Users\ki\AppData\Local\Packages
2019-01-22 11:43 - 2012-10-12 13:40 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2019-01-21 10:41 - 2017-03-02 13:44 - 000000520 _____ C:\WINDOWS\Tasks\ki.job
2019-01-21 10:39 - 2017-03-02 13:44 - 000000382 _____ C:\WINDOWS\Tasks\ki NBAgent 6 0.job
2019-01-21 10:37 - 2017-03-02 13:41 - 000000552 _____ C:\WINDOWS\Tasks\ki Nero LIVEBackup 6 0.job
2019-01-21 10:32 - 2018-01-08 11:37 - 000001248 _____ C:\Users\ki\Desktop\Freecom Hard Drive Info.lnk
2019-01-20 22:57 - 2018-03-04 19:27 - 001122200 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2019-01-20 22:56 - 2018-03-04 19:16 - 000070024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2019-01-18 11:42 - 2012-11-18 18:30 - 000000000 ___RD C:\Users\ki\Documents\Scanned Documents
2019-01-17 21:58 - 2013-08-15 02:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-17 20:53 - 2011-07-18 21:31 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-17 20:50 - 2009-07-14 03:34 - 000000478 _____ C:\WINDOWS\win.ini
2019-01-17 12:39 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI(99)
2019-01-12 18:48 - 2012-10-03 17:09 - 000000000 ____D C:\Users\ki\AppData\Local\AAV
2019-01-12 18:48 - 2012-10-03 16:35 - 000000000 ____D C:\ProgramData\AAV
2019-01-12 17:46 - 2016-03-09 22:30 - 000000000 ____D C:\Users\ki\AppData\Roaming\elsterformular
2019-01-12 10:48 - 2018-03-22 17:38 - 000000000 ____D C:\ProgramData\Phoenix360
2019-01-12 10:37 - 2018-11-18 22:38 - 000002110 _____ C:\Users\Public\Desktop\System Mechanic.lnk
2019-01-12 10:37 - 2017-05-20 07:57 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-12 10:32 - 2014-08-04 15:14 - 000000000 ____D C:\Users\ki\AppData\Local\Downloaded Installations
2019-01-12 10:02 - 2012-10-03 17:09 - 000000000 ____D C:\Users\ki\Documents\Steuerfälle
2019-01-11 21:39 - 2017-07-19 07:10 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-11 21:37 - 2012-07-29 09:27 - 000000000 ____D C:\Program Files\Google
2019-01-11 21:37 - 2012-07-29 09:27 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-11 21:35 - 2017-07-18 08:09 - 000001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2019-01-11 21:35 - 2016-01-14 16:18 - 000000442 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1434372108.job
2019-01-11 21:35 - 2015-06-15 13:41 - 000000000 ____D C:\Program Files (x86)\Opera
2019-01-10 18:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-10-27 10:35 - 2013-10-27 10:35 - 000000432 _____ () C:\Users\ki\AppData\Roaming\.backup.dm
2014-06-30 23:20 - 2014-06-30 23:20 - 000000000 _____ () C:\Users\ki\AppData\Roaming\gdfw.log
2014-06-30 23:20 - 2014-06-30 23:20 - 000000779 _____ () C:\Users\ki\AppData\Roaming\gdscan.log
2014-01-10 10:51 - 2014-01-10 10:51 - 000000000 _____ () C:\Users\ki\AppData\Roaming\pdfconverter
2016-01-14 18:54 - 2015-12-08 15:13 - 015568896 _____ () C:\Users\ki\AppData\Roaming\Sandra.mdb
2017-11-17 10:34 - 2017-11-17 10:47 - 503043688 _____ () C:\Users\ki\AppData\Local\AcronisTrueImage2016_6595.exe
2016-01-10 20:43 - 2016-12-18 17:20 - 000007680 _____ () C:\Users\ki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-03-05 09:01 - 2018-03-06 22:46 - 000034048 _____ () C:\Users\ki\AppData\Local\parallels-pax.log
2013-07-07 19:23 - 2013-07-07 19:23 - 000007619 _____ () C:\Users\ki\AppData\Local\Resmon.ResmonCfg
2012-07-29 18:31 - 2012-07-29 18:31 - 000017408 _____ () C:\Users\ki\AppData\Local\WebpageIcons.db

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\dllhost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dllhost.exe => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-05-02 06:41

