Trojaner-Board - Win 7: Kaspersky findet Trojan.Win32.FireHooker.a und evtl. mehr

Seite 1 von 2

100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Win 7: Kaspersky findet Trojan.Win32.FireHooker.a und evtl. mehr (https://www.trojaner-board.de/182002-win-7-kaspersky-findet-trojan-win32-firehooker-a-evtl-mehr.html)

CChris

26.09.2016 09:29

Win 7: Kaspersky findet Trojan.Win32.FireHooker.a und evtl. mehr

Liste der Anhänge anzeigen (Anzahl: 3)

Hallo,

mein Kaspersky Total Security und davor Kaspersky Pure finden immer wieder in verschiedenen .dll Dateien (sppc32.dll z.B.) den Trojan.Win32.FireHooker.a. Lösche oder blockiere ich diesen, kommt er dennoch immer wieder. Auch eine Untersuchung mit dem Kaspersky Notfall-Bootmedium brachte keinen Erfolg.
Ich hatte anschließend versucht mit dem CT Desinfect-Boot-Medium diesen loszuwerden. Dabei hatte ich noch andere Funde. Ich vermute, dass ein Großteil davon Fehlalarme waren. Trotzdem habe ich alle "inaktiviert" durch Anhängen der Endung ".Virus" an die Funde. Auch war meine Outlook .pst Datei dabei. Beim anschließenden Starten ging Win 7 in den Reparaturmodus, brachte die Meldung, dass es nicht repariert werden könne, startete anschließend dann doch wieder normal und Kaspersky fand wieder den Firehooker.
Ich habe noch ein Backup/Image vom Zustand des Systems vor dem Desinfect-Einsatz.

Ich hoffe Ihr könnt mir helfen. Vielen Dank schon mal.

Nachfolgend die logfiles (bisherige Vorgehensweise):

1. Erste Untersuchung mit FRST (vor Desinfect) FRST.txt:
Datei im Anhang.
2. Erste Untersuchung mit FRST (vor Desinfect) Addition.txt:
3. Untersuchung und Umbenennung mit Desinfect:
Dateien im Anhang. Die Einzel-Logfiles von ClamAV, Kaspersky, Eset und Avira sind aufgrund der großen Datenmenge nicht beigefügt, können aber ggf. nachgeliefert werden.
4. Zweite Untersuchung mit FRST (nach Desinfect) FRST.txt:
Datei im Anhang.
5. Kaspersky- Untersuchung nach Desinfect-Behandlung und System-Reparatur:
Eine Kaspersky Meldung über Firehooker und Kaspersky Bericht im Anhang.
-------------------------------------------------------------------------------------

1. Erste Untersuchung mit FRST (vor Desinfect) FRST.txt:

Datei im Anhang.

2. Erste Untersuchung mit FRST (vor Desinfect) Addition.txt:

Code:



Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-09-2016

durchgeführt von Chris (14-09-2016 14:41:17)

Gestartet von C:\Users\Chris\Downloads

Windows 7 Home Premium Service Pack 1 (X64) (2010-01-24 04:27:32)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-3975404785-3629955362-1126565087-500 - Administrator - Disabled)

Chris (S-1-5-21-3975404785-3629955362-1126565087-1000 - Administrator - Enabled) => C:\Users\Chris

Gast (S-1-5-21-3975404785-3629955362-1126565087-501 - Limited - Enabled) => C:\Users\Gast

HomeGroupUser$ (S-1-5-21-3975404785-3629955362-1126565087-1006 - Limited - Enabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}

AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

6500_E709a (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

8500A909_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

8500A909_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

8500A909a (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)

Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)

Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)

Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)

AKVIS Retoucher (HKLM-x32\...\{3096C412-7636-45FD-9074-F596F4417076}) (Version: 5.5.869.8634 - AKVIS)

ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )

Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )

ATI Catalyst Install Manager (HKLM\...\{0FB2E75A-1024-331F-77EF-D45F71505D58}) (Version: 3.0.732.0 - ATI Technologies, Inc.)

Audials (HKLM-x32\...\{FFA5E466-D1D3-44AE-BB20-8D56CF061877}) (Version: 10.2.22605.500 - Audials AG)

Auktionatrix - der schnelle Weg zu eBay (HKLM-x32\...\{02E8DF80-DFB9-4C56-8CB9-AFA1CE97AF9C}) (Version: 4.10.4.0 - Z-Dev)

Avery Wizard 4.0 (HKLM-x32\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)

Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)

Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.10(T) - TOSHIBA CORPORATION)

BPD_DSWizards (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden

BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

Brew Recipe Developer (HKLM-x32\...\{B203CBE3-7CF4-40E7-A6F4-761C87AA945F}) (Version: 2.0.0 - Oli Weiss)

Brother MFL-Pro Suite DCP-115C (HKLM-x32\...\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}) (Version: 1.0.1.0 - Brother Industries, Ltd.)

Brother MFL-Pro Suite DCP-357C (HKLM-x32\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.0.2.0 - Brother Industries, Ltd.)

BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

Camera Assistant Software for Toshiba (HKLM-x32\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.260.0526L - Chicony Electronics Co.,Ltd.)

Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)

Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)

Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)

Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)

Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - *Canon Inc.)

Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)

Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)

Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)

Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)

Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)

ccc-core-static (x32 Version: 2009.0729.2238.38827 - Ihr Firmenname) Hidden

CD/DVD Drive Acoustic Silencer (HKLM-x32\...\{4C3F3228-13BE-41D0-A782-3DDE7CB2479A}) (Version: 3.01.05 - TOSHIBA)

chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 2.2.1.0 - Chip Digital GmbH)

Cinergy HTC USB XS V5.09.1202.00 (HKLM-x32\...\Cinergy HTC USB XS) (Version: 5.09.1202.00 - )

Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{0F9639CB-D661-4FA0-A4B1-0441E515E0B7}) (Version: 3.1.04072 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden

Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Compiled Driver Disc (Full) 0.99 (HKLM-x32\...\{3DCF00F5-04A5-4543-A088-70548081120E}_is1) (Version: 0.99.0.1 - COMPELSON Labs)

Compiled Driver Disk (Samsung) 0.99 (HKLM-x32\...\{3DCF00F5-04A5-4543-A088-705480811206}_is1) (Version: 0.99.0.1 - COMPELSON Labs)

Conduit Engine (HKLM-x32\...\conduitEngine) (Version:  - Conduit Ltd.) <==== ACHTUNG

Conexant Audio Driver For AMD HDMI Codec (HKLM\...\CNXT_AUDIO_HDA_HDMI) (Version: 4.98.6.0 - Conexant)

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.6.61 - Conexant)

DDBAC (HKLM-x32\...\{7CF93713-EB2A-475C-93CA-D1C9DA388EF4}) (Version: 5.3.50.0 - DataDesign)

Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)

DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden

DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden

Dropbox (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Dropbox) (Version: 9.4.49 - Dropbox, Inc.)

DVD MovieFactory for TOSHIBA (HKLM-x32\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.51 - Ulead Systems, Inc.)

EpsonNet SetupManager (HKLM-x32\...\InstallShield_{BB828C7B-44A6-4A83-A96E-EF80B8680B8D}) (Version: 1.7.2 - SEIKO EPSON CORPORATION)

EpsonNet SetupManager (x32 Version: 1.7.2 - SEIKO EPSON CORPORATION) Hidden

EQUIP (HKLM-x32\...\{3BE64D7E-367A-EB54-9BE0-4D3E2A62EF17}) (Version: 3.3.0 - ISI GmbH)

EQUIP CAPI (HKLM-x32\...\{7B7618C6-0CF3-B1F4-496C-5E147D73AEA7}) (Version: 3.3.0 - )

Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

FileZilla Client 3.3.3 (HKLM-x32\...\FileZilla Client) (Version: 3.3.3 - )

Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)

fotokasten comfort 4.2 (HKLM-x32\...\fotokasten comfort_is1) (Version:  - )

Free Image Convert and Resize version 2.1 (HKLM-x32\...\Free Image Convert and Resize_is1) (Version:  - DVDVideoSoft Limited.)

Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.)

Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)

FreeCommander 2009.02a (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)

FRITZ!Box USB-Fernanschluss - 1  (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)

FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\f018cf21c0452c64) (Version: 2.3.0.2 - AVM Berlin)

GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)

Gini! (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\93edd1682ad811a0) (Version: 1.0.73.0 - FRITZ! Mini)

Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden

GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

grafstat4 (HKLM-x32\...\{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1) (Version: 4.249 - DrSoft)

HDMI Control Manager (HKLM-x32\...\InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA)

HDMI Control Manager (Version: 2.0 - TOSHIBA) Hidden

HDMI Control Manager (x32 Version: 2.0 - TOSHIBA) Hidden

HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)

HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP)

HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)

HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden

HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)

Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)

JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

Kalenderdruck-Assistent für Microsoft Office Outlook 2007 (HKLM-x32\...\{90120000-00A7-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)

Kaspersky Total Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden

kleiner-brauhelfer version 1.1.4.0 (HKLM-x32\...\kleiner-brauhelfer_is1) (Version:  - )

Lexware Abschreibungsrechner (HKLM-x32\...\{204294E8-371C-4DFB-8162-EF5BB4FEBFE1}) (Version: 11.00.04.0001 - Haufe-Lexware GmbH & Co.KG)

Lexware Elster (HKLM-x32\...\{AFB25971-2545-4EFF-922C-938915ACE6A8}) (Version: 11.01.00.0006 - Haufe-Lexware GmbH & Co.KG)

Lexware Info Service (HKLM-x32\...\{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}) (Version: 2.80.00.0007 - Haufe-Lexware GmbH & Co.KG)

Lexware online banking (HKLM-x32\...\{2C41394E-E15B-47DC-B33C-54D33EA85B68}) (Version: 15.00.00.0005 - Haufe-Lexware GmbH & Co.KG)

Logitech Z-series Software 1.03 (HKLM\...\{A8BE7A89-11DE-49B3-A4FC-6CDCB0C32B51}) (Version: 1.03.000 - Logitech)

Lottoschein-Check (HKLM-x32\...\Lottoschein-Check) (Version:  - )

MAGIX Foto Manager 9 (HKLM-x32\...\MAGIX Foto Manager 9 D) (Version: 7.0.0.91 - MAGIX AG)

MAGIX MP3 deluxe MX Download-Version (HKLM-x32\...\MAGIX_MSI_mp3_deluxe_mx) (Version: 18.0.0.109 - MAGIX AG)

MAGIX MP3 deluxe MX Download-Version (x32 Version: 18.0.0.109 - MAGIX AG) Hidden

MAGIX MP3 Maker 16 11.0.0.78 (D) (HKLM-x32\...\MAGIX MP3 Maker 16 D) (Version: 11.0.0.78 - MAGIX AG)

MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)

MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)

MAGIX Screenshare (HKLM-x32\...\MAGIX_MSI_PCVisit) (Version: 4.3.6.1987 - MAGIX AG)

MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden

MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.2.7 - MAGIX AG)

MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_MSI_Speed3_burnR_mxcdr_MSI) (Version: 7.0.2.6 - MAGIX AG)

MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden

MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden

Markets-Börsenticker (HKLM-x32\...\Markets-Börsenticker) (Version: 2 - Financial Times Deutschland)

Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.10.5.3 - Marvell)

maxdome - Online Videothek Version 3.1.0 (HKLM\...\maxdome - Online Videothek_is1) (Version:  - maxdome)

MDL Chime/Chime Pro for Internet Explorer (HKLM-x32\...\{46761278-BF32-4008-833B-93487FF0A06E}) (Version: 2.6 SP7 - MDL Information Systems, Inc.)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office Communicator 2007 (HKLM-x32\...\{0FCA0973-24C0-48EA-8CF6-71B53C135C09}) (Version: 2.0.6362.0 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)

Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)

MightyUninstaller (HKLM-x32\...\{91A02C6C-1FAA-49FA-957F-6ACF30D6B47D}_is1) (Version: 2.5.0.0 - MightyUninstaller.com)

MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)

Miranda Fusion 2.0.15 (HKLM-x32\...\MirandaFusion) (Version: 2.0.15 - Miranda Fusion Team)

Mobile Master (x32 Version: 7.8.3 - Jumping Bytes) Hidden

Mobile Master 7.8.3 (HKLM-x32\...\Mobile Master) (Version: 7.8.3 - Jumping Bytes)

MOBILedit! Support Libraries (HKLM-x32\...\{1A834332-A9EE-440C-9505-2D07F445F05A}) (Version: 4.0.0 - COMPELSON Labs)

MOBILedit! ver. 5.0.2.1015 (HKLM-x32\...\{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1) (Version: 5.0.2.1015 - COMPELSON Labs)

moneyplex 2011 (HKLM-x32\...\{B3946E24-EF59-4CEE-930F-7465D9C19A85}_is1) (Version: moneyplex 2011 - matrica GmbH)

MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)

Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)

MP3 deluxe MX Update (Version: 18.0.3.115 - MAGIX AG) Hidden

MPM (HKLM-x32\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)

MSXML 4.0 SP2 (KB941833) (HKLM-x32\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)

NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)

NetWaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.55 - BVRP Software, Inc)

Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden

Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden

Nitro Reader 2 (HKLM\...\{0723532B-AD75-4D04-B88A-8CCEC6624E6D}) (Version: 2.4.1.15 - Nitro PDF Software)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)

O2Micro Flash Memory Card Reader Driver (HKLM\...\{729F014A-9E91-49A6-B5F2-E8AA941452AE}) (Version: 3.31.03.A - O2Micro)

OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)

Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)

Ontrack EasyRecovery Home (HKLM-x32\...\{B8686BCF-5181-477F-9CBE-786391011B9C}_is1) (Version: 10.0.2.3 - Kroll Ontrack Inc.)

Paragon Festplatten Manager™ 15 Professional (HKLM\...\{1E104AF0-EA49-11DE-AC07-005056C00008}) (Version: 90.00.0003 - Paragon Software)

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Pinnacle DistanTV Server (HKLM-x32\...\{7C7AC2D4-1077-45C8-826A-16445B5E0DB7}) (Version: 1.0.0.095 - Pinnacle Systems)

Pinnacle TVCenter Pro (HKLM-x32\...\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}) (Version: 5.1.0.2722 - Pinnacle Systems)

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden

ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

PSPP (HKLM-x32\...\B426B849-6071-5684-6429-7BE6B77DAB5B) (Version: 20100611 - GNU)

Quicken HOME & BUSINESS Jubiläumsversion (HKLM-x32\...\{A907A713-DA24-4352-8786-96C7A6944646}) (Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG)

Quicken Import Export Server Jubiläumsversion (HKLM-x32\...\{7FE9F5F5-8C9B-49F2-989C-BD885BD79B8D}) (Version: 20.30.00.0099 - Haufe-Lexware GmbH & Co.KG)

QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )

RasWin (remove only) (HKLM-x32\...\RasWin) (Version:  - )

RG eBook (HKLM-x32\...\com.radeberger-gruppe.ebook) (Version: 1.1.7 - Radeberger Gruppe KG)

RG eBook (x32 Version: 1.1.7 - Radeberger Gruppe KG) Hidden

Samsung ML-2010 Series (HKLM-x32\...\Samsung ML-2010 Series) (Version:  - )

Samsung ML-2010 Series SmartPanel (HKLM-x32\...\Samsung ML-2010 Series SmartPanel) (Version:  - )

SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )

Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )

SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )

Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )

Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )

SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )

SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )

Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.3.90702 - Samsung Electronics Co., Ltd.)