==================== Ende von FRST.txt ============================

--- --- ---

libaki · 09.02.2019, 16:30

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 8.02.2019
durchgeführt von ki (09-02-2019 16:03:01)
Gestartet von C:\Users\ki\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-05-02 06:14:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admin2 (S-1-5-21-453296214-1327697751-653560176-1007 - Administrator - Enabled) => C:\Users\admin2
Administrator (S-1-5-21-453296214-1327697751-653560176-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-453296214-1327697751-653560176-503 - Limited - Disabled)
Gast (S-1-5-21-453296214-1327697751-653560176-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-453296214-1327697751-653560176-1006 - Limited - Enabled)
ki (S-1-5-21-453296214-1327697751-653560176-1001 - Administrator - Enabled) => C:\Users\ki
WDAGUtilityAccount (S-1-5-21-453296214-1327697751-653560176-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Abelssoft Undeleter (HKLM-x32\...\{1FB7B731-3479-4128-8299-A53922E47675}_is1) (Version: 4.0 - Abelssoft)
abylon APP-BLOCKER 2015.5 (Privatversion) (HKLM-x32\...\abylonprotectionmanagerapp-blocker_is1) (Version: 2015.5 - abylonsoft)
abylon BASIC 16.00.2 (Privatversion) (HKLM\...\abylonprotectionmanagerbasic_is1) (Version: 16.00.2 - abylonsoft)
Acronis True Image (HKLM-x32\...\{97F880B8-30EB-4E94-A142-0D2AE3601BC8}) (Version: 23.4.14690 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{97F880B8-30EB-4E94-A142-0D2AE3601BC8}Visible) (Version: 23.4.14690 - Acronis)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - )
Anki (HKLM-x32\...\Anki) (Version:  - )
AntiRansomware 2018 (HKLM-x32\...\AbAppId-82_is1) (Version: 18.1 - Abelssoft)
Any Video Converter 6.1.5 (HKLM-x32\...\Any Video Converter) (Version: 6.1.5 - Anvsoft)
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A05FDFEC-4377-49E0-82CB-B6D1386E89DA}) (Version: 11.3.0.9 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.11 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 2.0.0.8 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Botanicula (HKLM-x32\...\Botanicula) (Version: 1.0 - Amanita Design, s.r.o.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CHIP Best Deal (HKLM-x32\...\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}) (Version: 1.4.21 - Ciuvo GmbH)
Cole2k Media - Codec Pack (Advanced) 8.0.2 (HKLM-x32\...\Cole2k Media - Codec Pack) (Version: 8.0.2 - Cole2k Media)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.53.0 - OEM) Hidden
concept/design onlineTV 15 (HKLM-x32\...\{C9F7D843-78C5-4A81-A350-D39F00E80178}_is1) (Version: 15.18.12.1 - concept/design GmbH)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden
Cut Out 3.0 (HKLM-x32\...\Cut Out_is1) (Version:  - Franzis.de)
Cut Out pro 4.0 (HKLM\...\Cut Out pro 4_is1) (Version:  - Franzis.de)
Cut Out pro 4.0 (HKLM-x32\...\Cut Out pro 4_is1) (Version:  - Franzis.de)
CutOut 5.0 professional (HKLM\...\CutOut 5 professional_is1) (Version: 5.0 - Franzis.de)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.2408 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Das große Franzis Know-how-Paket DIGITALE FOTOGRAFIE (HKLM-x32\...\Das große Franzis Know-how-Paket DIGITALE FOTOGRAFIE_is1) (Version:  - )
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 2.4.2.14 - INTENIUM GmbH)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.11.64.1020 - Electronic Arts Inc.)
Driver Easy 5.6.0 (HKLM\...\DriverEasy_is1) (Version: 5.6.0 - Easeware)
EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.1.7.20160205 - Landesfinanzdirektion Thüringen)
EmRegSysSetup (HKLM-x32\...\{F981214A-0688-45E0-9329-B08BB26B74F9}) (Version: 1.6.0.1306 - Engelmann GmbH) Hidden
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
Erbschaftsplaner (HKLM-x32\...\{8ECA57C8-5C32-4196-B84B-C05818D5CB88}) (Version: 9.01.4 - Wolters Kluwer Deutschland GmbH)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 11.0.159.0 - ESET, spol. s r.o.)
EverDoc 2018 (HKLM-x32\...\{CE690D98-4029-4620-879D-8018BF9CFBEC}_is1) (Version: 3.26 - Abelssoft)
EverDoc Printer++ (64bit) (HKLM\...\{D8156771-98B2-4A23-8122-C904F2410DF1}) (Version: 1.0.0 - Printer++)
eXpert PDF 10 Asian Fonts Pack (HKLM\...\{E56F569B-E087-4408-BAC8-EAFF9808C40B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Convert Module (HKLM\...\{14EAE63C-8627-4FAC-89CD-E1BC5F6BE400}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Create Module (HKLM\...\{7A58AA20-FCA7-47AD-B766-1DC0E363E514}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Edit Module (HKLM\...\{04F3C8D3-E68A-420E-955C-D6EA51434DD3}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Forms Module (HKLM\...\{8E26322E-3348-4BC7-AA55-7E7A82A3391B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Insert Module (HKLM\...\{50DF4766-CCD7-4BEB-B46F-728F6526077F}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 OCR Module (HKLM\...\{13E8528E-D6ED-459E-AEB2-CC0E8E68962A}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Review Module (HKLM\...\{39B5B664-DD6B-4397-83B3-BFF70B18B8B5}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Secure Module (HKLM\...\{FB5E4A8D-421B-47A1-82DE-28630F24476B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 View Module (HKLM\...\{CAB4BBED-DD47-4857-8E46-C34F3B295080}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
File Repair (HKLM-x32\...\File Repair_is1) (Version:  - File Repair)
FileFusion 2018 (HKLM-x32\...\8FFF2B94-7E68-4C49-8CF8-46C7AC3033B9_is1) (Version: 1.22 - Abelssoft)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Formatwandler 2014 (HKLM-x32\...\{c27f2a3d-93d7-4112-b0ba-424b59be1ad2}) (Version: 6.0.5060.20182 - S.A.D.)
Formatwandler2014Setup (HKLM-x32\...\{34F7D819-71A6-420A-9DBB-0FF9A3DBF108}) (Version: 6.0.0.1311 - Engelmann Media GmbH) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.16.525 - Digital Wave Ltd)
Freecom Hard Drive Info 1.05 (HKLM-x32\...\Freecom Hard Drive Info_is1) (Version:  - Freecom)
Freecom Product Update 1.06 (HKLM-x32\...\Freecom Product Update_is1) (Version:  - Freecom)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HDR projects photo (64-Bit) (HKLM\...\HDR_PROJECTS_2_1_3BF7CE82_is1) (Version: 2.26 - Franzis Verlag GmbH)
HDX4DirectShowFilter (HKLM-x32\...\{EED2BE94-5D8F-4D1B-AECC-88F645262E68}) (Version: 1.0.0.1305 - Engelmann GmbH) Hidden
iCloud (HKLM\...\{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}) (Version: 7.4.0.111 - Apple Inc.)
Incomedia WebSite X5 v11 - Compact (HKLM-x32\...\{C6AE8967-DF23-42DF-B362-8263A5496338}_is1) (Version: 11.0.8.31 - Incomedia s.r.l.)
Incomedia WebSite X5 v11 - Home (HKLM-x32\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.2.14 - Incomedia s.r.l.)
Incomedia WebSite X5 v12 - Home (HKLM-x32\...\{D25ADC00-2219-495D-A577-F14D1BE72756}_is1) (Version: 12.0.9.30 - Incomedia s.r.l.)
InfoBibliothek (HKLM-x32\...\{F5FB4B71-6301-11D4-9AD1-00A0C9B0C5F6}) (Version:  - Akademische Arbeitsgemeinschaft)
InfoBibliothek 2 (HKLM-x32\...\{78D7D7CD-A06B-4514-ACBD-8055BF945A8E}) (Version: 1.08.03.01 - Akademische Arbeitsgemeinschaft Verlag Wolters Kluwer GmbH)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
iTunes (HKLM\...\{BC437DDC-48E8-4089-9EA0-58414984466E}) (Version: 12.7.4.76 - Apple Inc.)
JackKeane2 (HKLM-x32\...\JackKeane2) (Version:  - )
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeyDepot (HKLM\...\KeyDepot_is1) (Version: 3.20 - Abelssoft)
K-Lite Mega Codec Pack 10.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Lern-o-Mat (HKLM-x32\...\{37BFAE1E-D0E3-4C98-905C-FBBC4305843E}) (Version:  - )
Macromedia Dreamweaver MX 2004 (HKLM-x32\...\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}) (Version: 7.0 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.5 - Macromedia)
Macromedia Fireworks MX 2004 (HKLM-x32\...\{E583ED6F-BD99-4066-A420-C815BF692B69}) (Version: 7 - Macromedia)
Macromedia Flash MX 2004 (HKLM-x32\...\{2F353D44-73BB-4971-B31D-F7642E9E9531}) (Version: 7 - Macromedia)
Macromedia FreeHand MXa (HKLM-x32\...\{939740B5-0064-4779-854A-8C1086181C05}) (Version: 11.0.1 - Macromedia)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (HKLM\...\{4745C004-7D5D-42BB-816A-79BF29C3A65C}) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{4745C004-7D5D-42BB-816A-79BF29C3A65C}) (Version: 4.3.2.0 - MAGIX Software GmbH)
MAGIX Music Maker 2013 (HKLM\...\{E7F7CA64-C0FC-4499-BC4D-C764E24CA67B}) (Version: 19.0.7.67 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2013 (HKLM-x32\...\MX.{E7F7CA64-C0FC-4499-BC4D-C764E24CA67B}) (Version: 19.0.7.67 - MAGIX Software GmbH)
MAGIX Music Maker 2013 Trial Soundpools (HKLM\...\{D826D424-4166-40D5-A70C-9C3A78F01ACD}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2013 Plus (HKLM\...\{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}) (Version: 12.0.1.4 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Plus (HKLM-x32\...\MAGIX_{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}) (Version: 12.0.1.4 - MAGIX AG)
MAGIX Video deluxe 2016 Plus (HKLM\...\{E2795C69-E7BE-4AD7-AD29-77DD7E9263C2}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Plus (HKLM\...\MX.{E2795C69-E7BE-4AD7-AD29-77DD7E9263C2}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Plus Update (HKLM\...\{90158760-3F6F-495C-999D-645767BCEF2C}) (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Plus Update (HKLM\...\{9C94F5B0-D567-4FE8-BCE3-EE1BE03BF1EE}) (Version: 15.0.0.77 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus 2013 Update (HKLM\...\{E6FD1013-27CC-4122-96EE-5E2ED42B3C40}) (Version: 12.0.4.2 - MAGIX AG) Hidden
MAGIX Video easy SE (HKLM\...\{D0498EA9-0858-4E1B-B25A-C907ACD15E67}) (Version: 3.0.1.41 - MAGIX AG) Hidden
MAGIX Video easy SE (HKLM-x32\...\MAGIX_{D0498EA9-0858-4E1B-B25A-C907ACD15E67}) (Version: 3.0.1.41 - MAGIX AG)
Malwarebytes Version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manager (HKLM-x32\...\{330A7F6B-389D-4E1B-9746-791FEED7C126}) (Version: 10.0.3.26918 - Avanquest Software) Hidden
MatheAss 8.2 (HKLM-x32\...\MatheAss_is1) (Version:  - MatheAss)
MatheGrafix 10 (Version 10.2) (HKLM-x32\...\MatheGrafix 10_is1) (Version:  - )
Medion Home Cinema (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.) Hidden
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 65.0 (x64 de) (HKLM\...\Mozilla Firefox 65.0 (x64 de)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
mufin player 2.5 (HKLM\...\{56BE895E-C1B1-4692-B030-200AB920AA98}) (Version: 2.5.1.255 - mufin GmbH) Hidden
mufin player 2.5 (HKLM-x32\...\MAGIX_{56BE895E-C1B1-4692-B030-200AB920AA98}) (Version: 2.5.1.255 - mufin GmbH)
My Lockbox 3.9 (HKLM\...\My Lockbox_is1) (Version: 3.9 - )
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
MyKeyFinder 2018 (HKLM-x32\...\{c6396ed4-bdba-4f98-8739-767cb6bd16e6}_is1) (Version: 7.2 - Abelssoft)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
NebenkostenAbrechnung (HKLM-x32\...\{DD7B3EBE-EB93-493C-9400-1E4EE8A3889A}) (Version: 4.02.6 - Akademische Arbeitsgemeinschaft)
NebenkostenAbrechnung 2016 (HKLM-x32\...\{8033F294-375C-4FCC-9080-48A9460D9A98}) (Version: 5.01.6 - Akademische Arbeitsgemeinschaft)
NebenkostenAbrechnung 2017 (HKLM-x32\...\{AA1E9035-0D45-4052-AED6-83E1D55450B7}) (Version: 6.02.3 - Wolters Kluwer Deutschland GmbH)
NebenkostenAbrechnung 2018 (HKLM-x32\...\{A1E71C08-087A-47C7-88BD-80A1F58DA606}) (Version: 7.01.5 - Wolters Kluwer Deutschland GmbH)
NebenkostenBerater (HKLM-x32\...\{C53576FF-2304-499E-8595-BECFA97C5ADC}) (Version: 1.00.4 - Akademische Arbeitsgemeinschaft)
Nero BackItUp 11 Essentials CDPack (HKLM-x32\...\{BD0516DD-705C-441F-A30D-1CC289895309}) (Version: 11.0.00200 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
NetObjects Fusion 12.0 (HKLM-x32\...\{0354854F-F8B8-4AA8-9944-93A1A5533DD2}) (Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (HKLM-x32\...\{051F9CB0-1499-4A0E-A861-CB19A5AAA906}) (Version: 12.00.5000.5041 - NetObjects) Hidden
NetObjects Fusion 12.0 (HKLM-x32\...\{B962E962-6369-4F66-AF35-79CB39270D12}) (Version: 12.00.5000.5041 - NetObjects) Hidden
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.8.5 - Steganos Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paragon Drive Copy™ 14 Professional (HKLM\...\{24371D30-7CFF-11DE-B053-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PC-WELT Datensafe Version 3.0.1.3632 (HKLM-x32\...\PC-WELT Datensafe 1_is1) (Version: 3.0.1.3632 - PC-WELT)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Speed Converter (HKLM\...\{EC38DB84-B902-4F2D-92D7-297E4E3A0A2A}_is1) (Version: 1.0 - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PhotoFilmStrip 2.0.0 (HKLM-x32\...\PhotoFilmStrip_is1) (Version: 2.0.0 - Jens Gï¿½pfert)
PhotoFilmStrip 3.0.2 (HKLM\...\PhotoFilmStrip_is1) (Version: 3.0.2 - Jens Göpfert)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Readiris Pro 14 (HKLM-x32\...\{64A9C130-E372-48E9-B31E-E04A42382751}) (Version: 14.00.5526 - I.R.I.S.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8351 - Realtek Semiconductor Corp.)
RipTiger Extras 4.5.4 (HKLM-x32\...\{2EE6D53B-957E-48d1-801B-0B7DE81BACED}_is1) (Version: 4.5.4 - cyan soft ltd)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.148 - Clarus)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.01.16.02 - Samsung Electronics Co., Ltd.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.23.04 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.26.00 - Samsung Electronics Co., Ltd.)
Samsung SCX-472x Series (HKLM-x32\...\Samsung SCX-472x Series) (Version:  - Samsung Electronics Co., Ltd.)
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Schülerdatei (HKLM-x32\...\Schülerdatei_is1) (Version:  - )
Scratch 2 Offline Editor (HKLM-x32\...\{8EC964DA-D411-7B20-A99B-9962713680F1}) (Version: 255 - MIT Media Lab) Hidden
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 446 - MIT Media Lab)
Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.18.9 - NVIDIA Corporation) Hidden
SiSoftware Sandra Lite 2016.RTMa (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2596}_is1) (Version: 22.15.2016.1 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{8A9079EA-59DE-491F-937A-D421399B7762}) (Version: 7.6.0.295 - Skype Technologies S.A.)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Soda Manager (HKLM-x32\...\{C7C04652-1CE7-4790-AF71-F37C082C4044}) (Version: 8.0.0.0 - LULU Software Limited) Hidden
Soda PDF 8 Asian Fonts Pack (HKLM\...\{214DC3BA-0E51-401B-9FAC-512186CBE08B}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Business Module (HKLM\...\{FB66BC19-19C5-4211-855C-BFE388EBE773}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Convert Module (HKLM\...\{FDF19452-6439-43B3-AF1F-E84C301D7956}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Create Module (HKLM\...\{82994364-3EA2-4B4E-8265-A7A60E18254F}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Edit Module (HKLM\...\{DEBA93B7-89BE-41F3-8AB7-5A7BC2B56D2F}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Forms Module (HKLM\...\{5EDF1F34-0447-454C-BADB-E209EF0F6639}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Insert Module (HKLM\...\{B9AA0685-D11B-48B4-BDAE-190C5A696DD0}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 OCR Module (HKLM\...\{E972E48E-1F99-44BD-9018-02A61452D7D5}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Review Module (HKLM\...\{800C215F-F077-4F1D-9E69-BDDF9B1D990A}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Secure Module (HKLM\...\{0D76BDF5-298A-4387-93A4-EFFE4D61E0AF}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 View Module (HKLM\...\{AF490208-AD16-4608-82FE-4DC173321645}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF Desktop Asian Fonts Pack (HKLM\...\{5F6367B4-01D5-49B3-BDDE-57DEC193B11D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Convert Module (HKLM\...\{1E41EF6F-EDCD-41FA-8221-48B1BC58B61D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Create Module (HKLM\...\{5034E38F-CF0F-4886-B774-DF168A7BA5C0}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Edit Module (HKLM\...\{A40CDD7A-2708-4591-BD85-075BA6BAB453}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Forms Module (HKLM\...\{BE9C0706-9862-4DD0-BFE9-93951C197D8D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Insert Module (HKLM\...\{1A11B1AA-C1DA-4D51-85D2-B378BA07951C}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop OCR Module (HKLM\...\{A5FBED78-28E5-4652-98DA-EDD1302760D8}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Review Module (HKLM\...\{3F07016A-5061-4E3E-A62B-34362F9C3C63}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Secure Module (HKLM\...\{AF5B847F-6E87-4E8A-AEB8-33ACA3DE25C5}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop View Module (HKLM\...\{1210F4F8-B9D8-4956-BADD-FE9D74CB89BF}) (Version: 9.1.17.32812 - LULU Software) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StarMoney (HKLM-x32\...\{113B170E-9109-4EF0-8D70-4596A68E1873}) (Version: 6.0.0.313 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{1FCBD504-AB7D-4757-9A14-850348384B08}) (Version: 3.0.0.124 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{2E6951AE-6A91-4D23-959C-BA407FED3704}) (Version: 6.0.0.313 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{5A6DB7C1-E646-4842-A562-49C5EB8F2B47}) (Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{5C1209B1-FA1D-40D3-BA13-4ED9F0F31002}) (Version: 6.0.1.83 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{99D7711E-74BE-4920-8088-CB785D4C406F}) (Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{BA8CA518-A9B4-485C-AEE0-22E3F0E0E5F6}) (Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{E2F2B987-F2BC-4969-95F2-92099486B811}) (Version: 3.0.0.124 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{E771D898-9A06-4EEF-B84D-B2DB75080F3E}) (Version: 6.0.1.83 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{F902AB2B-7816-4CBD-A385-F2549F62956B}) (Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 10  (HKLM-x32\...\{1C51BBA9-A010-4098-AD87-D414CF872E12}) (Version: 10 - Star Finanz GmbH)
StarMoney 11  (HKLM-x32\...\{D81DBDD1-5FF9-48D1-8791-ACFF23AEC017}) (Version: 11 - Star Finanz GmbH)
StarMoney 11 Deluxe  (HKLM-x32\...\{E151227E-E09D-4657-9D64-58F2B4114F5D}) (Version: 11 - Star Finanz GmbH)
StarMoney 8.0  (HKLM-x32\...\{F5E1ED93-1898-41ED-B971-4F0F8E40FAF4}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0  (HKLM-x32\...\{B204FCA1-735D-4E6C-852F-050148A2B49A}) (Version: 9.0 - Star Finanz GmbH)
StartupStar (HKLM-x32\...\{C8A6121E-BE35-418D-91EF-A9536DA70B36}_is1) (Version: 9.0 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steganos Password Manager 15 (HKLM-x32\...\{B8F35E03-DC02-4CAB-AEF2-577B4CA25E8A}) (Version: 15.2.5 - Steganos Software GmbH)
Steganos Safe 16 (HKLM-x32\...\{F0EC576B-4985-4B60-929B-63F646BAAC1B}) (Version: 16.1 - Steganos Software GmbH)
Steganos Safe 17 (HKLM-x32\...\{F5545FAD-705B-4252-B7DD-E437044A15E1}) (Version: 17.1.2 - Steganos Software GmbH)
Steganos Safe 18 (HKLM-x32\...\{0A81476E-6553-443B-B34F-0BFE17ACAFFB}) (Version: 18.0.2 - Steganos Software GmbH)
SterJo Key Finder (HKLM-x32\...\{2F6B7734-A549-47B2-BE8D-CCB422F4EA9D}_is1) (Version: 1.8 - SterJo Software)
SteuerBerater 2014-2015 (HKLM-x32\...\{57FFBFD1-3865-4357-9A6F-3035EA807A17}) (Version: 15.09.0 - Akademische Arbeitsgemeinschaft)
SteuerBerater 2015-2016 (HKLM-x32\...\{342BD7F7-8BBD-403A-B09B-F3361A1365E3}) (Version: 15.11.0 - Akademische Arbeitsgemeinschaft)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{0DD6CFE2-C3A7-4286-A362-B13BC8AD553F}) (Version: 17.09.0 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{CADF44B6-B8A2-4398-B8FA-EDD157589B81}) (Version: 18.09.1 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.16.113 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.41.113 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2017  (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.37.88 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2018 (HKLM-x32\...\{A1D1FDBD-02F9-49B6-9EB2-2DC6B1D37E16}) (Version: 23.35.52 - Wolters Kluwer Deutschland GmbH)
Steuer-Spar-Erklärung Plus 2012 (HKLM-x32\...\{3BCDCC6A-3A47-4883-8A0C-55AC061316CB}) (Version: 17.17.11 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung Plus 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.43.178 - Akademische Arbeitsgemeinschaft)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Mechanic (HKLM-x32\...\{95129D61-FF52-4FA8-A403-3E31FC5D9696}) (Version: 18.5.1.208 - iolo technologies, LLC)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Secret Legacy DE Version 1.11 (HKLM-x32\...\{20067A8B-9363-45B9-B5D3-7845B276EBAF}_is1) (Version: 1.11 - )
The Silver Lining (HKLM-x32\...\{26ED4308-E0A5-4AE2-A1BC-7A55BC7DD32F}) (Version: 4.0.0 - Phoenix Online)
Toolbar Terminator (HKLM-x32\...\Toolbar Terminator_is1) (Version: 2.06 - Abelssoft)
Unmechanical (HKLM\...\UDK-c913fb41-1b8a-467f-9499-8ab2dd1ba145) (Version:  - Talawa Games - Teotl Studios)
Unsterbliche Liebe: Eine Vampirgeschichte (Vollversion) (HKLM-x32\...\Unsterbliche Liebe: Eine Vampirgeschichte (Vollversion)) (Version: 0.0.0.0 - INTENIUM GmbH)
Update for Skype for Business 2015 (KB4461557) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{BB7D10A9-A135-4EB8-82F1-8A25FEB1B327}) (Version:  - Microsoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WebM Project Directshow Filters (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\webmdshow) (Version:  - )
WhatsApp (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\WhatsApp) (Version: 0.2.6426 - WhatsApp)
Willi 2.130 (HKLM-x32\...\Willi_is1) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinFunktion Mathematik plus 20 (HKLM-x32\...\{CDBA97DF-63B9-44E7-B900-92E8165260C0}) (Version: 1.00.0000 - bhv Publishing GmbH)
WinHTTrack Website Copier 3.48-19 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinX HD Video Converter Deluxe 5.12.1 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WinX MediaTrans (HKLM-x32\...\WinX MediaTrans) (Version: 3.2 - Digiarty Software, Inc.)
Wondershare TunesGo Retro ( Version 4.8.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.8.3 - Wondershare)
Wondershare Video Converter Platinum HD 2012(Build 5.1.3.1) (HKLM-x32\...\Wondershare Video Converter Platinum HD 2012_is1) (Version:  - Wondershare Software)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Yawcam 0.6.0 (HKLM-x32\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version: 0.6.0 - Yawcam)
Zoolz2 (HKLM-x32\...\Zoolz2) (Version: 2.1 - Genie9)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-453296214-1327697751-653560176-1001_Classes\CLSID\{04419CEE-76E5-4487-B32E-68C0FD0C07E4}\InprocServer32 -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ContextMenuHandlers1: [!NetFax0] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax1] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax2] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax3] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax4] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax5] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax6] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax7] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Keine Datei
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [eXpertPDF10_ManagerExt] -> {0D0BC151-74FD-4755-8F00-5CAD33DEB334} => C:\Program Files\eXpert PDF 10\creator-context-menu.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2015-08-31] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\x64\Incinerator.dll [2018-12-14] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-03-18] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1-x32: [SodaPDF8_ManagerExt] -> {3515E187-6607-4A1B-B616-26C7A7B4B32A} => C:\Program Files\Soda PDF 8\creator-context-menu.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
ContextMenuHandlers1-x32: [SodaPDFDesktop_ManagerExt] -> {526A2ADD-BD9B-40E5-9D45-75EF6313FCE4} => C:\Program Files\Soda PDF Desktop\context-menu.dll [2017-03-23] (LULU Software -> LULU Software)
ContextMenuHandlers1-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> Keine Datei
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2-x32-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2-x32-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2-x32-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2-x32-x32: [SteganosShellExtension] -> {FAE0A3E0-3010-41BA-9DDC-A631394F047F} => C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll [2014-08-27] (Steganos Software GmbH -> )
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3-x32: [SteganosShellExtension] -> {FAE0A3E0-3010-41BA-9DDC-A631394F047F} => C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll [2014-08-27] (Steganos Software GmbH -> )
ContextMenuHandlers3-x32: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Keine Datei
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\x64\Incinerator.dll [2018-12-14] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers4: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers6-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {017C2C94-4CAA-4479-8296-FA8237A76850} - System32\Tasks\{9CADD5AC-73EF-4AA4-BF15-C0220579CE08} => E:\UnmechanicalSetup.exe
Task: {07A2F410-0531-4518-B8E5-7C272634E1DB} - System32\Tasks\{E9D3106E-6A84-4C00-8C62-0D26D5B04A63} => C:\Riot Games\League of Legends\lol.launcher.exe
Task: {097C36B8-81DC-4BEA-919A-FD1C4C233811} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B2D7193-55BB-4AD0-BC9F-81910C75C9C2} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
Task: {0ED6EE64-CE9B-4B46-B09A-7EEE89FC490D} - System32\Tasks\{D55ED03E-EEAA-4724-9CF2-642C1745D0A0} => E:\Setup.exe
Task: {11976B1A-6D81-4209-A629-549A0F6BD412} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {19C1E80E-17B2-4866-AACF-EBD28B3CB91D} - System32\Tasks\{73B123F4-BB1A-4A78-9729-19DCC02943B8} => E:\UnmechanicalSetup.exe
Task: {1AA9EB57-B2A6-48FF-91E9-85F9F760FD79} - System32\Tasks\{9590372A-2D8A-4BF2-A579-A131305D9F3F} => E:\Setup.exe
Task: {210E3939-4E2C-4133-9318-A8F73EC00F0D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {22E0B6FD-6449-4877-8198-29734A3D091D} - System32\Tasks\{C1705EBC-84AD-48C0-9BAE-2C8F6A90D8CB} => E:\Setup.exe
Task: {270ACFEE-6BC2-480A-AE0A-6A82B2FAFC95} - System32\Tasks\Opera scheduled Autoupdate 1434372108 => C:\Program Files (x86)\Opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
Task: {2D6FB77B-67CF-4F7F-AA3C-70EDF20D237E} - System32\Tasks\{BFCF381A-450A-469C-ADDE-6F6B5F57D06C} => E:\Setup.exe
Task: {3435508B-53E3-49E6-A408-0A18572B4B6F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: {3930E452-5948-4A0A-BD8A-AA3E1AE53656} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B6A2309-D4C0-4A87-B670-CF5B8479F344} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {45B409AD-034D-4F23-A99B-072DEF830C85} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {46642FC4-9B88-4BFF-BCF9-8FA05171DD63} - System32\Tasks\{90A50835-D061-4E5A-B55D-AA819B9BF2D2} => E:\setup.exe
Task: {57F069D5-4C9F-4526-A80C-7F959EBE9C36} - System32\Tasks\Driver Booster SkipUAC (ki) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {582CE772-BC1A-4AAE-95A9-612E3F71F407} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5AD4B854-D0B1-4B16-9AEF-91CD1C477465} - System32\Tasks\{0522FF20-425B-4A33-9F00-A67F6020D2D1} => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe [2013-03-06] (Clarus, Inc. -> Clarus, Inc.)
Task: {6F363371-5ED9-4E16-A65A-DBC8F673B26A} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: {72BBEF92-3230-482B-BB2E-2D66919CAE87} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7C1072AC-E5C1-4958-96E6-B4C18EA10170} - System32\Tasks\{6596D6D0-D533-4230-B0DE-897090408593} => E:\setup.exe
Task: {803D698F-2E53-48EF-875C-2278DF667F47} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {81C9863B-7FA7-4B5B-8724-6D0B80E88929} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {86CB65FD-A669-46AB-8C40-44EA1B66F7A8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [2015-12-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {8B06F82D-A2F9-4620-B1CD-9FE4061DC117} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {95FD1E60-E0CE-45D0-8DAF-4CB256A794E9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {9DD09A7E-1129-4EE7-8921-B6081EA3D2D7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {A62730A4-775A-4CAB-A3A5-95E691C893FD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6420339-7020-4EA4-B0B8-6FF817DEA3F7} - System32\Tasks\{B80F7492-C5BB-48E2-A3F7-F0F78A8A97AE} => E:\Setup.exe
Task: {AC19F91D-88FB-4EE8-BCB3-9E436C9D4173} - System32\Tasks\{B7E5C3C4-CC9E-4E82-A368-A6ACB2EC3612} => C:\Program Files (x86)\PurpleHills\Hinter dem Spiegel 2 - Die Rache der Hexe\Hinter dem Spiegel 2 - Die Rache der Hexe.exe
Task: {AD7FAB58-15DC-4E7D-A4E1-60EE5974B9B7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF420AC6-CA29-4854-8452-097F3807D77A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B56855C3-CFA8-4744-90DD-C08B87E79145} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B5F353CE-6293-49C1-8158-8E7C22EB387F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B96C9C24-70D6-46E5-A7F3-75692D7EFF8F} - System32\Tasks\{3D04DC53-894A-434C-B973-CD7DF46009F7} => E:\Setup.exe
Task: {BC1F3F6C-F1E2-42CC-BA42-212625E078DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc -> Google Inc.)
Task: {BD2B3A81-5556-404C-80F1-DD22E14AB662} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDBDC914-38F2-46FF-BD95-416907B1EE4B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDF5C7EC-5DB2-4E20-A738-75EEB5769C36} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BF55D50F-4BD1-4281-8081-6E07C392CE0D} - System32\Tasks\{5253A38C-6B14-4535-A833-A02146A8D6DE} => E:\Setup.exe
Task: {C563629E-5497-4215-BC3B-DD04C07296C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C5CEF710-B82C-4803-9A56-EA0E655E94C6} - System32\Tasks\{77F5C58B-2213-42ED-9C3C-F3F5240FC611} => E:\UnmechanicalSetup.exe
Task: {CCD1963F-9C59-4686-AC1B-2DCDF36F512C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CF301B6E-11D9-471A-B3D2-C39BE39108AF} - System32\Tasks\{D41300D7-0B44-4C90-8A23-41DF48B40F61} => C:\Program Files (x86)\PurpleHills\Hinter dem Spiegel 2 - Die Rache der Hexe\Hinter dem Spiegel 2 - Die Rache der Hexe.exe
Task: {D24F4A6C-D68F-4228-A0D3-396DBF5E0385} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5CEE429-72A3-4AF6-8FC9-4B8CA91CDD4D} - System32\Tasks\{270FB380-866E-41F6-8DEA-26B1B4ED881E} => E:\Setup.exe
Task: {D6BDD73A-E61D-4BC5-A3B1-DDEA50ADEDA0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8CECB80-90EB-48A3-AFCA-A1EFE96085E2} - System32\Tasks\Abelssoft\ToolbarTerminator Background Guard => C:\Program Files (x86)\ToolbarTerminator\TTBackgroundGuard.exe [2015-10-20] (Microsoft) [Datei ist nicht signiert]
Task: {DEE376CD-0049-412E-B9B3-C92B20E40170} - System32\Tasks\{6E62401D-3F6D-44C0-BC9E-E20A595F5953} => E:\Setup.exe
Task: {DF357ABB-C54F-4F80-846D-CB69F21A717E} - System32\Tasks\chipSWU => cscript.exe "C:\Program Files (x86)\chip\Internet Explorer\swu.vbs"
Task: {E03A5ED7-5F84-4B56-922C-07176FA9CCAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc -> Google Inc.)
Task: {E0A2C520-6FE9-4E4E-95C8-33B4BE9805D0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E6127866-8945-4453-B377-341872E47C62} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E7EAF5F9-12E0-4299-A829-013AA1BC8025} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe
Task: {EDCBC82A-6F80-4802-BADA-9E31595766CC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F0BD0592-FDCA-4385-84FC-E0BD7AFC8AA7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FDBB2CC5-172D-41B6-8B30-DC1538CBEE93} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DriverMax Notification.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\DriverMaxAgent.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\DriverMaxWelcome.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d25980b04c1a1a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ki NBAgent 6 0.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
Task: C:\WINDOWS\Tasks\ki Nero LIVEBackup 6 0.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe C:\Users\ki\AppData\Roaming\Nero\Nero 11\Nero BackItUp\Files\ki Nero LIVEBackup.nji
Task: C:\WINDOWS\Tasks\ki.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe C:\Users\ki\AppData\Roaming\Nero\Nero 11\Nero BackItUp\Files\ki.nji
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1434372108.job => C:\Program Files (x86)\Opera\launcher.exe
Task: C:\WINDOWS\Tasks\StartupStar Firewall.job => C:\Program Files (x86)\StartupStar\StartupStar.exe
Task: C:\WINDOWS\Tasks\Zoolz Start Backup.job => C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-07-26 10:42 - 2013-07-26 10:42 - 000034304 _____ () C:\WINDOWS\System32\ssa3mlm.dll
2018-12-01 20:36 - 2018-12-01 20:36 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2015-08-10 16:58 - 2015-11-16 16:18 - 000020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 001157592 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 005835168 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-14 10:06 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2014-08-27 16:02 - 2014-08-27 16:02 - 000226656 _____ () C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 000754416 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2018-11-23 13:02 - 2018-11-23 13:02 - 004785640 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2019-01-29 10:45 - 2019-01-29 10:45 - 006299944 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2015-12-05 17:39 - 2015-10-15 11:50 - 000469352 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE
2015-12-05 17:39 - 2015-09-28 20:06 - 003275624 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPCmn32x64.dll
2015-12-05 17:39 - 2015-09-28 20:06 - 002462568 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPToolsx64.dll
2015-12-05 17:39 - 2015-09-28 20:06 - 000320360 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPLangx64.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 007128176 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2018-04-12 17:22 - 2018-04-12 17:22 - 000475136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-04-12 17:22 - 2018-04-12 17:22 - 023358976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 015622144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 003101696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-04-12 17:19 - 2018-04-12 17:19 - 004698840 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.23.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-23 12:59 - 2018-11-23 12:59 - 000099896 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schdevid.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 002386352 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\xerces_c.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000277538 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000160168 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\libevent.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 012280336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2018-11-23 12:12 - 2018-11-23 12:12 - 000820440 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp.dll
2018-11-23 12:01 - 2018-11-23 12:01 - 000144400 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2018-11-23 12:27 - 2018-11-23 12:27 - 001450728 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp_ex.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 000413712 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2018-11-23 12:56 - 2018-11-23 12:56 - 023053136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2018-11-23 12:23 - 2018-11-23 12:23 - 000177416 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\archive3_adapter.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 000271392 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\pcs_io.dll
2018-11-23 12:09 - 2018-11-23 12:09 - 000042928 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\winpthreads4.dll
2018-11-23 12:09 - 2018-11-23 12:09 - 000225312 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\zstd.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 001087784 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\schedule.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 000055312 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 000261336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2018-06-18 19:12 - 2018-06-18 19:12 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll
2018-11-23 12:00 - 2018-11-23 12:00 - 000680480 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\archive3.dll
2018-11-23 12:59 - 2018-11-23 12:59 - 003516192 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2018-11-23 12:59 - 2018-11-23 12:59 - 001168536 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\services_mms_addon.dll
2016-12-16 13:26 - 2016-01-28 15:33 - 001058624 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\libxml2.dll
2016-12-16 13:26 - 2011-01-13 11:44 - 000232800 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\PATCHW32.dll
2018-12-20 21:53 - 2018-11-13 07:15 - 001059304 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\libxml2.dll
2018-12-20 21:53 - 2017-01-23 17:49 - 000232800 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\PATCHW32.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000085992 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\zlib1.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000143336 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\lzma.dll
2018-12-18 09:38 - 2018-11-13 07:15 - 001059304 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\libxml2.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000143336 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\lzma.dll
2018-12-18 09:38 - 2017-01-23 16:49 - 000232800 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\PATCHW32.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000085992 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\zlib1.dll
2018-11-23 13:02 - 2018-11-23 13:02 - 000746216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:2AE74FF9 [149]
AlternateDataStreams: C:\ProgramData\Temp:A8185163 [179]
AlternateDataStreams: C:\ProgramData\Temp:CBAF0C30 [170]
AlternateDataStreams: C:\Users\ki\Documents\Grundsicherung 2015.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\ki\Documents\Grundsicherung 2015.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-07-13 17:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\DATA\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\DATA;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Acronis\SnapAPI;C:\Program Files (x86)\Acronis\TrueImageHome;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.

MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: AAV UpdateService => 2
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: AxVirtualAHCISrv => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: eXpert PDF 10 Creator => 2
MSCONFIG\Services: eXpert PDF 10 Manager => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: prl_mobdisp => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SODA Manager => 2
MSCONFIG\Services: Soda PDF 8 Creator => 2
MSCONFIG\Services: Soda PDF Desktop Creator => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WiaRpc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Password Safe.lnk => C:\Windows\pss\Password Safe.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AshSnap => C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Snap\ashsnap.exe
MSCONFIG\startupreg: Clarus Drive Manager => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\ki\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SanDiskSecureAccess_Manager.exe => C:\Users\ki\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "abylon MANAGER.lnk"
HKLM\...\StartupApproved\StartupFolder: => "psi_tray.exe"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "EverDoc Printer++"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NBAgent"
HKLM\...\StartupApproved\Run32: => "OKAYFREEDOM Notifier"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\StartupFolder: => "abylon MANAGER.lnk"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "DriverMax_RESTART"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "Parallels Access"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

01-07-2018 22:37:12 Wiederherstellungsvorgang
15-07-2018 15:50:01 Windows Update
25-07-2018 17:29:47 alles ok
29-07-2018 15:38:13 Windows Update
29-07-2018 15:39:40 Windows Update
12-08-2018 15:56:07 Windows Update
17-08-2018 21:31:14 Windows Update
26-08-2018 15:51:41 Windows Update
02-09-2018 08:47:32 Windows Update
02-09-2018 08:48:56 Windows Update
10-09-2018 09:15:57 Windows Update
10-09-2018 09:17:39 Windows Update
30-09-2018 11:03:32 Windows Update
12-10-2018 08:58:14 Windows Update
15-10-2018 11:23:23 SteuerSparErklärung 2018 wurde installiert.
30-10-2018 11:20:32 Windows Update
30-10-2018 11:21:55 Windows Update
15-11-2018 09:19:01 Windows Update
27-11-2018 16:43:32 Windows Update
01-12-2018 20:53:07 nach treiberaktualisierung
14-12-2018 09:46:06 Windows Update
31-12-2018 21:23:01 Windows Update
17-01-2019 20:18:51 Windows Update
28-01-2019 09:08:13 Windows Update
29-01-2019 12:45:09 vor WSUS update
29-01-2019 14:23:23 Wiederherstellungsvorgang
03-02-2019 18:25:28 Windows Update
06-02-2019 18:11:20 Removed CHIP Best Deal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/09/2019 04:03:43 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-16T15:03:43Z. Fehlercode: 0x80041315.

Error: (02/09/2019 04:03:13 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-16T15:03:13Z. Fehlercode: 0x80041315.

Error: (02/09/2019 04:02:43 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-16T15:02:43Z. Fehlercode: 0x80041315.

Error: (02/09/2019 04:02:13 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-16T15:02:13Z. Fehlercode: 0x80041315.

Error: (02/09/2019 04:01:42 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-16T15:01:42Z. Fehlercode: 0x80041315.

Error: (02/09/2019 04:01:12 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-16T15:01:12Z. Fehlercode: 0x80041315.

Error: (02/09/2019 04:00:42 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-16T15:00:42Z. Fehlercode: 0x80041315.

Error: (02/09/2019 04:00:12 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-16T15:00:12Z. Fehlercode: 0x80041315.


Systemfehler:
=============
Error: (02/09/2019 03:23:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Synchronisierungshost_653ea" wurde mit folgendem Fehler beendet: 
In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (02/09/2019 03:22:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Synchronisierungshost_653ea" wurde mit folgendem Fehler beendet: 
In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (02/09/2019 03:19:49 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (02/09/2019 03:19:11 PM) (Source: sptd2) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (02/09/2019 02:40:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "OneSyncSvc_4bec2" wurde mit folgendem Fehler beendet: 
In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (02/09/2019 02:38:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "OneSyncSvc_4bec2" wurde mit folgendem Fehler beendet: 
In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (02/09/2019 02:36:41 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (02/09/2019 02:35:36 PM) (Source: sptd2) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.


CodeIntegrity:
===================================

Date: 2019-02-09 11:07:11.687
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:07:11.189
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:07:09.483
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:07:05.204
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:06:55.554
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:06:54.447
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:06:53.944
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:06:51.936
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 16365.64 MB
Verfügbarer physikalischer RAM: 11355.15 MB
Summe virtueller Speicher: 32749.64 MB
Verfügbarer virtueller Speicher: 27695.98 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:116.49 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:26.22 GB) NTFS

\\?\Volume{b0840d3d-72b6-11e1-81c4-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 58F6BA5B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== Ende von Addition.txt ============================

M-K-D-B · 09.02.2019, 20:49

Servus,

Hinweis: Der Suchlauf mit ESET kann länger ( >> 2 Stunden) dauern.

Schritt 1

Kopiere den gesamten Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
C:\ProgramData\IObit\ASCDownloader
C:\Windows.old\Users\ki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Keine Datei
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers1-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> Keine Datei
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers4: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers6-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
Task: {0B2D7193-55BB-4AD0-BC9F-81910C75C9C2} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
Task: C:\WINDOWS\Tasks\DriverMax Notification.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\DriverMaxAgent.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\DriverMaxWelcome.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
C:\Program Files (x86)\Innovative Solutions\DriverMax
AlternateDataStreams: C:\ProgramData\Temp:2AE74FF9 [149]
AlternateDataStreams: C:\ProgramData\Temp:A8185163 [179]
AlternateDataStreams: C:\ProgramData\Temp:CBAF0C30 [170]
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "DriverMax_RESTART"
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Ask.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\IObit\Advanced SystemCare 7
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Wow6432Node\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.vob
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.torrent
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.pdf
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mp4
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mov
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mkv
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.flv
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.avi
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA
DeleteKey: HKLM\Software\Classes\Torch.vob
DeleteKey: HKLM\Software\Classes\Torch.torrent
DeleteKey: HKLM\Software\Classes\Torch.pdf
DeleteKey: HKLM\Software\Classes\Torch.mp4
DeleteKey: HKLM\Software\Classes\Torch.mov
DeleteKey: HKLM\Software\Classes\Torch.mkv
DeleteKey: HKLM\Software\Classes\Torch.flv
DeleteKey: HKLM\Software\Classes\Torch.avi
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\TorchSetup-r285-n-bf(1).exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\TorchSetup-r285-n-bf(2).exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.webm\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pdf\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mfp\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpe\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jfif\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ico\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.gif\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dib\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\OpenWithList\Torch.exe
EmptyTemp:
End::

Starte nun FRST und klicke direkt den Entfernen Button. Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Bitte lade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro 32-Bit | HitmanPro 64-Bit

Starte die HitmanPro.exe.
Klicke auf Einstellungen.
Entferne den Haken bei Nach Tracking-Cookies suchen und bestätige mit OK.
Klicke auf Weiter.
Akzeptiere die Lizenzbedingungen und klicke auf Weiter.
Wähle Nein, ich möchte nur einen Einmalscan zur Überprüfung des Computers ausführen.
Entferne den Haken bei Bitte informieren Sie mich per E-Mail... und klicke auf Weiter.
Sobald der Scan beendet wurde, NICHTS löschen lassen, sondern wähle unten links auf der Button-Leiste Logdatei speichern.
Speichere die Logdatei auf deinem Desktop ab und schließe HitmanPro wieder.
Poste mir den Inhalt der Logdatei mit dieser nächsten Antwort.

Schritt 3
Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)

Starte die Installationsdatei.
Klicke auf Erste Schritte und akzeptiere die Nutzungsbedingungen.
Klicke wiederrum auf Erste Schritte, wähle die empfohlenen Einstellungen aus und klicke auf Weiter.
Wähle einen Vollständigen Scan aus, aktiviere die Erkennung von potentiell unerwünschten Anwendungen und klicke auf Prüfung starten.
Zuerst werden die notwendigen Module und Signaturen heruntergeladen, anschließend startet der Suchlauf automatisch.
Klicke am Ende des Suchlaufs zuerst auf Weiter. Im Scan-Bericht werden gegebenenfalls die gefundenen Elemente aufgelistet, klicke hier auf Scan-Log speichern und speichere das Ergebnis als eset.txt auf deinen Desktop ab, damit wir notfalls an die Ergebnisse noch kommen.
Klicke immer auf Weiter und beende ESET mit Ohne Feedback schließen.
Öffne die ausführliche Logdatei über die Tastenkombination WIN+R (ausführen), kopiere ins Textfeld folgendes hinein und klick dann auf OK.
Code:
ATTFilter
```
 notepad "%tmp%\log.txt"
         
```
Du solltest nun eine geöffnete Textdatei mit dem ausführlichen ESET-Log sehen - alles markieren mit STRG+A und hier in CODE-Tags posten.

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von HitmanPro,
die Logdatei von ESET,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

libaki · 10.02.2019, 21:19

Code:

ATTFilter

Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 8.02.2019
durchgeführt von ki (10-02-2019 10:45:11) Run:2
Gestartet von C:\Users\ki\Desktop
Geladene Profile: ki (Verfügbare Profile: ki & admin2 & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\ProgramData\IObit\ASCDownloader
C:\Windows.old\Users\ki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Keine Datei
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers1-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> Keine Datei
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers4: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers6-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Keine Datei
Task: {0B2D7193-55BB-4AD0-BC9F-81910C75C9C2} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
Task: C:\WINDOWS\Tasks\DriverMax Notification.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\DriverMaxAgent.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: C:\WINDOWS\Tasks\DriverMaxWelcome.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
C:\Program Files (x86)\Innovative Solutions\DriverMax
AlternateDataStreams: C:\ProgramData\Temp:2AE74FF9 [149]
AlternateDataStreams: C:\ProgramData\Temp:A8185163 [179]
AlternateDataStreams: C:\ProgramData\Temp:CBAF0C30 [170]
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "DriverMax_RESTART"
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Ask.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\IObit\Advanced SystemCare 7
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Wow6432Node\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.vob
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.torrent
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.pdf
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mp4
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mov
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mkv
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.flv
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.avi
DeleteKey: HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA
DeleteKey: HKLM\Software\Classes\Torch.vob
DeleteKey: HKLM\Software\Classes\Torch.torrent
DeleteKey: HKLM\Software\Classes\Torch.pdf
DeleteKey: HKLM\Software\Classes\Torch.mp4
DeleteKey: HKLM\Software\Classes\Torch.mov
DeleteKey: HKLM\Software\Classes\Torch.mkv
DeleteKey: HKLM\Software\Classes\Torch.flv
DeleteKey: HKLM\Software\Classes\Torch.avi
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\TorchSetup-r285-n-bf(1).exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\TorchSetup-r285-n-bf(2).exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.webm\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pdf\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mfp\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpe\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jfif\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ico\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.gif\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dib\OpenWithList\Torch.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\OpenWithList\Torch.exe
EmptyTemp:

*****************

C:\ProgramData\IObit\ASCDownloader => erfolgreich verschoben
C:\Windows.old\Users\ki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch => erfolgreich verschoben
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => nicht gefunden
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => erfolgreich entfernt
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => erfolgreich entfernt
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu => erfolgreich entfernt
HKLM\Software\Wow6432Node\Classes\CLSID\{A6FF0E3A-8437-482C-8E04-4F9E15C57538} => nicht gefunden
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation => erfolgreich entfernt
HKLM\Software\Wow6432Node\Classes\CLSID\{FEB746CA-95C2-485F-B386-C30D4E56D22E} => nicht gefunden
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => nicht gefunden
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{A6FF0E3A-8437-482C-8E04-4F9E15C57538} => nicht gefunden
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => nicht gefunden
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => nicht gefunden
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => erfolgreich entfernt
HKLM\Software\Wow6432Node\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => nicht gefunden
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu => erfolgreich entfernt
HKLM\Software\Wow6432Node\Classes\CLSID\{A6FF0E3A-8437-482C-8E04-4F9E15C57538} => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B2D7193-55BB-4AD0-BC9F-81910C75C9C2}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B2D7193-55BB-4AD0-BC9F-81910C75C9C2}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Internet Security CBE\Norton Error Analyzer" => erfolgreich entfernt
C:\WINDOWS\Tasks\DriverMax Notification.job => erfolgreich verschoben
C:\WINDOWS\Tasks\DriverMaxAgent.job => erfolgreich verschoben
C:\WINDOWS\Tasks\DriverMaxWelcome.job => erfolgreich verschoben
C:\Program Files (x86)\Innovative Solutions\DriverMax => erfolgreich verschoben
C:\ProgramData\Temp => ":2AE74FF9" ADS erfolgreich entfernt
C:\ProgramData\Temp => ":A8185163" ADS erfolgreich entfernt
C:\ProgramData\Temp => ":CBAF0C30" ADS erfolgreich entfernt
"HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\DriverMax_RESTART" => erfolgreich entfernt
"HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DriverMax_RESTART" => nicht gefunden
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Ask.com => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\IObit\Advanced SystemCare 7 => erfolgreich entfernt
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Wow6432Node\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160} => erfolgreich entfernt
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA => erfolgreich entfernt
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.vob => erfolgreich entfernt
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.torrent => erfolgreich entfernt
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.pdf => erfolgreich entfernt
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mp4 => erfolgreich entfernt
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mov => erfolgreich entfernt
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.mkv => erfolgreich entfernt
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.flv => erfolgreich entfernt
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Classes\Torch.avi => erfolgreich entfernt
HKEY_USERS\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Windows\CurrentVersion\App Paths\torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KU5EMPEJXXV5MS75EOGMQWCXNA => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.KH6RXXLCPUM5EKXKFM5CSU24HI => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TorchHTML.KU5EMPEJXXV5MS75EOGMQWCXNA => erfolgreich entfernt
HKLM\Software\Classes\Torch.vob => erfolgreich entfernt
HKLM\Software\Classes\Torch.torrent => erfolgreich entfernt
HKLM\Software\Classes\Torch.pdf => erfolgreich entfernt
HKLM\Software\Classes\Torch.mp4 => erfolgreich entfernt
HKLM\Software\Classes\Torch.mov => erfolgreich entfernt
HKLM\Software\Classes\Torch.mkv => erfolgreich entfernt
HKLM\Software\Classes\Torch.flv => erfolgreich entfernt
HKLM\Software\Classes\Torch.avi => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\TorchSetup-r285-n-bf(1).exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\TorchSetup-r285-n-bf(2).exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.webm\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pdf\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mfp\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpe\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jfif\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ico\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.gif\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dib\OpenWithList\Torch.exe => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\OpenWithList\Torch.exe => erfolgreich entfernt

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15012975 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 75436 B
Edge => 92491 B
Chrome => 0 B
Firefox => 218639746 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5414 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
ki => 159882 B
admin2 => 0 B
DefaultAppPool => 0 B

RecycleBin => 264496 B
EmptyTemp: => 232.2 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 10:46:02 ====

Code:

ATTFilter

HitmanPro 3.8.0.295
www.hitmanpro.com

   Computer name . . . . : KI-PCMEDION2012
   Windows . . . . . . . : 10.0.0.17134.X64/4
   User name . . . . . . : ki-PCmedion2012\ki
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2019-02-10 11:11:21
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 11m 49s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 8

   Objects scanned . . . : 4.624.294
   Files scanned . . . . : 256.969
   Remnants scanned  . . : 2.087.875 files / 2.279.450 keys

Suspicious files ____________________________________________________________

   C:\Users\ki\Desktop\alt-trojaner\FRST-OlderVersion\FRST64(1).exe
      Size . . . . . . . : 2.433.024 bytes
      Age  . . . . . . . : 5.0 days (2019-02-05 11:25:38)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 038D6432F1035F175B20FDD0D289311519BECAD82A2DCC95922CD31CE07C73F1
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\ki\Desktop\FRST-OlderVersion\FRST64(1).exe
          0.0s C:\Users\ki\Desktop\alt-trojaner\FRST-OlderVersion\FRST64(1).exe