Samsung PC Studio 3 (x32 Version: 3.0.0.90702 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )

SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)

Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden

SecuBrowser (HKLM-x32\...\{A7287C0E-C94F-4009-B438-485E38286EB9}) (Version: 1.0.7.0 - Frank Eschenbacher)

ShaDown! (HKLM-x32\...\{909F4A33-D068-4D61-BBF1-B3135DD19C18}) (Version: 1.3.0.0 - Inforall.net)

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)

simfy VZ edition (HKLM-x32\...\simfy-VZ-edition) (Version: 1.2.0 - simfy GmbH)

simfy VZ edition (x32 Version: 1.2.0 - simfy GmbH) Hidden

Skype web features (HKLM-x32\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)

Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)

SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden

SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden

Spelling Dictionaries Support For Adobe Reader 8 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)

StarMoney (x32 Version: 3.0.2.50 - StarFinanz) Hidden

StarMoney Business 5.0  (HKLM-x32\...\{96CA5ACD-1A36-417E-AC15-707E93AB895C}) (Version: 5.0 - Star Finanz GmbH)

STATISTICA TRIAL DE 10 (HKLM-x32\...\{E492A541-96C6-4D38-B698-805A745C5EBC}) (Version: 10.0.228.8 - StatSoft (Europe) GmbH)

STATNOVAPDF (novaPDF 7.1 printer) (HKLM\...\STATNOVAPDF_is1) (Version:  - Softland)

Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden

Stellar Phoenix PowerPoint Recovery (HKLM-x32\...\Stellar Phoenix PowerPoint Recovery_is1) (Version: 1.0.0.0 - Stellar Information Systems Ltd.)

StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )

Stundenplan v1.0 (HKLM-x32\...\Stundenplan_is1) (Version:  - Bastian Dornauf)

Surf & E-Mail-Stick (HKLM-x32\...\Surf & E-Mail-Stick) (Version: 16.001.06.02.35 - Huawei Technologies Co.,Ltd)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)

TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.15.11 - )

Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)

Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden

Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.07 - TOSHIBA)

TOSHIBA Benutzerhandbücher (HKLM-x32\...\{1C971EE3-B4C4-4367-9676-57549919C6CE}) (Version: 7.40 - TOSHIBA)

TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.23 - TOSHIBA Corporation)

TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 for x64 - TOSHIBA Corporation)

TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 2.50.0.11-AU - TOSHIBA Corporation)

TOSHIBA Extended Tiles for Windows Mobility Center (HKLM-x32\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version:  - )

TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 2.0.17.64 - TOSHIBA)

TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{E8B39B08-7FAB-48CC-89E9-37C5589E130C}) (Version:  - )

Toshiba Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.06.0000 - TOSHIBA)

TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.2 for x64 - TOSHIBA)

TOSHIBA Recovery Disk Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0017 - TOSHIBA)

TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{DF0853CA-A1D0-4169-8472-F2822C8FA1EB}) (Version:  - )

TOSHIBA TEMPRO (HKLM-x32\...\{3A9B3B6D-3C08-4283-AF50-FD82C49DD71E}) (Version: 3.34 - Toshiba Europe GmbH)

TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.2.28.64 - TOSHIBA Corporation)

TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

TRORDCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.6 - TOSHIBA)

TRORDCLauncher (x32 Version: 1.0.0.6 - TOSHIBA) Hidden

Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )

Universal Document Converter (Demo) (HKLM-x32\...\Universal Document Converter_is1) (Version: 5.2 - fCoder Group, Inc.)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

UPS Widget 2 (HKLM-x32\...\com.polythink.ups.wda.03EBA0C726630DF115D9764F9B83F5185396D811.1) (Version: 2.1.81 - ThinkDesktop LLC)

UPS Widget 2 (x32 Version: 2.1.81 - ThinkDesktop LLC) Hidden

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)

VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)

Vodafone Mobile Connect (HKLM-x32\...\{91252C0A-59F9-42F9-9181-B9CC74F592C0}) (Version: 9.4.10.24647 - Vodafone)

Vodafone Mobile Connect Lite (HKLM-x32\...\{B5761811-28F3-4257-B537-815C5EEF472C}) (Version: 3.1.2.104 - Vodafone)

Währungsumrechner (HKLM-x32\...\{5B0A0143-7ED2-4B68-A60B-9D92987DE5BD}) (Version: 1.0.1 - Stephan Muller)

WatchTVPro Essential Version 1.00 (HKLM-x32\...\WatchTVPro Essential_is1) (Version: 3.11 - Michael Hepp)

WEB.DE Online-Speicher 1.32.1.0 (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\WEB.DE Application {sync-000021}) (Version: 1.32.1.0 - 1&1 Mail & Media GmbH)

WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden

Wertpapieranalyse 2012 (HKLM-x32\...\{A7166A02-9745-4F19-BB16-A0CC1F3ABDB1}) (Version: 1.01.0006 - Haufe-Lexware GmbH & Co. KG)

Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

Windows-Treiberpaket - Chicony (usbvideo) Image  (05/12/2009 6.3.251.0512) (HKLM\...\4D0A78D60CE7E81C31D46CB92DBA41CCF993C9BD) (Version: 05/12/2009 6.3.251.0512 - Chicony)

Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.3.3.3 - Winload)

WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

WinSCP 5.1.7 (HKLM-x32\...\winscp3_is1) (Version: 5.1.7 - Martin Prikryl)

WinTimeKill 3.2 (HKLM-x32\...\{8667C09D-CD26-40BB-95F6-423272ACAA0A}_is1) (Version:  - Patrik Abend)

WISO Börse 2009 (HKLM-x32\...\{8596363E-8F5F-4693-BAA4-CC32973455D6}) (Version: 9.0.0.0 - Buhl Data Service GmbH)

WISO Mein Geld 2009 Professional (HKLM-x32\...\{44061C54-0775-4AE1-B433-79BCC6431817}) (Version: 10.01.0082 - Buhl Data Service GmbH)

WISO Mein Geld 2012 Professional (HKLM-x32\...\WISO Mein Geld 2012 Professional) (Version:  - Buhl Data Service GmbH)

WISO Mein Geld 2012 Professional (x32 Version: 14.0.1.18 - Buhl Data Service GmbH) Hidden

Yontoo 1.10.03 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.03 - Yontoo LLC) <==== ACHTUNG
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{009EDA42-71E4-4C16-BB2E-578DC33BA491}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0274CF59-F6B1-474B-A138-51A810564926}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{063E01DE-C9E1-4809-A15F-B84F52E578D2}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0E5E5B83-A16D-4D15-AB45-7A0F8EECB0A5}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0F8B006E-892B-4863-982B-29FBE45536F9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{1D2BA6AE-3D89-4187-85CB-E5AF407887FF}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{1E78821A-BA30-4AA0-B7A6-670DC23459DA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{32B32854-7FEC-4816-B0BD-D053DE2B2918}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{43B3E546-36B7-48C9-9796-2C7574787A1C}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{4E285563-1863-4D93-805F-2D2FFCD4814F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{511B6700-19AE-4143-812F-1543B5E1C985}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{54614417-8AA4-4B1B-AA98-559FC054636D}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{5F67A6B4-1A03-4371-A8A1-BD3263A2C2EC}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{6DB72514-5DA2-4791-9B68-310FDEB85CC9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{6FBE247C-3300-4F44-B5E6-1AC33BF03995}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{7C3F44C4-07D3-418D-A3BA-C7F1A5EF1235}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{7FE2C97A-562F-4791-ABB1-7C02D18EEC59}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8790471D-FE4E-4FF5-A91F-0808F923BEB9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8951CFDD-B3F7-4F2D-AF61-FE2228347429}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8EB50499-42D6-456A-A1A7-4DC4BB4B0F5B}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{90E6DB72-4FBB-4F7A-9D36-3B56F3C4A517}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{90FC7BE4-DBEB-4CF4-828B-9AA72AE8FF74}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9221816B-AC34-4E7B-AE2F-4032653ECDDB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9962A902-9E84-45FA-B2E9-FC6CDD02674E}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9BDE95FF-99CA-413F-A4B4-2D1B21FC9EE8}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9D40216B-B7B9-4402-BF6A-D21FD70A6000}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{A607C93C-A6EF-4B55-B8F9-6CA2C10690E4}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{A83FBE75-11CB-49F5-B9D7-802782B81CCB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{AE86BB6A-EB9A-4A4A-B0A9-FBAE38CFFBC9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{B037D8DB-0736-46A4-AF2B-E902E59DDD54}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{B716B7B7-443C-4E2D-A4B1-29BEB5987FC1}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{BB1B99DE-B2EB-4561-880E-BFCD4438E657}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C1E8B9C9-A293-4813-B730-54F5972AEE5A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C28602FF-7932-4EE2-9315-B47E2C6E1ED3}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C8F19C62-21CD-428E-AA37-773DAA8917E5}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{CAADC8E8-5514-495E-9DAC-C53C3A8D503F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D04F500B-185A-4E3E-B82A-76509373F9AC}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D2B3ACC4-B475-4435-8AA7-DA83C7D86C7E}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D8CAEBA4-584C-43DF-8C0F-2F764E2B1BCB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{DDF489D3-8A13-4761-ABD7-FAF62A428252}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{DE119701-E35B-49BD-BB71-A51B2EE8B251}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E00AF38E-7813-4623-BBB2-9DB8323648DF}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E41726A5-6A44-4112-8C22-9658E343B903}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E6CED06A-26B6-455B-90C4-0EAFC522BC71}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E8FE3CF4-FDC0-41DD-9B2E-3E7750CA3990}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{EE4A1121-C3D3-464E-B86B-CE0AA5D6D948}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{F6D701F8-799E-432F-BF81-C90B53D73AFD}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{F911124F-7BE5-4977-9B72-DEB00CE30D04}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FAE7A96A-56C3-4ABF-A6C2-D5D78089A7D8}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-501_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtExt.dll (TOSHIBA)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {00A50F64-49EA-4E90-B353-DD359493C931} - System32\Tasks\{AA37AD7A-A892-46C2-B416-734ACEC8F226} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe

Task: {0B51DC78-6AB9-40B1-B476-1C87752223F8} - System32\Tasks\{D4789B5A-6DB4-44E9-A9ED-5AC6AF432DF7} => pcalua.exe -a "C:\Users\Chris\Downloads\Treiber - DA2 Hybrid\driver\yInstallTools.exe" -d "C:\Users\Chris\Downloads\Treiber - DA2 Hybrid\driver"

Task: {16F46E11-86F0-4CA1-ABFD-14FF70BAC4F9} - System32\Tasks\{FB826B21-F920-416A-8815-52AC2A56170B} => pcalua.exe -a C:\Users\Chris\Downloads\iview436_setup.exe -d C:\Users\Chris\Downloads

Task: {1AD9F8B0-5360-453D-9AD1-F251165E341D} - System32\Tasks\{7C18FACC-B665-4062-86F3-56F5668D95C8} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.)