   C:\Users\ki\Desktop\FRST-OlderVersion\FRST64(1).exe
      Size . . . . . . . : 2.433.536 bytes
      Age  . . . . . . . : 5.0 days (2019-02-05 11:25:38)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : B499E4FAAB046155CBBD1321E3B11FF1B25946428AF38F6D331BB55A81B06D79
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\ki\Desktop\FRST-OlderVersion\FRST64(1).exe
          0.0s C:\Users\ki\Desktop\alt-trojaner\FRST-OlderVersion\FRST64(1).exe

   C:\Users\ki\Desktop\FRST64(1).exe
      Size . . . . . . . : 2.434.048 bytes
      Age  . . . . . . . : 0.8 days (2019-02-09 15:10:48)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 003E9733FB7C848DCD43DF32D97F7924E812FB6AE611DB8C618BF7CFA3B89BD1
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\ki\Desktop\FRST64(1).exe
          1.4s C:\Users\ki\Desktop\FRST-OlderVersion\
         14.5s C:\Users\ki\Desktop\Fixlog.txt
         14.6s C:\FRST\Quarantine\C\
         14.6s C:\FRST\Quarantine\C\Program Files (x86)\VideoLAN\
         14.6s C:\FRST\Quarantine\C\Program Files (x86)\
         14.6s C:\FRST\Quarantine\C\Program Files (x86)\VideoLAN\VLC\

   C:\Users\ki\Desktop\Wondershare -Converter -Ordner\trojaner-board\FRST.exe
      Size . . . . . . . : 1.148.416 bytes
      Age  . . . . . . . : 1330.0 days (2015-06-21 11:11:57)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : D4DB614B0439A7D825FD43F1933CCEBE89303024A93F2EB61468D459359C371A
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

   C:\Users\ki\Downloads\FRST.exe
      Size . . . . . . . : 1.147.904 bytes
      Age  . . . . . . . : 1338.2 days (2015-06-13 07:22:53)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 50DCC98C1FA53E93E232BF9521A7620D2B5E4533F9A36D704B7AC25781D029D9
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

   C:\Users\ki\Downloads\FRST64(1).exe
      Size . . . . . . . : 2.433.024 bytes
      Age  . . . . . . . : 5.0 days (2019-02-05 11:25:11)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 038D6432F1035F175B20FDD0D289311519BECAD82A2DCC95922CD31CE07C73F1
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\ki\Downloads\FRST64.exe
      Size . . . . . . . : 2.108.928 bytes
      Age  . . . . . . . : 1338.2 days (2015-06-13 07:25:37)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 23B98F644F9BFE0B6E32E501CCA88839EA890F22C65C722198E6A4C3C421A628
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

   C:\WINDOWS\system32\auto_reactivate.exe
      Size . . . . . . . : 3.947.888 bytes
      Age  . . . . . . . : 12.0 days (2019-01-29 10:46:33)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 57171C423B891AD572F7E222B1F890A323B9C96652214A1DB1856553B751A959
      Product  . . . . . : Acronis AutoReactivate
      Publisher  . . . . : Acronis
      Description  . . . : AutoReactivate
      Version  . . . . . : 23,4,1,14690
      Copyright  . . . . : Copyright (C) 2000-2012 Acronis
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 23.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
         Time indicates that the file appeared recently on this computer.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
      Forensic Cluster
          0.0s C:\Windows\System32\auto_reactivate.exe
          3.7s C:\ProgramData\Acronis\TrueImageHome\Logs\NSB_2019-01-29-10-46-36.log
          8.8s C:\ProgramData\Acronis\Schedule2\2019.01.29-09.46.41.964-schedul2.exe-37EFA404-5F44-452B-A093-04CA98724CAB.log
          9.0s C:\ProgramData\Acronis\Schedule2\2019.01.29-09.46.42.136-schedhlp.exe-E288FDF2-C1FA-45AE-8AAC-5ABB02057D0A-S-1-5-5-0-312966.log
         10.0s C:\ProgramData\Acronis\TrueImageHome\Logs\atih_mms_addon_2019-01-29-10-46-43.log
         10.1s C:\ProgramData\Acronis\TrueImageHome\Logs\atih_services_addon_2019-01-29-10-46-43.log
         15.5s C:\ProgramData\Acronis\TrueImageHome\Logs\installer-7CE6A010-747D-4137-97C7-7FD4EE2EB455.log
         15.7s C:\ProgramData\Acronis\TrueImageHome\Logs\NSB_2019-01-29-10-46-48.log
         16.6s C:\ProgramData\Acronis\TrueImageHome\Logs\installer-2861ACAA-CE60-4BA7-8F3C-F9BECD76718B.log

Code:

ATTFilter

11:40:54 # product=EOS
# version=8
# esetonlinescanner_deu.exe=3.0.17.0
# country="Germany"
# lang=1031
11:43:53 Updating
11:43:53 Update Init
11:44:04 Update Download
11:51:50 esets_scanner_reload returned 0
11:51:50 g_uiModuleBuild: 40343
11:51:50 Update Finalize
11:51:50 Call m_esets_charon_send
11:51:50 Call m_esets_charon_destroy
11:51:50 Updated modules version: 40343
11:52:01 Call m_esets_charon_setup_create
11:52:01 Call m_esets_charon_create
11:52:01 m_esets_charon_create OK
11:52:01 Call m_esets_charon_start_send_thread
11:52:01 Call m_esets_charon_setup_set
11:52:01 m_esets_charon_setup_set OK
11:52:01 Scanner engine: 40343
20:37:32 # product=EOS
# version=8
# flags=0
# av=3
# fw=7
# admin=1
# esetonlinescanner_deu.exe=3.0.17.0
# EOSSerial=ca869aa9fb33154fb5b23cf5a3242ad3
# engine=40343
# end=finished
# bannerClicked=0
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# sfx_checked=true
# utc_time=2019-02-10 19:37:32
# local_time=2019-02-10 20:37:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=10.0.17134 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10486175 101410512 0 0
# compatibility_mode_1='ESET Security'
# compatibility_mode=8271 16777213 100 100 39001 33215103 0 0
# compatibility_mode_1='Emsisoft Anti-Malware'
# compatibility_mode=16901 16777214 100 78 619358 242395918 0 0
# scanned=1166702
# found=27
# cleaned=27
# scan_time=31044
# stats_enabled=0
# scan_type=2
sh=53BA9645C4243F6FA90C825DDFA00A8912CFEE6F ft=1 fh=00000000055b6df8 vn="Win32/Toolbar.SearchSuite.W potenziell unerwünschte Anwendung,Variante von Win32/Toolbar.SearchSuite.X potenziell unerwünschte Anwendung,Variante von Win32/Toolbar.SearchSuite.T potenziell unerwünschte Anwendung,Win32/Toolbar.SearchSuite.AH potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Update\Download\TorchSetup.exe#26090331D8187116"
sh=C5B45068186CC75357BF8D9189A212B479DD89F2 ft=0 fh=0000000000002ae5 vn="Win32/Bundled.Toolbar.Ask.P potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne\11.40900_0\background\background.js#05CC77B2809735F9"
sh=A4C1FA6ED92FD1020A55CC83162398CC9415D20A ft=0 fh=00000000000012a7 vn="Win32/Bundled.Toolbar.Ask.Q potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne\11.40900_0\background\popup.js#ECC73BE0B0B7685B"
sh=F157627649942B60F5F02B1B84B4511091A4829C ft=0 fh=0000000000000a26 vn="Win32/Bundled.Toolbar.Ask.P potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne\11.40900_0\tb_ux\chrome-options.js#F336571D9EEAF88C"
sh=4F050AC4F3028D60CF46BD9AD3ED1503A45FE37F ft=1 fh=00000000001d2a08 vn="Variante von Win32/Toolbar.SearchSuite.X potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190207.101400\5\torch\Helper.dll#079B8B95B3269917"
sh=EA244E84E1468A6AF4741F2184E113A16F833D8B ft=1 fh=000000000042d0f0 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\daten\_fs-zerspanungstechnik\_amp\ccsetup402.exe"
sh=985B522A02A82A327F2E5AD1DED83E3C006AE552 ft=1 fh=0000000001a1e620 vn="Variante von Win32/Toolbar.Widgi.B potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Program Files (x86)\Lern-o-Mat\Codec\CPASetup.exe"
sh=5EFE491E08EE4EC84B1C3C67F9A7B01D07B838F9 ft=1 fh=0000000000052a88 vn="Variante von Win32/PSWTool.SterJoSoftware.B potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\AppData\Local\SterJo Key Finder\KeyFinder.exe"
sh=F72E4F79515441DCF070083E1670C66F1EA8C59F ft=1 fh=0000000012061d18 vn="Variante von Win32/LuluSoftware.A potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Documents\Soda PDF 8 Files\lulu-software-soda-pdf-8-setup.exe"
sh=F72E4F79515441DCF070083E1670C66F1EA8C59F ft=1 fh=0000000012061d18 vn="Variante von Win32/LuluSoftware.A potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\Soda PDF 8 Files\lulu-software-soda-pdf-8-setup.exe"
sh=F72E4F79515441DCF070083E1670C66F1EA8C59F ft=1 fh=0000000012061d18 vn="Variante von Win32/LuluSoftware.A potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\_abelsoft\lulu-software-soda-pdf-8-setup.exe"
sh=2FEC2BB06C11B711B37E7D1BAC0004F8F25A4C7B ft=1 fh=00000000004253c0 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\__setup\ccsetup401.exe"
sh=F811EF163F5780AC5AB49572C31FAA237C59B00B ft=1 fh=00000000025977a0 vn="Win32/OpenCandy potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\__setup\easeus_partition_manager_10.0.exe"
sh=EB37E3D983ED6B49BFF9CE119140190599E9BB8E ft=1 fh=0000000000045aa0 vn="Win32/PrcView potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\ByeTunes.exe"
sh=D1C1240C981E9812363EA7F2E5D65CA2E3E7B1F2 ft=1 fh=00000000014198c8 vn="Variante von Win32/IObit.N potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\driver_booster_setup.exe"
sh=A1AEC944C7D48A500F9F614EB3C2F9C8CA2BE75F ft=1 fh=00000000026806a8 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\FreeYouTubeDownload.exe"
sh=62BA93F8B36E87B118E9A2280F3B66872A09A2ED ft=1 fh=00000000000d1558 vn="Variante von Win32/PSWTool.SterJoSoftware.B potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\keyfinder_setup.exe"
sh=FA08B4FF274542DA7FC4D45436C20B70515F0B0A ft=1 fh=0000000000954710 vn="Variante von Win32/LuluSoftware.A potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\Soda_PDF_Desktop_Installer(1).exe"
sh=FA08B4FF274542DA7FC4D45436C20B70515F0B0A ft=1 fh=0000000000954710 vn="Variante von Win32/LuluSoftware.A potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\Soda_PDF_Desktop_Installer(2).exe"
sh=0883747CE28D4D7166507911FBD596D74B222909 ft=1 fh=0000000000954710 vn="Variante von Win32/LuluSoftware.A potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\Soda_PDF_Desktop_Installer(3).exe"
sh=FA08B4FF274542DA7FC4D45436C20B70515F0B0A ft=1 fh=0000000000954710 vn="Variante von Win32/LuluSoftware.A potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\Soda_PDF_Desktop_Installer(4).exe"
sh=FA08B4FF274542DA7FC4D45436C20B70515F0B0A ft=1 fh=0000000000954710 vn="Variante von Win32/LuluSoftware.A potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\Soda_PDF_Desktop_Installer(5).exe"
sh=D33AF7C11963D461FEDA0126F24AED6D38C8401F ft=1 fh=0000000000943548 vn="Variante von Win32/LuluSoftware.A potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\Soda_PDF_Desktop_Installer(6).exe"
sh=C592D8DF5E615B352D88A01759CD2606791F6F49 ft=1 fh=000000000094c108 vn="Variante von Win32/LuluSoftware.A potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\ki\Downloads\Soda_PDF_Desktop_Installer.exe"
sh=EB37E3D983ED6B49BFF9CE119140190599E9BB8E ft=1 fh=0000000000045aa0 vn="Win32/PrcView potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\_sichern\INTENSO-32G\daten\amp\ByeTunes.exe"
sh=EA244E84E1468A6AF4741F2184E113A16F833D8B ft=1 fh=000000000042d0f0 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\_sichern\INTENSO-32G\daten\_fs-zerspanungstechnik\_amp\ccsetup402.exe"
sh=A9F6A3299D8E5A8B0F8F18915521C8B3E7C9F864 ft=1 fh=000000000da93010 vn="Variante von Win32/Toolbar.Conduit.AU potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="D:\Tools\MEDION MediaPack 2\Setup.exe"
20:37:34 Call m_esets_charon_send
20:37:34 Call m_esets_charon_destroy

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2019
durchgeführt von ki (Administrator) auf KI-PCMEDION2012 (10-02-2019 21:04:17)
Gestartet von C:\Users\ki\Desktop
Geladene Profile: ki & admin2 & DefaultAppPool (Verfügbare Profile: ki & admin2 & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Genie9) C:\Program Files\Genie9\Zoolz2\ZoolzService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\FABS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avanquest Software) C:\Program Files\eXpert PDF 10\creator-ws.exe
(LULU SOFTWARE LIMITED) C:\Program Files\Soda PDF 8\creator-ws.exe
(LULU Software) C:\Program Files\Soda PDF Desktop\creator-ws.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\ki\Desktop\FRST64(1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [177928 2018-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754416 2018-11-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4785640 2018-11-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4231160 2019-01-29] (Steganos Software GmbH -> Steganos Software GmbH)
HKLM-x32\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe [27136 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Winlogon [Shell] explorer.exe [3611368 2018-07-06] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-03-18] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-453296214-1327697751-653560176-1007\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.ffds] => C:\WINDOWS\system32\ff_vfw.dll [127488 2013-03-13] ()
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [243746 2011-06-24] ()
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw64.dll [4035584 2012-07-01] (x264vfw project)
HKLM\...\Drivers32: [vidc.lags] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( )
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\...\Drivers32-x32: [vidc.ffds] => C:\WINDOWS\SysWOW64\ff_vfw.dll [112640 2013-03-13] ()
HKLM\...\Drivers32-x32: [vidc.xvid] => C:\WINDOWS\SysWOW64\xvidvfw.dll [242259 2011-06-24] ()
HKLM\...\Drivers32-x32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [4102656 2012-07-01] (x264vfw project)
HKLM\...\Drivers32-x32: [vidc.lags] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-11] (Google Inc -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2018-03-04]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{58f6ba5b-0000-0000-0000-500600000000}\bootwiz\asrm.bin