Task: {2308EF6C-BB71-4AE7-92B9-64093BAA4F8D} - System32\Tasks\{B8A6E478-3AF8-46BD-8261-CB722F6903D3} => pcalua.exe -a C:\Users\Chris\Downloads\LiveUSBHelper.exe -d "C:\Program Files (x86)\Mozilla Firefox"

Task: {29BA79AF-3117-4068-B736-6ECF72F7BF56} - System32\Tasks\{BD8A5EF9-D2C1-4FCB-93A7-808176143B30} => pcalua.exe -a H:\Setup.exe -d H:\

Task: {35449C4F-B1E9-470D-8E2D-6826A9E9FBAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)

Task: {35ECE4F3-BC11-4315-933F-C18A85205DF1} - System32\Tasks\{6B21BEC5-D3AE-4354-80D2-764432510387} => pcalua.exe -a H:\Setup.exe -d H:\

Task: {43AD022A-2BB9-4FE2-818B-39D95CFE1827} - System32\Tasks\{68B17966-2F73-40C4-8B36-89087A972312} => pcalua.exe -a "C:\Program Files (x86)\MAGIX\MP3_Maker_16\unwise.exe"

Task: {52313735-3929-43EC-91CD-77FB0BD62FBE} - System32\Tasks\{3AF93069-6DC9-46EE-97A3-A591F702CA35} => pcalua.exe -a I:\boot\Porteus-installer-for-Windows.exe -d I:\boot

Task: {543369A4-C969-4838-B92D-2A7DC84EA3CA} - System32\Tasks\{0C1C7759-13FA-458D-8090-A6078AC5C98C} => pcalua.exe -a C:\Users\Chris\Downloads\Officejet6500E709a_ES_MJP1FN0935AR_GER.exe -d C:\Users\Chris\Downloads

Task: {5B7EFF43-D7BF-477E-8772-8D7C5C1BFBFA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000Core => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-04] (Dropbox, Inc.)

Task: {5C728041-8EC9-49D1-A954-327E77027CEE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {5DA7E1B4-84E0-4C01-BF11-964D2216F958} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {6064CA1D-0FC5-4E82-821F-D6CF1A086477} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"]

Task: {64FB3D25-1327-4F5A-BAFC-38156858BB45} - System32\Tasks\{DEBE6408-024E-4819-8D61-8410057B6AC2} => Firefox.exe hxxp://ui.skype.com/ui/0/7.8.0.102/de/abandoninstall?page=tsProgressBar

Task: {652A2DBE-83F4-423A-8EEC-5501B5B5DF19} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)

Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs

Task: {7FED724C-9CDF-458C-8B90-F268EA033E74} - System32\Tasks\{69CE9557-BA97-4474-A45E-0968A6CA6AD2} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp2_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

Task: {818E3FB0-85F8-4E77-8493-4817184891DF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {8601B210-24FA-4436-A263-15A5673BE8E9} - System32\Tasks\{BDB07A78-03B3-49A5-BD37-5175E8D7F861} => pcalua.exe -a "C:\Program Files (x86)\Universal Phonebook Editor\uninstall.exe" -d "C:\Program Files (x86)\Universal Phonebook Editor"

Task: {8827FA34-3070-421D-BB2F-572653596B85} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {8936FA70-2D15-4D08-B70D-514777D204FF} - System32\Tasks\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0} => pcalua.exe -a "C:\Users\Chris\AppData\Local\Temp\Temp1_Treiber - DA2 Hybrid.zip\driver\yInstallTools.exe" <==== ACHTUNG

Task: {93067070-B8A9-4C20-AAC0-11C374778F84} - System32\Tasks\{716937DF-D5A3-4046-8594-CCDA873196E5} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\2\SSM_Uninstall.exe

Task: {93F317F6-81A7-40BC-B552-BEDDE69C2C73} - System32\Tasks\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp1_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

Task: {9B543991-FD98-4728-83CD-468052D2F1C9} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-09-03] (TOSHIBA CORPORATION)

Task: {A4E44E72-EF5C-41A1-B3C3-A60EDD61A7D9} - System32\Tasks\{8B7373D6-C48D-492C-8734-AF5087D2E2D5} => pcalua.exe -a C:\Users\Chris\Downloads\Samsung_PC_Studio_322_HK4.exe -d C:\Users\Chris\Downloads

Task: {A71F18D1-2CB9-4682-A5D8-BEEDEB44A63A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {A74E11CE-2F3E-4EF4-90C0-A21FEA0E5316} - System32\Tasks\{99CAA6B9-ACBA-4021-90BB-18A369274190} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\1\SS_Uninstall.exe

Task: {A90215A6-803C-40C1-9D04-2CBA3E518C80} - System32\Tasks\{4908698E-00E3-4059-B956-2F876C3A0468} => pcalua.exe -a "C:\Program Files (x86)\MAGIX\MP3_Maker_16\InstallLauncher.exe" -d "C:\Program Files (x86)\MAGIX\MP3_Maker_16"