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-453296214-1327697751-653560176-1007] => hxxp://127.0.0.1:8445/okayfreedom.pac
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{22e60306-d594-4276-8a62-50849289112a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b3c6bdab-6d75-49d3-871d-38b982e51877}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b3c6bdab-6d75-49d3-871d-38b982e51877}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-453296214-1327697751-653560176-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-453296214-1327697751-653560176-1007 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: CHIP Best Deal BHO -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> C:\Program Files (x86)\chip\Internet Explorer\chip64.dll [2014-11-18] (Ciuvo GmbH -> )
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-18] (Google Inc -> Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Soda PDF 8 Helper -> {33779F20-17D7-4CC6-8248-78A4A78CEBFC} -> C:\Program Files (x86)\Soda PDF 8\creator-ie-helper.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Soda PDF Desktop Helper -> {A2792EEC-6618-4C4C-8ECF-B51ECB5DC2A1} -> C:\Program Files (x86)\Soda PDF Desktop\creator-ie-helper.dll [2017-03-23] (LULU Software -> LULU Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-18] (Google Inc -> Google Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: eXpert PDF 10 Helper -> {D9B7E477-2C0F-4BCA-B63F-9AF4E03D05E1} -> C:\Program Files (x86)\eXpert PDF 10\creator-ie-helper.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-04] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 15\SPMIEToolbar64.dll [2015-05-21] (Steganos Software GmbH -> Steganos Software GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-18] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Soda PDF 8 Toolbar - {A2689669-AD38-4AFD-B370-23E97E2B9D18} - C:\Program Files (x86)\Soda PDF 8\creator-ie-plugin.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 15\SPMIEToolbar.dll [2015-05-21] (Steganos Software GmbH -> Steganos Software GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-18] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Soda PDF Desktop Toolbar - {D53D09FE-B1AC-4EE8-AE26-FD43D8B4B62F} - C:\Program Files (x86)\Soda PDF Desktop\creator-ie-plugin.dll [2017-03-23] (LULU Software -> LULU Software)
Toolbar: HKLM-x32 - eXpert PDF 10 Toolbar - {570F0ABC-DF49-4A09-8687-79F921605B7A} - C:\Program Files (x86)\eXpert PDF 10\creator-ie-plugin.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-06-01] (Skype Software Sarl -> Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Skype Software Sarl -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515 [2019-02-10]
FF Homepage: Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515 -> hxxps://www.google.de/
FF Extension: (WEB.DE MailCheck) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\browser-mailcheck@web.de.xpi [2018-12-31]
FF Extension: (Cliqz) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\cliqz@cliqz.com.xpi [2019-01-30]
FF Extension: (iCloud-Lesezeichen) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\firefoxdav@icloud.com.xpi [2018-08-01]
FF Extension: (Xmarks Bookmark Sync) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\foxmarks@kei.com.xpi [2017-12-05]
FF Extension: (Trusted Shops-Erweiterung) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\jid1-PBNne26X1Kn6hQ@jetpack.xpi [2018-10-12]
FF Extension: (Web of Trust) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2018-06-27]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
FF Extension: (OkayFreedom) - C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\0xy4wsdz.default-1483472393515\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2017-04-11]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [Legacy]
FF Extension: (WEB.DE MailCheck) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\browser-mailcheck@web.de.xpi [2019-01-24]
FF HKLM\...\Firefox\Extensions: [soda_pdf_8_conv@sodapdf.com] - C:\Program Files\Soda PDF 8\resources\sodapdf8firefoxextension
FF Extension: (Soda PDF 8 Creator) - C:\Program Files\Soda PDF 8\resources\sodapdf8firefoxextension [2016-01-20] [Legacy] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [expert_pdf_10_conv@expert-pdf.com] - C:\Program Files\eXpert PDF 10\resources\expertpdf10firefoxextension
FF Extension: (eXpert PDF 10 Creator) - C:\Program Files\eXpert PDF 10\resources\expertpdf10firefoxextension [2017-07-20] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-10] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 15\spmplugin3
FF Extension: (Steganos Password Manager) - C:\Program Files (x86)\Steganos Password Manager 15\spmplugin3 [2016-03-08] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-07-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-07-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: eXpert PDF 10 -> C:\Program Files (x86)\eXpert PDF 10\np-previewer.dll [2016-12-02] (Avanquest Software)
FF Plugin-x32: Soda PDF 8 -> C:\Program Files (x86)\Soda PDF 8\np-previewer.dll [2016-01-11] (LULU SOFTWARE LIMITED)
FF Plugin-x32: Soda PDF Desktop -> C:\Program Files (x86)\Soda PDF Desktop\np-previewer.dll [2017-03-23] (LULU Software)
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: @soe.sony.com/installer,version=1.0.3 -> C:\Users\ki\AppData\Roaming\Mozilla\Firefox\Profiles\s3j4fal3.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: SkypePlugin -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi.dll [2015-09-14] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-453296214-1327697751-653560176-1001: SkypePlugin64 -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi-x64.dll [2015-09-14] (Skype Technologies S.A.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default [2019-02-09]
CHR Extension: (Bing Search Engine) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-05-02]
CHR Extension: (Avira Browserschutz) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-01-10]
CHR Extension: (Skype) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\ki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-453296214-1327697751-653560176-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jhpokclhnekmjlhknfihmghoblfgfeog] - C:\Program Files (x86)\chip\Chrome\chip-1.4.21.crx [2014-11-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [9532288 2019-01-04] (Emsisoft Ltd -> Emsisoft Ltd)
S3 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] (Wolters Kluwer Deutschland GmbH -> )
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [4380176 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-14] (Apple Inc. -> Apple Inc.)
S3 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
S3 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99200 2015-08-10] (Alcohol Soft -> Alcohol Soft Development Team)
S3 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-25] (Digital Wave Ltd -> Digital Wave Ltd.) [Datei ist nicht signiert]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302160 2018-12-13] (ESET, spol. s r.o. -> ESET)
R2 ExeLock; C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE [469352 2015-10-15] (abylonsoft_CodeSign -> )
S3 eXpert PDF 10; C:\Program Files\eXpert PDF 10\ws.exe [2321608 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
S3 eXpert PDF 10 CrashHandler; C:\Program Files\eXpert PDF 10\crash-handler-ws.exe [921288 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
R3 eXpert PDF 10 Creator; C:\Program Files\eXpert PDF 10\creator-ws.exe [733384 2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
S3 eXpert PDF 10 Manager; C:\ProgramData\Avanquest Software\eXpert PDF 10 Manager\eXpert PDF 10\eXpert PDF 10 Manager.exe [963832 2016-02-10] (Avanquest UK Ltd -> Avanquest Software)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database_2ce9b3\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
S4 GSService; C:\Windows\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
S4 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2012-09-14] () [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2018-06-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1765160 2018-11-23] (Acronis International GmbH -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [359944 2019-01-29] (Steganos Software GmbH -> Steganos Software GmbH)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2162064 2017-05-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3136920 2017-05-19] (Electronic Arts, Inc. -> Electronic Arts)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
S4 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-06-20] (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTMa\RpcAgentSrv.exe [76784 2015-12-20] (SiSoftware SPC -> SiSoftware) [Datei ist nicht signiert]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Flexera Software LLC -> Secunia)
S3 SODA Manager; C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe [873272 2015-08-11] (LULU SOFTWARE LIMITED -> LULU Software Limited)
S3 Soda PDF 8; C:\Program Files\Soda PDF 8\ws.exe [2263840 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
S3 Soda PDF 8 CrashHandler; C:\Program Files\Soda PDF 8\crash-handler-ws.exe [920352 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
R3 Soda PDF 8 Creator; C:\Program Files\Soda PDF 8\creator-ws.exe [733472 2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
S3 Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2702184 2017-03-23] (LULU Software -> LULU Software)
R3 Soda PDF Desktop Creator; C:\Program Files\Soda PDF Desktop\creator-ws.exe [755048 2017-03-23] (LULU Software -> LULU Software)
R2 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-11-25] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 11 Deluxe OnlineUpdate; C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\StarMoneyOnlineUpdate.exe [750568 2018-12-03] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 11 OnlineUpdate; C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe [750568 2018-12-03] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
S4 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [19456 2013-03-06] (Clarus, Inc.) [Datei ist nicht signiert]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [6926040 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo for iOS\DriverInstall.exe [103576 2015-11-04] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare)
R2 Zoolz 2 Service; C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [477000 2018-12-16] (Genie9 LTD -> Genie9)
S3 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> ) [Datei ist nicht signiert]
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> ) [Datei ist nicht signiert]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-29] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-10-29] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2014-01-02] (iolo technologies, LLC -> EldoS Corporation)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-10-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-29] (ESET, spol. s r.o. -> ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
R1 epp; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp.sys [168032 2019-01-07] (Emsisoft Ltd -> Emsisoft Ltd)
R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37064 2018-04-06] (Emsisoft Ltd -> Emsisoft Ltd)
R1 eppwfp; C:\Program Files (x86)\Emsisoft Anti-Malware\eppwfp.sys [131952 2019-01-02] (Emsisoft Ltd -> Emsisoft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [667144 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 FSProFilter2; C:\WINDOWS\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (Alfa System Programming -> FSPro Labs)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-12-01] (Martin Malik - REALiX -> REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-02-07] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-02-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72864 2019-02-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-02-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-02-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2013-02-25] (北京铠信神州科技有限责任公司 -> )
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] (Clarus, Inc. -> )
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] (Clarus, Inc. -> )
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoi.inf_amd64_3235b21d5787151d\nvlddmkm.sys [17544792 2018-12-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2019-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia -> Secunia)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-09-30] (iolo technologies, LLC -> EldoS Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1122200 2019-01-20] (Realtek Semiconductor Corp. -> Realtek )
R3 RTL8192su; C:\WINDOWS\System32\drivers\RTL8192su.sys [687616 2018-04-12] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2018-12-01] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R1 SLEE_19_DRIVER; C:\Windows\Sleen1964.sys [117848 2014-10-24] (Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus) -> Softwareentwicklung Remus - ArchiCrypt - )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-10-22] (Synaptics Incorporated -> Synaptics Incorporated)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [162360 2016-12-12] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [885880 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [173536 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2019-01-29] (Acronis International GmbH -> Acronis International GmbH)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2013-12-12] (Paragon Software GmbH -> )
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2013-12-12] (Paragon Software GmbH -> )
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2013-12-12] (Paragon Software GmbH -> )
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2019-01-29] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [129008 2010-09-23] (CyberLink -> CyberLink)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

Error(1) reading file: "C:\Users\ki\Downloads\Erinnerung - Schriftliche Bestätigung Umbaumaßnahme "
2019-02-10 21:04 - 2019-02-10 21:07 - 000039585 _____ C:\Users\ki\Desktop\FRST.txt
2019-02-10 20:36 - 2019-02-10 20:36 - 000000308 _____ C:\Users\ki\Desktop\eset.txt
2019-02-10 11:39 - 2019-02-10 11:39 - 007667832 _____ (ESET spol. s r.o.) C:\Users\ki\Desktop\esetonlinescanner_deu.exe
2019-02-10 11:08 - 2019-02-10 11:37 - 000000000 ____D C:\ProgramData\HitmanPro
2019-02-10 11:06 - 2019-02-10 11:06 - 011576808 _____ (SurfRight B.V.) C:\Users\ki\Desktop\HitmanPro_x64.exe
2019-02-10 10:49 - 2019-02-10 10:49 - 000000000 ___HD C:\WINDOWS\AxInstSV
2019-02-10 10:47 - 2019-02-10 10:47 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-02-10 10:47 - 2019-02-10 10:47 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-02-10 10:47 - 2019-02-10 10:47 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-02-10 10:47 - 2019-02-10 10:47 - 000072864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-02-10 10:45 - 2019-02-10 11:05 - 000000000 ____D C:\Users\ki\Desktop\trojaner-board-bis 9.2.19
2019-02-10 10:28 - 2019-02-10 10:28 - 000231342 _____ C:\Users\ki\Downloads\Tickets_957607.pdf
2019-02-10 10:27 - 2019-02-10 10:27 - 000231344 _____ C:\Users\ki\Downloads\attachment(4)
2019-02-09 15:11 - 2019-02-10 10:46 - 000014003 _____ C:\Users\ki\Desktop\Fixlog.txt
2019-02-09 15:10 - 2019-02-10 21:03 - 000000000 ____D C:\Users\ki\Desktop\FRST-OlderVersion
2019-02-09 15:08 - 2019-02-09 15:10 - 000000000 ____D C:\Users\ki\Desktop\alt-trojaner
2019-02-08 19:53 - 2019-02-08 19:53 - 000141625 _____ C:\Users\ki\Downloads\2019-KW07_Probenplan.pdf
2019-02-08 19:53 - 2019-02-08 19:53 - 000140829 _____ C:\Users\ki\Downloads\2019-KW08_Probenplan.pdf
2019-02-07 10:31 - 2019-02-07 10:31 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-02-07 10:31 - 2019-02-07 10:31 - 000000000 ____D C:\Users\ki\AppData\Local\mbamtray
2019-02-07 10:31 - 2019-02-07 10:31 - 000000000 ____D C:\Users\ki\AppData\Local\mbam
2019-02-07 10:30 - 2019-02-07 10:30 - 000001969 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-07 10:30 - 2019-02-07 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-07 10:30 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-02-07 10:30 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-07 10:08 - 2019-02-07 10:14 - 000000000 ____D C:\AdwCleaner
2019-02-06 17:35 - 2019-02-06 17:35 - 000222836 _____ C:\Users\ki\Downloads\Tickets_956213.pdf
2019-02-06 17:01 - 2019-02-06 17:01 - 000222838 _____ C:\Users\ki\Downloads\attachment(4).pdf
2019-02-06 17:00 - 2019-02-06 17:01 - 000222845 _____ C:\Users\ki\Downloads\attachment(3)
2019-02-05 19:41 - 2019-02-05 19:41 - 000001146 _____ C:\Users\Public\Desktop\OkayFreedom.lnk
2019-02-05 11:26 - 2019-02-10 21:04 - 000000000 ____D C:\FRST
2019-02-05 11:25 - 2019-02-10 21:03 - 002434048 _____ (Farbar) C:\Users\ki\Desktop\FRST64(1).exe
2019-02-05 11:25 - 2019-02-05 11:25 - 002433024 _____ (Farbar) C:\Users\ki\Downloads\FRST64(1).exe
2019-02-05 10:55 - 2019-02-05 10:55 - 000380544 _____ C:\Users\ki\Downloads\2_1_Massage_und_Gleitgel_Aloe_Vera_300_ml_306207DR.pdf
2019-02-05 10:54 - 2019-02-05 10:54 - 000469643 _____ C:\Users\ki\Downloads\Soft_Touch_Vibrator_mit_gebogener_Spitze_12_5_cm_008896TO.pdf
2019-02-05 10:53 - 2019-02-05 10:53 - 000470912 _____ C:\Users\ki\Downloads\Vibrationsring_inklusive_Batterien_005666TO.pdf
2019-02-04 13:06 - 2019-02-04 13:06 - 000061450 _____ C:\Users\ki\Downloads\Berlin-Fahrt(1).pdf
2019-02-04 13:03 - 2019-02-04 13:03 - 000140167 _____ C:\Users\ki\Downloads\2019-KW06_Probenplan_korrigiert.pdf
2019-02-02 23:12 - 2019-02-02 23:12 - 000000000 ____D C:\cobirescue
2019-02-02 19:59 - 2019-01-08 22:06 - 009189024 _____ C:\notfall.lnx
2019-02-02 19:59 - 2017-12-11 14:15 - 000000828 _____ C:\menu.lst
2019-02-02 19:59 - 2011-10-17 07:38 - 000217769 _____ C:\grldr
2019-02-02 19:59 - 2011-10-17 07:38 - 000009216 _____ C:\grldr.mbr
2019-02-02 19:50 - 2019-02-03 17:33 - 000000000 ____D C:\Program Files (x86)\RescueLoader
2019-02-01 21:15 - 2019-02-01 21:15 - 000140162 _____ C:\Users\ki\Downloads\2019-KW06_Probenplan.pdf
2019-02-01 10:36 - 2019-02-01 10:36 - 001296877 _____ C:\Users\ki\Downloads\week-2019-05.pdf
2019-02-01 10:36 - 2019-02-01 10:36 - 001296877 _____ C:\Users\ki\Downloads\week-2019-05(1).pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000356541 _____ C:\Users\ki\Downloads\elternbrief februar 2019.pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000082979 _____ C:\Users\ki\Downloads\Schulkalender-2019-2020-querformat.pdf
2019-02-01 10:29 - 2019-02-01 10:29 - 000010787 _____ C:\Users\ki\Downloads\Ferienplan_2019-2020.pdf
2019-01-31 18:13 - 2019-01-31 18:13 - 000000000 ____D C:\ProgramData\StarFinanz
2019-01-30 23:23 - 2019-01-30 23:23 - 000000000 ____D C:\ProgramData\Mozilla
2019-01-29 21:02 - 2019-01-29 21:02 - 000667144 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector(354).sys
2019-01-29 21:02 - 2019-01-29 10:45 - 000667144 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector.sys
2019-01-29 12:41 - 2019-02-03 16:40 - 000000000 ____D C:\Users\ki\Documents\wsusoffline115-1
2019-01-29 12:06 - 2019-01-29 12:06 - 005155328 _____ C:\Users\ki\Downloads\windowsdefender1593dt.msi
2019-01-29 10:46 - 2019-01-29 10:46 - 003947888 _____ (Acronis) C:\WINDOWS\system32\auto_reactivate.exe
2019-01-29 10:18 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-25 17:52 - 2019-01-25 17:52 - 000225631 _____ C:\Users\ki\Downloads\Jahresplan2019-01_25_Domspatzen_Chöre.pdf
2019-01-25 17:51 - 2019-01-25 17:51 - 000142431 _____ C:\Users\ki\Downloads\2019-KW05_Probenplan.pdf
2019-01-25 13:12 - 2019-01-25 13:12 - 000002918 _____ C:\Users\ki\Downloads\transcript(1).txt
2019-01-25 12:57 - 2019-01-25 12:57 - 000000803 _____ C:\Users\ki\Downloads\transcript.txt
2019-01-25 09:29 - 2019-01-25 09:29 - 010245888 _____ (Acronis) C:\Users\ki\Downloads\AcronisBackup_12.5_web.exe
2019-01-25 09:12 - 2019-01-25 09:12 - 006322446 _____ C:\Users\ki\Downloads\Handbuch PC.pdf
2019-01-23 11:24 - 2019-01-23 11:24 - 000040214 _____ C:\Users\ki\Downloads\Erstinformation(1).pdf
2019-01-23 10:05 - 2019-01-23 10:05 - 000185089 _____ C:\Users\ki\Downloads\Abfuhrkalender_2019.pdf
2019-01-22 21:47 - 2019-01-22 21:47 - 000240290 _____ C:\Users\ki\Downloads\m4_01_familie_lustig.docx(2).pdf
2019-01-22 11:44 - 2019-01-22 11:44 - 000000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2019-01-22 11:43 - 2019-01-29 10:44 - 000243472 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\volume_tracker.sys
2019-01-22 11:43 - 2019-01-29 10:44 - 000001278 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2019-01-22 11:43 - 2019-01-22 11:43 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2416.sys
2019-01-22 11:43 - 2019-01-22 11:43 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2310.sys
2019-01-21 13:10 - 2019-01-21 13:10 - 001011355 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_e07a6baa9f52ad1b6963a254442483dc58bd2a77.pdf
2019-01-21 13:10 - 2019-01-21 13:10 - 001011262 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_ec8e07990905a7dd7e1afca71d5dad88d05e4810.pdf
2019-01-21 13:09 - 2019-01-21 13:09 - 001011273 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_18d258071d847432af70aa72224b6cfaaf3bfcf1.pdf
2019-01-21 13:08 - 2019-01-21 13:08 - 001011335 _____ C:\Users\ki\Downloads\EDV-BUCHVERSAND_Delf_Michel_Lizenz_02603c2f33748c27dfd5db1112274d0dda0ec8ee.pdf
2019-01-21 12:50 - 2019-01-21 12:50 - 000088603 _____ C:\Users\ki\Downloads\AKD-73659465278.pdf
2019-01-21 12:47 - 2019-01-21 12:52 - 574094312 _____ C:\Users\ki\Downloads\AcronisTrueImage2018.exe
2019-01-21 12:34 - 2019-01-21 12:34 - 000088620 _____ C:\Users\ki\Downloads\AKD-73651673788.pdf
2019-01-19 09:11 - 2019-01-19 09:11 - 000186896 _____ C:\Users\ki\Downloads\2019-KW04_Probenplan.pdf
2019-01-19 09:09 - 2019-01-19 09:09 - 000621253 _____ C:\Users\ki\Downloads\Dispo2019-01_07_Eltern.pdf
2019-01-18 09:39 - 2019-01-18 09:39 - 000071091 _____ C:\Users\ki\Downloads\RG150508157000.pdf
2019-01-17 20:38 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-17 20:38 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-17 20:38 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-17 20:38 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-17 20:37 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-17 20:37 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-17 20:37 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-17 20:37 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-17 20:37 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-17 20:37 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-17 20:37 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-17 20:37 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-17 20:37 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-17 20:37 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-17 20:37 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-17 20:37 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-17 20:37 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-17 20:37 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-17 20:37 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase(405).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 001363536 ____N (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes(582).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-17 20:37 - 2019-01-01 08:13 - 000436024 ____N (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0(486).dll
2019-01-17 20:37 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-17 20:37 - 2019-01-01 08:12 - 002765344 ____N (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil(470).dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6(489).dll
2019-01-17 20:37 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-17 20:37 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-17 20:37 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-17 20:37 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-17 20:37 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-17 20:37 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-17 20:37 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-17 20:37 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-17 20:37 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-17 20:37 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-17 20:37 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-17 20:37 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-17 20:37 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001549824 ____N (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv(480).dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000662528 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov(585).dll
2019-01-17 20:37 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-17 20:37 - 2019-01-01 07:43 - 001805312 ____N (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-17 20:37 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon(545).dll
2019-01-17 20:37 - 2019-01-01 07:42 - 004939776 ____N (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet(576).dll
2019-01-17 20:37 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 001159680 ____N (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss(514).dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000899072 ____N (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos(472).dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-17 20:37 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase(593).dll
2019-01-17 20:37 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil(602).dll
2019-01-17 20:37 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-17 20:37 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-17 20:37 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-17 20:37 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-17 20:37 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-17 20:37 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-17 20:37 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 004514816 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet(630).dll
2019-01-17 20:37 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-17 20:37 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-17 20:37 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-17 20:37 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-17 20:37 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-17 20:37 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-17 20:37 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-01-17 20:37 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-17 20:37 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-17 20:37 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-17 20:37 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-17 20:37 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-01-17 20:37 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-17 20:37 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-01-17 20:37 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-17 20:37 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-17 20:37 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-01-17 20:37 - 2018-12-14 07:54 - 006032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-01-17 20:37 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1(411).dll
2019-01-17 20:37 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-01-17 20:37 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-17 20:37 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-01-17 20:37 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-17 20:37 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-17 10:08 - 2019-01-17 10:08 - 000061450 _____ C:\Users\ki\Downloads\Berlin-Fahrt.pdf
2019-01-16 21:59 - 2019-01-16 21:59 - 000175691 _____ C:\Users\ki\Downloads\Tickets_946202.pdf
2019-01-16 21:57 - 2019-01-16 21:57 - 000175687 _____ C:\Users\ki\Downloads\attachment(2)
2019-01-16 11:45 - 2019-01-16 11:45 - 000046551 _____ C:\Users\ki\Downloads\InsuranceCertificate(1).pdf
2019-01-16 11:44 - 2019-01-16 11:44 - 000070434 _____ C:\Users\ki\Downloads\G6KHNL(1).pdf
2019-01-15 16:59 - 2019-01-15 16:59 - 000193894 _____ C:\Users\ki\Downloads\merkhilfe_fuer_das_fach_mathematik_standard(3).pdf
2019-01-15 16:59 - 2019-01-15 16:59 - 000193894 _____ C:\Users\ki\Downloads\merkhilfe_fuer_das_fach_mathematik_standard(2).pdf
2019-01-15 00:09 - 2019-01-15 00:09 - 000114408 _____ C:\Users\ki\Downloads\WhatsApp Image 2019-01-14 at 21.09.59.jpeg
2019-01-12 18:48 - 2019-01-17 10:48 - 000000000 ____D C:\Users\ki\Documents\BelegManager-Daten
2019-01-12 16:39 - 2019-01-12 16:39 - 000010495 _____ C:\Users\ki\Downloads\19elsdi1_elster_12.01.2019_16.36.pfx
2019-01-12 10:37 - 2019-01-12 10:37 - 000000000 ____D C:\Users\ki\AppData\Local\Phoenix360
2019-01-11 21:38 - 2019-01-11 21:38 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-01-11 21:38 - 2019-01-11 21:38 - 000002298 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2019-01-11 12:03 - 2019-01-11 12:03 - 000284090 _____ C:\Users\ki\Downloads\2017-05-24-einkommensteuerrechtliche-behandlung-von-vorsorgeaufwendungen_.pdf
2019-01-11 12:03 - 2019-01-11 12:03 - 000284090 _____ C:\Users\ki\Downloads\2017-05-24-einkommensteuerrechtliche-behandlung-von-vorsorgeaufwendungen_(1).pdf

==================== Ein Monat (geänderte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-02-10 20:34 - 2018-05-02 06:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-10 15:58 - 2012-07-29 18:31 - 000000000 ____D C:\daten
2019-02-10 15:42 - 2013-10-20 10:14 - 000000000 ____D C:\Users\ki\Downloads\__setup
2019-02-10 15:24 - 2014-08-07 18:11 - 000000000 ____D C:\Users\ki\Downloads\_abelsoft
2019-02-10 15:15 - 2015-11-13 11:31 - 000000000 ____D C:\Users\ki\Downloads\Soda PDF 8 Files
2019-02-10 15:04 - 2015-11-13 11:22 - 000000000 ____D C:\Users\ki\Documents\Soda PDF 8 Files
2019-02-10 14:42 - 2016-01-10 16:11 - 000000000 ____D C:\Users\ki\AppData\Local\SterJo Key Finder
2019-02-10 14:38 - 2016-01-10 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SterJo Key Finder
2019-02-10 11:23 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-10 10:59 - 2016-11-18 06:21 - 000000000 ____D C:\Users\ki\AppData\LocalLow\Mozilla
2019-02-10 10:46 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-10 10:45 - 2018-05-02 07:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security CBE
2019-02-10 10:45 - 2016-12-09 11:31 - 000000000 ____D C:\Program Files (x86)\Innovative Solutions
2019-02-10 10:45 - 2014-03-01 11:08 - 000000000 ____D C:\ProgramData\IObit
2019-02-09 15:15 - 2014-07-16 07:22 - 000000000 ____D C:\Users\ki\AppData\LocalLow\Temp
2019-02-08 12:01 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-08 11:58 - 2018-05-01 22:00 - 000000000 ____D C:\WINDOWS\system32\msmq
2019-02-08 11:51 - 2016-01-08 21:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-02-07 16:33 - 2017-03-29 12:22 - 000000000 ____D C:\Program Files (x86)\StarMoney 11
2019-02-07 10:31 - 2015-02-14 13:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-07 10:30 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-07 10:14 - 2018-12-01 20:16 - 000000000 ____D C:\Users\ki\AppData\Roaming\IObit
2019-02-07 10:14 - 2014-03-01 11:12 - 000000000 ____D C:\Users\ki\AppData\LocalLow\IObit
2019-02-07 06:51 - 2017-11-04 18:26 - 000000000 ____D C:\Program Files (x86)\StarMoney 11 Deluxe
2019-02-07 06:50 - 2015-11-29 11:37 - 000000000 ____D C:\Program Files (x86)\StarMoney 10
2019-02-06 18:12 - 2014-03-01 11:12 - 000000000 ____D C:\ProgramData\ProductData
2019-02-06 17:18 - 2017-01-03 21:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-06 17:18 - 2016-12-16 10:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-05 19:41 - 2018-03-07 10:22 - 000000000 ____D C:\Program Files (x86)\OkayFreedom
2019-02-05 19:41 - 2017-11-05 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2019-02-05 11:10 - 2017-01-03 21:27 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-03 18:03 - 2018-05-02 06:53 - 000000000 ____D C:\Users\ki
2019-02-03 17:52 - 2018-05-02 06:53 - 000000000 ____D C:\Users\DefaultAppPool
2019-02-03 17:52 - 2018-05-02 06:53 - 000000000 ____D C:\Users\admin2
2019-02-03 17:48 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\te-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\or-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\km-KH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\is-IS
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\id-ID
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2019-02-03 17:48 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\setup
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-02-03 17:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-02-03 17:48 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\be-BY
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\as-IN
2019-02-03 17:47 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\IdentityCRL
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-02-03 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-02-03 17:39 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-02-03 17:39 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\servicing
2019-02-03 17:37 - 2018-06-13 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EverDoc
2019-02-03 17:37 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-03 17:37 - 2018-03-06 21:06 - 000000000 ____D C:\Users\ki\AppData\Local\ConnectedDevicesPlatform
2019-02-03 17:37 - 2017-03-02 13:40 - 000000000 ____D C:\Users\ki\AppData\Local\Nero_AG
2019-02-03 17:37 - 2017-03-01 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecom
2019-02-03 17:37 - 2016-11-16 19:51 - 000000000 ____D C:\Program Files\Soda PDF Desktop
2019-02-03 17:37 - 2015-05-09 11:35 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-02-03 17:37 - 2014-08-07 16:36 - 000000000 ____D C:\Users\ki\AppData\Local\Abelssoft
2019-02-03 17:37 - 2013-03-13 07:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-02-03 17:37 - 2013-03-13 07:31 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-02-03 17:36 - 2018-04-08 22:31 - 000000000 ____D C:\Program Files\iTunes
2019-02-03 17:36 - 2017-05-10 19:44 - 000000000 ____D C:\Program Files (x86)\Yawcam
2019-02-03 17:36 - 2015-03-01 22:57 - 000000000 ____D C:\Program Files (x86)\WinHTTrack
2019-02-03 17:35 - 2013-03-13 07:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-02-03 17:34 - 2018-12-20 10:27 - 000000000 ____D C:\Program Files (x86)\AntiRansomware
2019-02-03 17:34 - 2018-06-13 21:46 - 000000000 ____D C:\PrinterPlusPlus
2019-02-03 17:34 - 2017-05-06 21:14 - 000000000 ____D C:\Program Files (x86)\ The Secret Legacy DE
2019-02-03 17:34 - 2017-04-15 14:36 - 000000000 ____D C:\Program Files (x86)\Everdoc
2019-02-03 17:34 - 2016-12-08 00:14 - 000000000 ____D C:\Program Files (x86)\Abelssoft Undeleter
2019-02-03 17:34 - 2016-08-06 19:42 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0
2019-02-03 17:34 - 2015-12-31 11:31 - 000000000 ____D C:\Program Files (x86)\Anki-Latein
2019-02-03 17:34 - 2015-06-21 11:12 - 000000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2019-02-03 17:34 - 2011-07-18 21:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-03 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-02-03 17:00 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-03 16:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\registration
2019-02-03 16:40 - 2014-12-05 09:12 - 000000000 ____D C:\Users\ki\AppData\Roaming\Steganos
2019-02-03 16:35 - 2012-08-12 12:57 - 000000000 __RHD C:\MSOCache
2019-02-02 19:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-02 13:53 - 2018-05-03 11:31 - 000000000 ____D C:\Users\ki\AppData\Local\D3DSCache
2019-01-31 21:01 - 2018-11-27 16:45 - 000000000 ____D C:\Program Files\rempl
2019-01-31 10:04 - 2013-08-04 19:55 - 000000000 ____D C:\Users\ki\AppData\Local\ElevatedDiagnostics
2019-01-29 21:01 - 2016-07-29 11:36 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file(358).sys
2019-01-29 21:01 - 2015-11-26 11:36 - 000173536 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter(357).sys
2019-01-29 10:46 - 2016-01-11 21:51 - 000290520 _____ (Acronis International GmbH) C:\WINDOWS\system32\snapapiar64.dll
2019-01-29 10:46 - 2016-01-11 21:51 - 000000000 _RSHD C:\bootwiz
2019-01-29 10:45 - 2015-11-26 11:17 - 000390592 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2019-01-29 10:45 - 2015-11-26 11:10 - 000000000 ____D C:\ProgramData\Acronis
2019-01-29 10:44 - 2016-07-29 11:36 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2019-01-29 10:44 - 2016-07-29 11:36 - 000001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2019-01-29 10:44 - 2015-11-26 11:36 - 000374264 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2019-01-29 10:44 - 2015-11-26 11:36 - 000173536 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2019-01-29 10:44 - 2015-11-26 11:16 - 000885880 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2019-01-29 10:44 - 2015-11-26 11:16 - 000693768 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2019-01-29 10:33 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI(407)
2019-01-29 10:25 - 2016-12-15 18:59 - 000001911 _____ C:\Users\ki\Desktop\System Mechanic - täglich.lnk
2019-01-29 10:20 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-24 12:18 - 2016-01-08 21:13 - 000000000 ____D C:\Users\ki\AppData\Local\Packages
2019-01-22 11:43 - 2012-10-12 13:40 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2019-01-21 10:41 - 2017-03-02 13:44 - 000000520 _____ C:\WINDOWS\Tasks\ki.job
2019-01-21 10:39 - 2017-03-02 13:44 - 000000382 _____ C:\WINDOWS\Tasks\ki NBAgent 6 0.job
2019-01-21 10:37 - 2017-03-02 13:41 - 000000552 _____ C:\WINDOWS\Tasks\ki Nero LIVEBackup 6 0.job
2019-01-21 10:32 - 2018-01-08 11:37 - 000001248 _____ C:\Users\ki\Desktop\Freecom Hard Drive Info.lnk
2019-01-20 22:57 - 2018-03-04 19:27 - 001122200 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2019-01-20 22:56 - 2018-03-04 19:16 - 000070024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2019-01-18 11:42 - 2012-11-18 18:30 - 000000000 ___RD C:\Users\ki\Documents\Scanned Documents
2019-01-17 21:58 - 2013-08-15 02:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-17 20:53 - 2011-07-18 21:31 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-17 20:50 - 2009-07-14 03:34 - 000000478 _____ C:\WINDOWS\win.ini
2019-01-17 12:39 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI(99)
2019-01-12 18:48 - 2012-10-03 17:09 - 000000000 ____D C:\Users\ki\AppData\Local\AAV
2019-01-12 18:48 - 2012-10-03 16:35 - 000000000 ____D C:\ProgramData\AAV
2019-01-12 17:46 - 2016-03-09 22:30 - 000000000 ____D C:\Users\ki\AppData\Roaming\elsterformular
2019-01-12 10:48 - 2018-03-22 17:38 - 000000000 ____D C:\ProgramData\Phoenix360
2019-01-12 10:37 - 2018-11-18 22:38 - 000002110 _____ C:\Users\Public\Desktop\System Mechanic.lnk
2019-01-12 10:37 - 2017-05-20 07:57 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-12 10:32 - 2014-08-04 15:14 - 000000000 ____D C:\Users\ki\AppData\Local\Downloaded Installations
2019-01-12 10:02 - 2012-10-03 17:09 - 000000000 ____D C:\Users\ki\Documents\Steuerfälle
2019-01-11 21:39 - 2017-07-19 07:10 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-11 21:37 - 2012-07-29 09:27 - 000000000 ____D C:\Program Files\Google
2019-01-11 21:37 - 2012-07-29 09:27 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-11 21:35 - 2017-07-18 08:09 - 000001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2019-01-11 21:35 - 2016-01-14 16:18 - 000000442 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1434372108.job
2019-01-11 21:35 - 2015-06-15 13:41 - 000000000 ____D C:\Program Files (x86)\Opera

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-10-27 10:35 - 2013-10-27 10:35 - 000000432 _____ () C:\Users\ki\AppData\Roaming\.backup.dm
2014-06-30 23:20 - 2014-06-30 23:20 - 000000000 _____ () C:\Users\ki\AppData\Roaming\gdfw.log
2014-06-30 23:20 - 2014-06-30 23:20 - 000000779 _____ () C:\Users\ki\AppData\Roaming\gdscan.log
2014-01-10 10:51 - 2014-01-10 10:51 - 000000000 _____ () C:\Users\ki\AppData\Roaming\pdfconverter
2016-01-14 18:54 - 2015-12-08 15:13 - 015568896 _____ () C:\Users\ki\AppData\Roaming\Sandra.mdb
2017-11-17 10:34 - 2017-11-17 10:47 - 503043688 _____ () C:\Users\ki\AppData\Local\AcronisTrueImage2016_6595.exe
2016-01-10 20:43 - 2016-12-18 17:20 - 000007680 _____ () C:\Users\ki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-03-05 09:01 - 2018-03-06 22:46 - 000034048 _____ () C:\Users\ki\AppData\Local\parallels-pax.log
2013-07-07 19:23 - 2013-07-07 19:23 - 000007619 _____ () C:\Users\ki\AppData\Local\Resmon.ResmonCfg
2012-07-29 18:31 - 2012-07-29 18:31 - 000017408 _____ () C:\Users\ki\AppData\Local\WebpageIcons.db

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\dllhost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dllhost.exe => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-05-02 06:41

==================== Ende von FRST.txt ============================

--- --- ---

libaki · 11.02.2019, 10:22

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10.02.2019
durchgeführt von ki (10-02-2019 21:09:19)
Gestartet von C:\Users\ki\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-05-02 06:14:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admin2 (S-1-5-21-453296214-1327697751-653560176-1007 - Administrator - Enabled) => C:\Users\admin2
Administrator (S-1-5-21-453296214-1327697751-653560176-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-453296214-1327697751-653560176-503 - Limited - Disabled)
Gast (S-1-5-21-453296214-1327697751-653560176-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-453296214-1327697751-653560176-1006 - Limited - Enabled)
ki (S-1-5-21-453296214-1327697751-653560176-1001 - Administrator - Enabled) => C:\Users\ki
WDAGUtilityAccount (S-1-5-21-453296214-1327697751-653560176-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Abelssoft Undeleter (HKLM-x32\...\{1FB7B731-3479-4128-8299-A53922E47675}_is1) (Version: 4.0 - Abelssoft)
abylon APP-BLOCKER 2015.5 (Privatversion) (HKLM-x32\...\abylonprotectionmanagerapp-blocker_is1) (Version: 2015.5 - abylonsoft)
abylon BASIC 16.00.2 (Privatversion) (HKLM\...\abylonprotectionmanagerbasic_is1) (Version: 16.00.2 - abylonsoft)
Acronis True Image (HKLM-x32\...\{97F880B8-30EB-4E94-A142-0D2AE3601BC8}) (Version: 23.4.14690 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{97F880B8-30EB-4E94-A142-0D2AE3601BC8}Visible) (Version: 23.4.14690 - Acronis)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - )
Anki (HKLM-x32\...\Anki) (Version:  - )
AntiRansomware 2018 (HKLM-x32\...\AbAppId-82_is1) (Version: 18.1 - Abelssoft)
Any Video Converter 6.1.5 (HKLM-x32\...\Any Video Converter) (Version: 6.1.5 - Anvsoft)
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A05FDFEC-4377-49E0-82CB-B6D1386E89DA}) (Version: 11.3.0.9 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.11 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 2.0.0.8 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Botanicula (HKLM-x32\...\Botanicula) (Version: 1.0 - Amanita Design, s.r.o.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CHIP Best Deal (HKLM-x32\...\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}) (Version: 1.4.21 - Ciuvo GmbH)
Cole2k Media - Codec Pack (Advanced) 8.0.2 (HKLM-x32\...\Cole2k Media - Codec Pack) (Version: 8.0.2 - Cole2k Media)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.53.0 - OEM) Hidden
concept/design onlineTV 15 (HKLM-x32\...\{C9F7D843-78C5-4A81-A350-D39F00E80178}_is1) (Version: 15.18.12.1 - concept/design GmbH)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden
Cut Out 3.0 (HKLM-x32\...\Cut Out_is1) (Version:  - Franzis.de)
Cut Out pro 4.0 (HKLM\...\Cut Out pro 4_is1) (Version:  - Franzis.de)
Cut Out pro 4.0 (HKLM-x32\...\Cut Out pro 4_is1) (Version:  - Franzis.de)
CutOut 5.0 professional (HKLM\...\CutOut 5 professional_is1) (Version: 5.0 - Franzis.de)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.2408 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Das große Franzis Know-how-Paket DIGITALE FOTOGRAFIE (HKLM-x32\...\Das große Franzis Know-how-Paket DIGITALE FOTOGRAFIE_is1) (Version:  - )
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 2.4.2.14 - INTENIUM GmbH)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.11.64.1020 - Electronic Arts Inc.)
Driver Easy 5.6.0 (HKLM\...\DriverEasy_is1) (Version: 5.6.0 - Easeware)
EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.1.7.20160205 - Landesfinanzdirektion Thüringen)
EmRegSysSetup (HKLM-x32\...\{F981214A-0688-45E0-9329-B08BB26B74F9}) (Version: 1.6.0.1306 - Engelmann GmbH) Hidden
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
Erbschaftsplaner (HKLM-x32\...\{8ECA57C8-5C32-4196-B84B-C05818D5CB88}) (Version: 9.01.4 - Wolters Kluwer Deutschland GmbH)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 11.0.159.0 - ESET, spol. s r.o.)
EverDoc 2018 (HKLM-x32\...\{CE690D98-4029-4620-879D-8018BF9CFBEC}_is1) (Version: 3.26 - Abelssoft)
EverDoc Printer++ (64bit) (HKLM\...\{D8156771-98B2-4A23-8122-C904F2410DF1}) (Version: 1.0.0 - Printer++)
eXpert PDF 10 Asian Fonts Pack (HKLM\...\{E56F569B-E087-4408-BAC8-EAFF9808C40B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Convert Module (HKLM\...\{14EAE63C-8627-4FAC-89CD-E1BC5F6BE400}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Create Module (HKLM\...\{7A58AA20-FCA7-47AD-B766-1DC0E363E514}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Edit Module (HKLM\...\{04F3C8D3-E68A-420E-955C-D6EA51434DD3}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Forms Module (HKLM\...\{8E26322E-3348-4BC7-AA55-7E7A82A3391B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Insert Module (HKLM\...\{50DF4766-CCD7-4BEB-B46F-728F6526077F}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 OCR Module (HKLM\...\{13E8528E-D6ED-459E-AEB2-CC0E8E68962A}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Review Module (HKLM\...\{39B5B664-DD6B-4397-83B3-BFF70B18B8B5}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 Secure Module (HKLM\...\{FB5E4A8D-421B-47A1-82DE-28630F24476B}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
eXpert PDF 10 View Module (HKLM\...\{CAB4BBED-DD47-4857-8E46-C34F3B295080}) (Version: 10.1.4.29898 - Avanquest Software) Hidden
File Repair (HKLM-x32\...\File Repair_is1) (Version:  - File Repair)
FileFusion 2018 (HKLM-x32\...\8FFF2B94-7E68-4C49-8CF8-46C7AC3033B9_is1) (Version: 1.22 - Abelssoft)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Formatwandler 2014 (HKLM-x32\...\{c27f2a3d-93d7-4112-b0ba-424b59be1ad2}) (Version: 6.0.5060.20182 - S.A.D.)
Formatwandler2014Setup (HKLM-x32\...\{34F7D819-71A6-420A-9DBB-0FF9A3DBF108}) (Version: 6.0.0.1311 - Engelmann Media GmbH) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.16.525 - Digital Wave Ltd)
Freecom Hard Drive Info 1.05 (HKLM-x32\...\Freecom Hard Drive Info_is1) (Version:  - Freecom)
Freecom Product Update 1.06 (HKLM-x32\...\Freecom Product Update_is1) (Version:  - Freecom)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HDR projects photo (64-Bit) (HKLM\...\HDR_PROJECTS_2_1_3BF7CE82_is1) (Version: 2.26 - Franzis Verlag GmbH)
HDX4DirectShowFilter (HKLM-x32\...\{EED2BE94-5D8F-4D1B-AECC-88F645262E68}) (Version: 1.0.0.1305 - Engelmann GmbH) Hidden
iCloud (HKLM\...\{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}) (Version: 7.4.0.111 - Apple Inc.)
Incomedia WebSite X5 v11 - Compact (HKLM-x32\...\{C6AE8967-DF23-42DF-B362-8263A5496338}_is1) (Version: 11.0.8.31 - Incomedia s.r.l.)
Incomedia WebSite X5 v11 - Home (HKLM-x32\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.2.14 - Incomedia s.r.l.)
Incomedia WebSite X5 v12 - Home (HKLM-x32\...\{D25ADC00-2219-495D-A577-F14D1BE72756}_is1) (Version: 12.0.9.30 - Incomedia s.r.l.)
InfoBibliothek (HKLM-x32\...\{F5FB4B71-6301-11D4-9AD1-00A0C9B0C5F6}) (Version:  - Akademische Arbeitsgemeinschaft)
InfoBibliothek 2 (HKLM-x32\...\{78D7D7CD-A06B-4514-ACBD-8055BF945A8E}) (Version: 1.08.03.01 - Akademische Arbeitsgemeinschaft Verlag Wolters Kluwer GmbH)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
iTunes (HKLM\...\{BC437DDC-48E8-4089-9EA0-58414984466E}) (Version: 12.7.4.76 - Apple Inc.)
JackKeane2 (HKLM-x32\...\JackKeane2) (Version:  - )
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeyDepot (HKLM\...\KeyDepot_is1) (Version: 3.20 - Abelssoft)
K-Lite Mega Codec Pack 10.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Lern-o-Mat (HKLM-x32\...\{37BFAE1E-D0E3-4C98-905C-FBBC4305843E}) (Version:  - )
Macromedia Dreamweaver MX 2004 (HKLM-x32\...\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}) (Version: 7.0 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.5 - Macromedia)
Macromedia Fireworks MX 2004 (HKLM-x32\...\{E583ED6F-BD99-4066-A420-C815BF692B69}) (Version: 7 - Macromedia)
Macromedia Flash MX 2004 (HKLM-x32\...\{2F353D44-73BB-4971-B31D-F7642E9E9531}) (Version: 7 - Macromedia)
Macromedia FreeHand MXa (HKLM-x32\...\{939740B5-0064-4779-854A-8C1086181C05}) (Version: 11.0.1 - Macromedia)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (HKLM\...\{4745C004-7D5D-42BB-816A-79BF29C3A65C}) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{4745C004-7D5D-42BB-816A-79BF29C3A65C}) (Version: 4.3.2.0 - MAGIX Software GmbH)
MAGIX Music Maker 2013 (HKLM\...\{E7F7CA64-C0FC-4499-BC4D-C764E24CA67B}) (Version: 19.0.7.67 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2013 (HKLM-x32\...\MX.{E7F7CA64-C0FC-4499-BC4D-C764E24CA67B}) (Version: 19.0.7.67 - MAGIX Software GmbH)
MAGIX Music Maker 2013 Trial Soundpools (HKLM\...\{D826D424-4166-40D5-A70C-9C3A78F01ACD}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2013 Plus (HKLM\...\{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}) (Version: 12.0.1.4 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Plus (HKLM-x32\...\MAGIX_{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}) (Version: 12.0.1.4 - MAGIX AG)
MAGIX Video deluxe 2016 Plus (HKLM\...\{E2795C69-E7BE-4AD7-AD29-77DD7E9263C2}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Plus (HKLM\...\MX.{E2795C69-E7BE-4AD7-AD29-77DD7E9263C2}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Plus Update (HKLM\...\{90158760-3F6F-495C-999D-645767BCEF2C}) (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Plus Update (HKLM\...\{9C94F5B0-D567-4FE8-BCE3-EE1BE03BF1EE}) (Version: 15.0.0.77 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus 2013 Update (HKLM\...\{E6FD1013-27CC-4122-96EE-5E2ED42B3C40}) (Version: 12.0.4.2 - MAGIX AG) Hidden
MAGIX Video easy SE (HKLM\...\{D0498EA9-0858-4E1B-B25A-C907ACD15E67}) (Version: 3.0.1.41 - MAGIX AG) Hidden
MAGIX Video easy SE (HKLM-x32\...\MAGIX_{D0498EA9-0858-4E1B-B25A-C907ACD15E67}) (Version: 3.0.1.41 - MAGIX AG)
Malwarebytes Version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manager (HKLM-x32\...\{330A7F6B-389D-4E1B-9746-791FEED7C126}) (Version: 10.0.3.26918 - Avanquest Software) Hidden
MatheAss 8.2 (HKLM-x32\...\MatheAss_is1) (Version:  - MatheAss)
MatheGrafix 10 (Version 10.2) (HKLM-x32\...\MatheGrafix 10_is1) (Version:  - )
Medion Home Cinema (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.) Hidden
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 65.0 (x64 de) (HKLM\...\Mozilla Firefox 65.0 (x64 de)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
mufin player 2.5 (HKLM\...\{56BE895E-C1B1-4692-B030-200AB920AA98}) (Version: 2.5.1.255 - mufin GmbH) Hidden
mufin player 2.5 (HKLM-x32\...\MAGIX_{56BE895E-C1B1-4692-B030-200AB920AA98}) (Version: 2.5.1.255 - mufin GmbH)
My Lockbox 3.9 (HKLM\...\My Lockbox_is1) (Version: 3.9 - )
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
MyKeyFinder 2018 (HKLM-x32\...\{c6396ed4-bdba-4f98-8739-767cb6bd16e6}_is1) (Version: 7.2 - Abelssoft)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
NebenkostenAbrechnung (HKLM-x32\...\{DD7B3EBE-EB93-493C-9400-1E4EE8A3889A}) (Version: 4.02.6 - Akademische Arbeitsgemeinschaft)
NebenkostenAbrechnung 2016 (HKLM-x32\...\{8033F294-375C-4FCC-9080-48A9460D9A98}) (Version: 5.01.6 - Akademische Arbeitsgemeinschaft)
NebenkostenAbrechnung 2017 (HKLM-x32\...\{AA1E9035-0D45-4052-AED6-83E1D55450B7}) (Version: 6.02.3 - Wolters Kluwer Deutschland GmbH)
NebenkostenAbrechnung 2018 (HKLM-x32\...\{A1E71C08-087A-47C7-88BD-80A1F58DA606}) (Version: 7.01.5 - Wolters Kluwer Deutschland GmbH)
NebenkostenBerater (HKLM-x32\...\{C53576FF-2304-499E-8595-BECFA97C5ADC}) (Version: 1.00.4 - Akademische Arbeitsgemeinschaft)
Nero BackItUp 11 Essentials CDPack (HKLM-x32\...\{BD0516DD-705C-441F-A30D-1CC289895309}) (Version: 11.0.00200 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
NetObjects Fusion 12.0 (HKLM-x32\...\{0354854F-F8B8-4AA8-9944-93A1A5533DD2}) (Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (HKLM-x32\...\{051F9CB0-1499-4A0E-A861-CB19A5AAA906}) (Version: 12.00.5000.5041 - NetObjects) Hidden
NetObjects Fusion 12.0 (HKLM-x32\...\{B962E962-6369-4F66-AF35-79CB39270D12}) (Version: 12.00.5000.5041 - NetObjects) Hidden
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.8.5 - Steganos Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paragon Drive Copy™ 14 Professional (HKLM\...\{24371D30-7CFF-11DE-B053-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PC-WELT Datensafe Version 3.0.1.3632 (HKLM-x32\...\PC-WELT Datensafe 1_is1) (Version: 3.0.1.3632 - PC-WELT)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Speed Converter (HKLM\...\{EC38DB84-B902-4F2D-92D7-297E4E3A0A2A}_is1) (Version: 1.0 - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PhotoFilmStrip 2.0.0 (HKLM-x32\...\PhotoFilmStrip_is1) (Version: 2.0.0 - Jens Gï¿½pfert)
PhotoFilmStrip 3.0.2 (HKLM\...\PhotoFilmStrip_is1) (Version: 3.0.2 - Jens Göpfert)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Readiris Pro 14 (HKLM-x32\...\{64A9C130-E372-48E9-B31E-E04A42382751}) (Version: 14.00.5526 - I.R.I.S.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8351 - Realtek Semiconductor Corp.)
RipTiger Extras 4.5.4 (HKLM-x32\...\{2EE6D53B-957E-48d1-801B-0B7DE81BACED}_is1) (Version: 4.5.4 - cyan soft ltd)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.148 - Clarus)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.01.16.02 - Samsung Electronics Co., Ltd.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.23.04 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.26.00 - Samsung Electronics Co., Ltd.)
Samsung SCX-472x Series (HKLM-x32\...\Samsung SCX-472x Series) (Version:  - Samsung Electronics Co., Ltd.)
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Schülerdatei (HKLM-x32\...\Schülerdatei_is1) (Version:  - )
Scratch 2 Offline Editor (HKLM-x32\...\{8EC964DA-D411-7B20-A99B-9962713680F1}) (Version: 255 - MIT Media Lab) Hidden
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 446 - MIT Media Lab)
Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.18.9 - NVIDIA Corporation) Hidden
SiSoftware Sandra Lite 2016.RTMa (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2596}_is1) (Version: 22.15.2016.1 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{8A9079EA-59DE-491F-937A-D421399B7762}) (Version: 7.6.0.295 - Skype Technologies S.A.)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Soda Manager (HKLM-x32\...\{C7C04652-1CE7-4790-AF71-F37C082C4044}) (Version: 8.0.0.0 - LULU Software Limited) Hidden
Soda PDF 8 Asian Fonts Pack (HKLM\...\{214DC3BA-0E51-401B-9FAC-512186CBE08B}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Business Module (HKLM\...\{FB66BC19-19C5-4211-855C-BFE388EBE773}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Convert Module (HKLM\...\{FDF19452-6439-43B3-AF1F-E84C301D7956}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Create Module (HKLM\...\{82994364-3EA2-4B4E-8265-A7A60E18254F}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Edit Module (HKLM\...\{DEBA93B7-89BE-41F3-8AB7-5A7BC2B56D2F}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Forms Module (HKLM\...\{5EDF1F34-0447-454C-BADB-E209EF0F6639}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Insert Module (HKLM\...\{B9AA0685-D11B-48B4-BDAE-190C5A696DD0}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 OCR Module (HKLM\...\{E972E48E-1F99-44BD-9018-02A61452D7D5}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Review Module (HKLM\...\{800C215F-F077-4F1D-9E69-BDDF9B1D990A}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 Secure Module (HKLM\...\{0D76BDF5-298A-4387-93A4-EFFE4D61E0AF}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF 8 View Module (HKLM\...\{AF490208-AD16-4608-82FE-4DC173321645}) (Version: 8.0.51.26506 - LULU Software Limited) Hidden
Soda PDF Desktop Asian Fonts Pack (HKLM\...\{5F6367B4-01D5-49B3-BDDE-57DEC193B11D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Convert Module (HKLM\...\{1E41EF6F-EDCD-41FA-8221-48B1BC58B61D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Create Module (HKLM\...\{5034E38F-CF0F-4886-B774-DF168A7BA5C0}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Edit Module (HKLM\...\{A40CDD7A-2708-4591-BD85-075BA6BAB453}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Forms Module (HKLM\...\{BE9C0706-9862-4DD0-BFE9-93951C197D8D}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Insert Module (HKLM\...\{1A11B1AA-C1DA-4D51-85D2-B378BA07951C}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop OCR Module (HKLM\...\{A5FBED78-28E5-4652-98DA-EDD1302760D8}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Review Module (HKLM\...\{3F07016A-5061-4E3E-A62B-34362F9C3C63}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop Secure Module (HKLM\...\{AF5B847F-6E87-4E8A-AEB8-33ACA3DE25C5}) (Version: 9.1.17.32812 - LULU Software) Hidden
Soda PDF Desktop View Module (HKLM\...\{1210F4F8-B9D8-4956-BADD-FE9D74CB89BF}) (Version: 9.1.17.32812 - LULU Software) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StarMoney (HKLM-x32\...\{113B170E-9109-4EF0-8D70-4596A68E1873}) (Version: 6.0.0.313 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{1FCBD504-AB7D-4757-9A14-850348384B08}) (Version: 3.0.0.124 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{2E6951AE-6A91-4D23-959C-BA407FED3704}) (Version: 6.0.0.313 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{5A6DB7C1-E646-4842-A562-49C5EB8F2B47}) (Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{5C1209B1-FA1D-40D3-BA13-4ED9F0F31002}) (Version: 6.0.1.83 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{99D7711E-74BE-4920-8088-CB785D4C406F}) (Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{BA8CA518-A9B4-485C-AEE0-22E3F0E0E5F6}) (Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{E2F2B987-F2BC-4969-95F2-92099486B811}) (Version: 3.0.0.124 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{E771D898-9A06-4EEF-B84D-B2DB75080F3E}) (Version: 6.0.1.83 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{F902AB2B-7816-4CBD-A385-F2549F62956B}) (Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 10  (HKLM-x32\...\{1C51BBA9-A010-4098-AD87-D414CF872E12}) (Version: 10 - Star Finanz GmbH)
StarMoney 11  (HKLM-x32\...\{D81DBDD1-5FF9-48D1-8791-ACFF23AEC017}) (Version: 11 - Star Finanz GmbH)
StarMoney 11 Deluxe  (HKLM-x32\...\{E151227E-E09D-4657-9D64-58F2B4114F5D}) (Version: 11 - Star Finanz GmbH)
StarMoney 8.0  (HKLM-x32\...\{F5E1ED93-1898-41ED-B971-4F0F8E40FAF4}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0  (HKLM-x32\...\{B204FCA1-735D-4E6C-852F-050148A2B49A}) (Version: 9.0 - Star Finanz GmbH)
StartupStar (HKLM-x32\...\{C8A6121E-BE35-418D-91EF-A9536DA70B36}_is1) (Version: 9.0 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steganos Password Manager 15 (HKLM-x32\...\{B8F35E03-DC02-4CAB-AEF2-577B4CA25E8A}) (Version: 15.2.5 - Steganos Software GmbH)
Steganos Safe 16 (HKLM-x32\...\{F0EC576B-4985-4B60-929B-63F646BAAC1B}) (Version: 16.1 - Steganos Software GmbH)
Steganos Safe 17 (HKLM-x32\...\{F5545FAD-705B-4252-B7DD-E437044A15E1}) (Version: 17.1.2 - Steganos Software GmbH)
Steganos Safe 18 (HKLM-x32\...\{0A81476E-6553-443B-B34F-0BFE17ACAFFB}) (Version: 18.0.2 - Steganos Software GmbH)
SterJo Key Finder (HKLM-x32\...\{2F6B7734-A549-47B2-BE8D-CCB422F4EA9D}_is1) (Version: 1.8 - SterJo Software)
SteuerBerater 2014-2015 (HKLM-x32\...\{57FFBFD1-3865-4357-9A6F-3035EA807A17}) (Version: 15.09.0 - Akademische Arbeitsgemeinschaft)
SteuerBerater 2015-2016 (HKLM-x32\...\{342BD7F7-8BBD-403A-B09B-F3361A1365E3}) (Version: 15.11.0 - Akademische Arbeitsgemeinschaft)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{0DD6CFE2-C3A7-4286-A362-B13BC8AD553F}) (Version: 17.09.0 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{CADF44B6-B8A2-4398-B8FA-EDD157589B81}) (Version: 18.09.1 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.16.113 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.41.113 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2017  (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.37.88 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2018 (HKLM-x32\...\{A1D1FDBD-02F9-49B6-9EB2-2DC6B1D37E16}) (Version: 23.35.52 - Wolters Kluwer Deutschland GmbH)
Steuer-Spar-Erklärung Plus 2012 (HKLM-x32\...\{3BCDCC6A-3A47-4883-8A0C-55AC061316CB}) (Version: 17.17.11 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung Plus 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.43.178 - Akademische Arbeitsgemeinschaft)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Mechanic (HKLM-x32\...\{95129D61-FF52-4FA8-A403-3E31FC5D9696}) (Version: 18.5.1.208 - iolo technologies, LLC)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Secret Legacy DE Version 1.11 (HKLM-x32\...\{20067A8B-9363-45B9-B5D3-7845B276EBAF}_is1) (Version: 1.11 - )
The Silver Lining (HKLM-x32\...\{26ED4308-E0A5-4AE2-A1BC-7A55BC7DD32F}) (Version: 4.0.0 - Phoenix Online)
Toolbar Terminator (HKLM-x32\...\Toolbar Terminator_is1) (Version: 2.06 - Abelssoft)
Unmechanical (HKLM\...\UDK-c913fb41-1b8a-467f-9499-8ab2dd1ba145) (Version:  - Talawa Games - Teotl Studios)
Unsterbliche Liebe: Eine Vampirgeschichte (Vollversion) (HKLM-x32\...\Unsterbliche Liebe: Eine Vampirgeschichte (Vollversion)) (Version: 0.0.0.0 - INTENIUM GmbH)
Update for Skype for Business 2015 (KB4461557) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{BB7D10A9-A135-4EB8-82F1-8A25FEB1B327}) (Version:  - Microsoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WebM Project Directshow Filters (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\webmdshow) (Version:  - )
WhatsApp (HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\WhatsApp) (Version: 0.2.6426 - WhatsApp)
Willi 2.130 (HKLM-x32\...\Willi_is1) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinFunktion Mathematik plus 20 (HKLM-x32\...\{CDBA97DF-63B9-44E7-B900-92E8165260C0}) (Version: 1.00.0000 - bhv Publishing GmbH)
WinHTTrack Website Copier 3.48-19 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinX HD Video Converter Deluxe 5.12.1 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WinX MediaTrans (HKLM-x32\...\WinX MediaTrans) (Version: 3.2 - Digiarty Software, Inc.)
Wondershare TunesGo Retro ( Version 4.8.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.8.3 - Wondershare)
Wondershare Video Converter Platinum HD 2012(Build 5.1.3.1) (HKLM-x32\...\Wondershare Video Converter Platinum HD 2012_is1) (Version:  - Wondershare Software)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Yawcam 0.6.0 (HKLM-x32\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version: 0.6.0 - Yawcam)
Zoolz2 (HKLM-x32\...\Zoolz2) (Version: 2.1 - Genie9)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-453296214-1327697751-653560176-1001_Classes\CLSID\{04419CEE-76E5-4487-B32E-68C0FD0C07E4}\InprocServer32 -> C:\Users\ki\AppData\Local\SkypePlugin\7.6.0.295\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ContextMenuHandlers1: [!NetFax0] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax1] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax2] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax3] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax4] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax5] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax6] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax7] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-06-20] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Keine Datei
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [eXpertPDF10_ManagerExt] -> {0D0BC151-74FD-4755-8F00-5CAD33DEB334} => C:\Program Files\eXpert PDF 10\creator-context-menu.dll [2016-12-02] (Avanquest UK Ltd -> Avanquest Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2015-08-31] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\x64\Incinerator.dll [2018-12-14] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-03-18] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1-x32: [SodaPDF8_ManagerExt] -> {3515E187-6607-4A1B-B616-26C7A7B4B32A} => C:\Program Files\Soda PDF 8\creator-context-menu.dll [2016-01-11] (LULU SOFTWARE LIMITED -> LULU SOFTWARE LIMITED)
ContextMenuHandlers1-x32: [SodaPDFDesktop_ManagerExt] -> {526A2ADD-BD9B-40E5-9D45-75EF6313FCE4} => C:\Program Files\Soda PDF Desktop\context-menu.dll [2017-03-23] (LULU Software -> LULU Software)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2-x32-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2-x32-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2-x32-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2-x32-x32: [SteganosShellExtension] -> {FAE0A3E0-3010-41BA-9DDC-A631394F047F} => C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll [2014-08-27] (Steganos Software GmbH -> )
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3-x32: [SteganosShellExtension] -> {FAE0A3E0-3010-41BA-9DDC-A631394F047F} => C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll [2014-08-27] (Steganos Software GmbH -> )
ContextMenuHandlers3-x32: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Keine Datei
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\x64\Incinerator.dll [2018-12-14] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2contmenu.dll [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-11-13] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {017C2C94-4CAA-4479-8296-FA8237A76850} - System32\Tasks\{9CADD5AC-73EF-4AA4-BF15-C0220579CE08} => E:\UnmechanicalSetup.exe
Task: {07A2F410-0531-4518-B8E5-7C272634E1DB} - System32\Tasks\{E9D3106E-6A84-4C00-8C62-0D26D5B04A63} => C:\Riot Games\League of Legends\lol.launcher.exe
Task: {097C36B8-81DC-4BEA-919A-FD1C4C233811} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0ED6EE64-CE9B-4B46-B09A-7EEE89FC490D} - System32\Tasks\{D55ED03E-EEAA-4724-9CF2-642C1745D0A0} => E:\Setup.exe
Task: {11976B1A-6D81-4209-A629-549A0F6BD412} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {19C1E80E-17B2-4866-AACF-EBD28B3CB91D} - System32\Tasks\{73B123F4-BB1A-4A78-9729-19DCC02943B8} => E:\UnmechanicalSetup.exe
Task: {1AA9EB57-B2A6-48FF-91E9-85F9F760FD79} - System32\Tasks\{9590372A-2D8A-4BF2-A579-A131305D9F3F} => E:\Setup.exe
Task: {210E3939-4E2C-4133-9318-A8F73EC00F0D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {22E0B6FD-6449-4877-8198-29734A3D091D} - System32\Tasks\{C1705EBC-84AD-48C0-9BAE-2C8F6A90D8CB} => E:\Setup.exe
Task: {270ACFEE-6BC2-480A-AE0A-6A82B2FAFC95} - System32\Tasks\Opera scheduled Autoupdate 1434372108 => C:\Program Files (x86)\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {2D6FB77B-67CF-4F7F-AA3C-70EDF20D237E} - System32\Tasks\{BFCF381A-450A-469C-ADDE-6F6B5F57D06C} => E:\Setup.exe
Task: {3435508B-53E3-49E6-A408-0A18572B4B6F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: {3930E452-5948-4A0A-BD8A-AA3E1AE53656} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {3B6A2309-D4C0-4A87-B670-CF5B8479F344} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {45B409AD-034D-4F23-A99B-072DEF830C85} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {46642FC4-9B88-4BFF-BCF9-8FA05171DD63} - System32\Tasks\{90A50835-D061-4E5A-B55D-AA819B9BF2D2} => E:\setup.exe
Task: {57F069D5-4C9F-4526-A80C-7F959EBE9C36} - System32\Tasks\Driver Booster SkipUAC (ki) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {582CE772-BC1A-4AAE-95A9-612E3F71F407} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5AD4B854-D0B1-4B16-9AEF-91CD1C477465} - System32\Tasks\{0522FF20-425B-4A33-9F00-A67F6020D2D1} => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe (Clarus, Inc. -> Clarus, Inc.)
Task: {6F363371-5ED9-4E16-A65A-DBC8F673B26A} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: {72BBEF92-3230-482B-BB2E-2D66919CAE87} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7C1072AC-E5C1-4958-96E6-B4C18EA10170} - System32\Tasks\{6596D6D0-D533-4230-B0DE-897090408593} => E:\setup.exe
Task: {803D698F-2E53-48EF-875C-2278DF667F47} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {81C9863B-7FA7-4B5B-8724-6D0B80E88929} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {86CB65FD-A669-46AB-8C40-44EA1B66F7A8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {8B06F82D-A2F9-4620-B1CD-9FE4061DC117} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {95FD1E60-E0CE-45D0-8DAF-4CB256A794E9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {9DD09A7E-1129-4EE7-8921-B6081EA3D2D7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {A62730A4-775A-4CAB-A3A5-95E691C893FD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A6420339-7020-4EA4-B0B8-6FF817DEA3F7} - System32\Tasks\{B80F7492-C5BB-48E2-A3F7-F0F78A8A97AE} => E:\Setup.exe
Task: {AC19F91D-88FB-4EE8-BCB3-9E436C9D4173} - System32\Tasks\{B7E5C3C4-CC9E-4E82-A368-A6ACB2EC3612} => C:\Program Files (x86)\PurpleHills\Hinter dem Spiegel 2 - Die Rache der Hexe\Hinter dem Spiegel 2 - Die Rache der Hexe.exe
Task: {AD7FAB58-15DC-4E7D-A4E1-60EE5974B9B7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF420AC6-CA29-4854-8452-097F3807D77A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B56855C3-CFA8-4744-90DD-C08B87E79145} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B5F353CE-6293-49C1-8158-8E7C22EB387F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B96C9C24-70D6-46E5-A7F3-75692D7EFF8F} - System32\Tasks\{3D04DC53-894A-434C-B973-CD7DF46009F7} => E:\Setup.exe
Task: {BC1F3F6C-F1E2-42CC-BA42-212625E078DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {BD2B3A81-5556-404C-80F1-DD22E14AB662} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDBDC914-38F2-46FF-BD95-416907B1EE4B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDF5C7EC-5DB2-4E20-A738-75EEB5769C36} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BF55D50F-4BD1-4281-8081-6E07C392CE0D} - System32\Tasks\{5253A38C-6B14-4535-A833-A02146A8D6DE} => E:\Setup.exe
Task: {C563629E-5497-4215-BC3B-DD04C07296C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C5CEF710-B82C-4803-9A56-EA0E655E94C6} - System32\Tasks\{77F5C58B-2213-42ED-9C3C-F3F5240FC611} => E:\UnmechanicalSetup.exe
Task: {CCD1963F-9C59-4686-AC1B-2DCDF36F512C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CF301B6E-11D9-471A-B3D2-C39BE39108AF} - System32\Tasks\{D41300D7-0B44-4C90-8A23-41DF48B40F61} => C:\Program Files (x86)\PurpleHills\Hinter dem Spiegel 2 - Die Rache der Hexe\Hinter dem Spiegel 2 - Die Rache der Hexe.exe
Task: {D24F4A6C-D68F-4228-A0D3-396DBF5E0385} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5CEE429-72A3-4AF6-8FC9-4B8CA91CDD4D} - System32\Tasks\{270FB380-866E-41F6-8DEA-26B1B4ED881E} => E:\Setup.exe
Task: {D6BDD73A-E61D-4BC5-A3B1-DDEA50ADEDA0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8CECB80-90EB-48A3-AFCA-A1EFE96085E2} - System32\Tasks\Abelssoft\ToolbarTerminator Background Guard => C:\Program Files (x86)\ToolbarTerminator\TTBackgroundGuard.exe (Microsoft) [Datei ist nicht signiert]
Task: {DEE376CD-0049-412E-B9B3-C92B20E40170} - System32\Tasks\{6E62401D-3F6D-44C0-BC9E-E20A595F5953} => E:\Setup.exe
Task: {DF357ABB-C54F-4F80-846D-CB69F21A717E} - System32\Tasks\chipSWU => cscript.exe "C:\Program Files (x86)\chip\Internet Explorer\swu.vbs"
Task: {E03A5ED7-5F84-4B56-922C-07176FA9CCAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E0A2C520-6FE9-4E4E-95C8-33B4BE9805D0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E6127866-8945-4453-B377-341872E47C62} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E7EAF5F9-12E0-4299-A829-013AA1BC8025} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe
Task: {EDCBC82A-6F80-4802-BADA-9E31595766CC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F0BD0592-FDCA-4385-84FC-E0BD7AFC8AA7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FDBB2CC5-172D-41B6-8B30-DC1538CBEE93} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d25980b04c1a1a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ki NBAgent 6 0.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
Task: C:\WINDOWS\Tasks\ki Nero LIVEBackup 6 0.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe C:\Users\ki\AppData\Roaming\Nero\Nero 11\Nero BackItUp\Files\ki Nero LIVEBackup.nji
Task: C:\WINDOWS\Tasks\ki.job => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe C:\Users\ki\AppData\Roaming\Nero\Nero 11\Nero BackItUp\Files\ki.nji
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1434372108.job => C:\Program Files (x86)\Opera\launcher.exe
Task: C:\WINDOWS\Tasks\StartupStar Firewall.job => C:\Program Files (x86)\StartupStar\StartupStar.exe
Task: C:\WINDOWS\Tasks\Zoolz Start Backup.job => C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-07-26 10:42 - 2013-07-26 10:42 - 000034304 _____ () C:\WINDOWS\System32\ssa3mlm.dll
2018-12-01 20:36 - 2018-12-01 20:36 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2015-08-10 16:58 - 2015-11-16 16:18 - 000020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 001157592 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 005835168 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-14 10:06 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2014-08-27 16:02 - 2014-08-27 16:02 - 000226656 _____ () C:\Program Files (x86)\Steganos Safe 18\ShellExtension.dll
2019-01-17 20:37 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 000754416 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2018-11-23 13:02 - 2018-11-23 13:02 - 004785640 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2019-01-29 10:45 - 2019-01-29 10:45 - 006299944 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2015-12-05 17:39 - 2015-10-15 11:50 - 000469352 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\ExeLockSerX64.EXE
2015-12-05 17:39 - 2015-09-28 20:06 - 002462568 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPToolsx64.dll
2015-12-05 17:39 - 2015-09-28 20:06 - 003275624 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPCmn32x64.dll
2015-12-05 17:39 - 2015-09-28 20:06 - 000320360 _____ () C:\Program Files (x86)\abylonsoft\App-Blocker\APMPLangx64.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 007128176 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2018-04-12 17:22 - 2018-04-12 17:22 - 000475136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-04-12 17:22 - 2018-04-12 17:22 - 023358976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 015622144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 003101696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-04-12 17:22 - 2018-04-12 17:22 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-04-12 17:19 - 2018-04-12 17:19 - 004698840 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.23.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-23 13:16 - 2018-11-23 13:16 - 013265776 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe
2018-11-23 12:59 - 2018-11-23 12:59 - 000099896 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schdevid.dll
2018-11-23 12:56 - 2018-11-23 12:56 - 023053136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 000413712 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 001087784 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\schedule.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000277538 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 002386352 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\xerces_c.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000160168 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\libevent.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 012280336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2018-11-23 12:27 - 2018-11-23 12:27 - 001450728 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp_ex.dll
2018-11-23 12:01 - 2018-11-23 12:01 - 000144400 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2018-11-23 12:12 - 2018-11-23 12:12 - 000820440 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp.dll
2018-11-23 12:23 - 2018-11-23 12:23 - 000177416 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\archive3_adapter.dll
2018-11-23 12:07 - 2018-11-23 12:07 - 000271392 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\pcs_io.dll
2018-11-23 12:09 - 2018-11-23 12:09 - 000225312 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\zstd.dll
2018-11-23 12:09 - 2018-11-23 12:09 - 000042928 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\winpthreads4.dll
2018-11-23 12:22 - 2018-11-23 12:22 - 000055312 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 000261336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2018-06-18 19:31 - 2018-06-18 19:31 - 000444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2018-06-18 19:12 - 2018-06-18 19:12 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll
2018-11-23 12:00 - 2018-11-23 12:00 - 000680480 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\archive3.dll
2018-11-23 12:59 - 2018-11-23 12:59 - 003516192 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2018-11-23 12:59 - 2018-11-23 12:59 - 001168536 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\services_mms_addon.dll
2016-12-16 13:26 - 2016-01-28 15:33 - 001058624 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\libxml2.dll
2016-12-16 13:26 - 2011-01-13 11:44 - 000232800 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\PATCHW32.dll
2018-12-20 21:53 - 2017-01-23 17:49 - 000232800 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\PATCHW32.dll
2018-12-20 21:53 - 2018-11-13 07:15 - 001059304 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\libxml2.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000085992 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\zlib1.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000143336 _____ () C:\Program Files (x86)\StarMoney 11 Deluxe\ouservice\lzma.dll
2018-12-18 09:38 - 2018-11-13 07:15 - 001059304 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\libxml2.dll
2018-12-18 09:38 - 2017-01-23 16:49 - 000232800 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\PATCHW32.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000143336 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\lzma.dll
2018-12-03 16:40 - 2018-11-13 07:15 - 000085992 _____ () C:\Program Files (x86)\StarMoney 11\ouservice\zlib1.dll
2018-11-23 12:21 - 2018-11-23 12:21 - 000044560 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\libqrencode.dll
2018-11-23 12:27 - 2018-11-23 12:27 - 000283792 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\kb_link.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\ki\Documents\Grundsicherung 2015.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\ki\Documents\Grundsicherung 2015.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-07-13 17:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\DATA\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES;C:\Program Files (x86)\Business Objects\Common\3.5\bin\NOTES\DATA;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Acronis\SnapAPI;C:\Program Files (x86)\Acronis\TrueImageHome;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\
HKU\S-1-5-21-453296214-1327697751-653560176-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-453296214-1327697751-653560176-1007\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.

MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: AAV UpdateService => 2
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: AxVirtualAHCISrv => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: eXpert PDF 10 Creator => 2
MSCONFIG\Services: eXpert PDF 10 Manager => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: prl_mobdisp => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SODA Manager => 2
MSCONFIG\Services: Soda PDF 8 Creator => 2
MSCONFIG\Services: Soda PDF Desktop Creator => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WiaRpc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Password Safe.lnk => C:\Windows\pss\Password Safe.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AshSnap => C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Snap\ashsnap.exe
MSCONFIG\startupreg: Clarus Drive Manager => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\ki\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SanDiskSecureAccess_Manager.exe => C:\Users\ki\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "abylon MANAGER.lnk"
HKLM\...\StartupApproved\StartupFolder: => "psi_tray.exe"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "EverDoc Printer++"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NBAgent"
HKLM\...\StartupApproved\Run32: => "OKAYFREEDOM Notifier"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\StartupFolder: => "abylon MANAGER.lnk"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-453296214-1327697751-653560176-1001\...\StartupApproved\Run: => "Parallels Access"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

01-07-2018 22:37:12 Wiederherstellungsvorgang
15-07-2018 15:50:01 Windows Update
25-07-2018 17:29:47 alles ok
29-07-2018 15:38:13 Windows Update
29-07-2018 15:39:40 Windows Update
12-08-2018 15:56:07 Windows Update
17-08-2018 21:31:14 Windows Update
26-08-2018 15:51:41 Windows Update
02-09-2018 08:47:32 Windows Update
02-09-2018 08:48:56 Windows Update
10-09-2018 09:15:57 Windows Update
10-09-2018 09:17:39 Windows Update
30-09-2018 11:03:32 Windows Update
12-10-2018 08:58:14 Windows Update
15-10-2018 11:23:23 SteuerSparErklärung 2018 wurde installiert.
30-10-2018 11:20:32 Windows Update
30-10-2018 11:21:55 Windows Update
15-11-2018 09:19:01 Windows Update
27-11-2018 16:43:32 Windows Update
01-12-2018 20:53:07 nach treiberaktualisierung
14-12-2018 09:46:06 Windows Update
31-12-2018 21:23:01 Windows Update
17-01-2019 20:18:51 Windows Update
28-01-2019 09:08:13 Windows Update
29-01-2019 12:45:09 vor WSUS update
29-01-2019 14:23:23 Wiederherstellungsvorgang
03-02-2019 18:25:28 Windows Update
06-02-2019 18:11:20 Removed CHIP Best Deal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/10/2019 09:11:21 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-17T20:11:21Z. Fehlercode: 0x80041315.

Error: (02/10/2019 09:10:51 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-17T20:10:51Z. Fehlercode: 0x80041315.

Error: (02/10/2019 09:10:21 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-17T20:10:21Z. Fehlercode: 0x80041315.

Error: (02/10/2019 09:09:51 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-17T20:09:51Z. Fehlercode: 0x80041315.

Error: (02/10/2019 09:09:21 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-17T20:09:21Z. Fehlercode: 0x80041315.

Error: (02/10/2019 09:08:51 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-17T20:08:51Z. Fehlercode: 0x80041315.

Error: (02/10/2019 09:08:21 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-17T20:08:21Z. Fehlercode: 0x80041315.

Error: (02/10/2019 09:07:51 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2119-01-17T20:07:51Z. Fehlercode: 0x80041315.


Systemfehler:
=============
Error: (02/10/2019 11:51:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (02/10/2019 11:51:52 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ki\AppData\Local\Temp\ehdrv.sys

Error: (02/10/2019 11:51:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (02/10/2019 11:51:52 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ki\AppData\Local\Temp\ehdrv.sys

Error: (02/10/2019 11:51:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (02/10/2019 11:51:51 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ki\AppData\Local\Temp\ehdrv.sys

Error: (02/10/2019 11:51:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (02/10/2019 11:51:51 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ki\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================

Date: 2019-02-09 11:07:11.687
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:07:11.189
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:07:09.483
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:07:05.204
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:06:55.554
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:06:54.447
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:06:53.944
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-09 11:06:51.936
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 16365.64 MB
Verfügbarer physikalischer RAM: 11491.63 MB
Summe virtueller Speicher: 32749.64 MB
Verfügbarer virtueller Speicher: 27609.66 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:116.56 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:26.44 GB) NTFS

\\?\Volume{b0840d3d-72b6-11e1-81c4-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 58F6BA5B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== Ende von Addition.txt ============================

Hallo Matthias,

habe einige progs getestet, bisher gab es keinen Ausfall.
Das einzige trat gestern früh auf, da musste ich einen Neustart hinlegen,
um ins Netz zu kommen. Das trat aber nachher nicht mehr auf.

Mit Acronis 2019 cloud gab es bei der Speicherung kein Problem,
aber bei der direkt anschließenden backup-konsolidierung einen Abbruch.
Das scheint aber eine ganz andere Baustelle zu sein und wird mit Acronis geklärt.

Ansonsten habe ich ein breites Grinsen im Gesicht,
wenn ich an die Trojaner-Boardisten denke.

Ihr seid einfach einsame Spitze
und habt mir schon mehrmals geholfen.

Klaus

Windows 10 geht sporadisch ins Internet - Prgramme sind manchmal sehr langsam oder starten nicht

Log-Analyse und Auswertung: Windows 10 geht sporadisch ins Internet - Prgramme sind manchmal sehr langsam oder starten nicht