Task: {AC11D051-7009-45E9-AB9A-AF149069458D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {BE35B1E0-8578-45C7-B0EE-EE6B4F3B86F4} - System32\Tasks\{9B33248F-F8DF-4A45-ABBB-8F53BBD07115} => pcalua.exe -a H:\VMCLiteSetup.exe -d H:\

Task: {C368FF83-A215-47DB-AAB8-4C2E43EDAB49} - System32\Tasks\{FAE26A1A-8FCC-41F2-A570-2FCF7D9A1C24} => pcalua.exe -a C:\Users\Chris\Downloads\AVM_FRITZ!_Mini_Assistent.exe -d "C:\Program Files (x86)\Mozilla Firefox"

Task: {C54E3770-6F3B-462A-AB96-EDBA234D8901} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000UA => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-04] (Dropbox, Inc.)

Task: {DBBDBC63-5585-4360-B96F-9FF11A80721E} - System32\Tasks\{F333CAB0-1196-4AE6-9CC5-5790870CA562} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\7\SSECUninstall.exe

Task: {E5B85FED-B082-42A8-80D8-0A448C829E79} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs

Task: {F3BB91A4-A792-4C1C-96B9-AEC4E69D4AD7} - System32\Tasks\{046C2D50-3619-4E16-9AB7-8FAAC3CB7CE3} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\6\SSBCUninstall.exe

Task: {FB973E15-0B31-4011-8CC5-4DF7055CB3A9} - System32\Tasks\{F16B9B92-3000-4D0A-A6C0-2897B7481825} => pcalua.exe -a C:\Users\Chris\Downloads\Statistikprogs\SPSS_Stats_trial_19_Language_win64.exe -d C:\Users\Chris\Downloads\Statistikprogs
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000Core.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000UA.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

Shortcut: C:\Users\Chris\AppData\Local\Microsoft\Windows\GameExplorer\{5710A5FA-80D0-4AD3-BF1D-B5602E02FC7F}\SupportTasks\1\Support.lnk -> hxxp://support.ubi.com/

Shortcut: C:\Users\Chris\AppData\Local\Microsoft\Windows\GameExplorer\{5710A5FA-80D0-4AD3-BF1D-B5602E02FC7F}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.mightandmagic.com/
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2014-09-21 15:01 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll

2006-12-04 02:26 - 2006-12-04 02:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll

2014-09-21 15:01 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll

2015-07-12 10:52 - 2015-10-27 09:21 - 00149024 _____ () C:\Windows\system32\DnsBlockUpdateSvc.exe

2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2013-11-14 15:28 - 2013-11-14 15:28 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 00135680 _____ () C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 07553024 _____ () C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 01032704 _____ () C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll

2009-07-16 16:27 - 2009-07-16 16:27 - 07244600 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll

2009-07-16 16:27 - 2009-07-16 16:27 - 00051512 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll

2009-04-06 14:17 - 2007-04-23 09:09 - 00016896 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll

2009-03-12 20:08 - 2009-03-12 20:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll

2009-07-25 18:38 - 2009-07-25 18:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00056832 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Utilities.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00009728 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Utilities.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00025088 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Common.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00009216 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientScan.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00021504 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerScan.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00010240 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerAccess.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00007168 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientAccess.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00007680 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.ShellExtension.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00013824 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.ShellExtension.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00014336 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Core.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00034304 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Common.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00017408 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.CrossCutting.DependenciesConfiguration.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00006144 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.CrossCutting.DependenciesConfiguration.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00029696 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerScan.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00082944 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Core.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00026112 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerAccess.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00025088 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientScan.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00020480 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientAccess.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00014336 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Migration.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00005120 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Migration.Contracts.dll

2010-03-14 23:17 - 2006-12-01 21:13 - 00520192 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe

2009-05-04 11:45 - 2009-05-04 11:45 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2010-01-24 15:21 - 2010-01-24 15:21 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2013-08-29 02:23 - 2013-08-29 02:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

2013-10-10 23:48 - 2013-10-10 23:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll

2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\kpcengine.2.3.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll

2013-02-18 19:52 - 2011-01-13 12:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney Business 5.0\ouservice\PATCHW32.dll

2008-03-25 15:45 - 2008-03-25 15:45 - 00111888 _____ () C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\UPnPStreamingDevice.dll

2016-08-25 18:23 - 2016-08-06 05:21 - 00035792 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd

2016-09-04 17:44 - 2016-08-06 05:21 - 00145864 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\pyexpat.pyd

2016-09-04 17:44 - 2016-08-06 05:22 - 00019408 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\faulthandler.pyd

2016-09-04 17:44 - 2016-08-06 05:21 - 00116688 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\pywintypes27.dll

2016-08-25 18:23 - 2016-08-06 05:21 - 00100296 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_ctypes.pyd

2016-08-25 18:23 - 2016-08-06 05:21 - 00018888 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\select.pyd

2016-08-25 18:23 - 2016-08-30 23:38 - 00019760 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd

2016-08-25 18:23 - 2016-08-06 05:21 - 00694224 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\unicodedata.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00020816 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd

2016-08-25 18:23 - 2016-08-06 05:22 - 00123856 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 01682760 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00020808 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00105928 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32api.pyd

2016-08-25 18:23 - 2016-08-30 23:38 - 00021312 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00052024 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00038696 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\fastpath.pyd

2016-09-04 17:44 - 2016-08-06 05:19 - 00392144 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\pythoncom27.dll

2016-09-04 17:44 - 2016-08-06 05:24 - 00020936 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\mmapfile.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00024528 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32event.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00116176 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32security.pyd

2016-08-25 18:23 - 2016-08-30 23:38 - 00381752 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00124880 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32file.pyd

2016-08-25 18:23 - 2016-08-30 23:38 - 00025424 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00024016 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32clipboard.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00175560 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32gui.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00030160 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32pipe.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00043472 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32process.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00048592 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32service.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00057808 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32evtlog.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00024016 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32profile.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00246592 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00026456 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd

2016-08-25 18:23 - 2016-08-06 05:25 - 00028616 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32ts.pyd

2016-08-25 18:23 - 2016-08-06 05:21 - 00144848 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_elementtree.pyd

2016-08-25 18:23 - 2016-08-06 05:22 - 00241104 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_jpegtran.pyd

2016-08-25 18:23 - 2016-08-30 23:38 - 00020800 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd

2016-08-25 18:23 - 2016-08-30 23:38 - 00019776 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd

2016-08-25 18:23 - 2016-08-30 23:38 - 00020800 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00020280 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd

2016-08-25 18:23 - 2016-08-30 23:38 - 00023376 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd

2016-08-25 18:23 - 2016-08-06 05:25 - 00350152 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winxpgui.pyd

2016-08-25 18:23 - 2016-08-30 23:38 - 00022352 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00024392 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd

2016-09-04 17:44 - 2016-08-06 05:18 - 00036296 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\librsync.dll

2016-09-04 17:44 - 2016-08-30 23:38 - 00084280 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL

2016-09-04 17:44 - 2016-08-30 23:38 - 01826096 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd

2016-08-25 18:23 - 2016-08-06 05:22 - 00083912 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\sip.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 03928880 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 01972528 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00531248 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00133424 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00224056 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00207672 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd

2016-08-25 18:23 - 2016-08-30 23:38 - 00020288 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd

2016-08-25 18:23 - 2016-08-06 05:24 - 00060880 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32print.pyd

2016-08-25 18:23 - 2016-08-30 23:38 - 00024904 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00546096 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00357680 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00042808 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd

2016-09-04 17:44 - 2016-08-30 23:38 - 00168760 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd

2011-10-27 12:32 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

2013-08-29 02:25 - 2013-08-29 02:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\Windows\system32\DnsBlockUpdateSvc.exe:IID [16]

AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]

AlternateDataStreams: C:\ProgramData\TEMP:B6AC352B [127]
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27644631.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\58058682.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\B50EA66D.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27644631.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\58058682.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\B50EA66D.sys => ""="Driver"
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
 

127.0.0.1       localhost

::1             localhost
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

HKU\S-1-5-21-3975404785-3629955362-1126565087-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

HKU\S-1-5-21-3975404785-3629955362-1126565087-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.178.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{3B498F82-E6B1-4079-92C5-B809AAC1D572}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe

FirewallRules: [{94B915EA-362B-4182-B20B-23100E9775B0}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe

FirewallRules: [{CAC92C89-3768-4335-9C6B-A7D295780EFC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [TCP Query User{5862B42F-63CC-4FCE-87DE-6D182CADA2DB}C:\program files (x86)\mirandafusion\miranda32.exe] => (Allow) C:\program files (x86)\mirandafusion\miranda32.exe

FirewallRules: [UDP Query User{675CC335-508C-42F0-BD63-FC3E09F4CBC6}C:\program files (x86)\mirandafusion\miranda32.exe] => (Allow) C:\program files (x86)\mirandafusion\miranda32.exe

FirewallRules: [{08F2CAA4-9983-4293-AE11-2689ED92A48F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe

FirewallRules: [{F27EBA1D-F7BE-40D3-BB69-D39A17022BC5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe

FirewallRules: [{1BF0AC42-126D-423F-963E-93EFE7C661D1}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{6AEB7994-DF92-4248-A124-EB261430D800}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{3B65A749-CD90-4B76-9FD8-E1A470D71D4B}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{136DA2BF-1E6E-445F-97D2-9CB5B2840D1A}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{2910747F-5B2E-460F-9F34-BA3246D949C9}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe

FirewallRules: [{5363A111-4EDE-4891-AC7E-0D015D28895D}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe

FirewallRules: [TCP Query User{7F6BA431-5258-41BF-8D63-DF80F3260424}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe] => (Allow) C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe

FirewallRules: [UDP Query User{690E7D39-CF3D-429E-B10A-BF4076E8EDA9}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe] => (Allow) C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe

FirewallRules: [{48E308A4-4A33-4B4D-B409-9A750BA2AE3D}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe

FirewallRules: [{B1CB65F8-53D0-4332-85D7-C18030C1E031}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe

FirewallRules: [{1E598ADB-4672-464D-8CFF-7E03DA9F13DC}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{22A011A9-7A10-48D6-A8E9-8BE89975CB07}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{1D89CAFF-3E75-41D3-ACB8-D45FB8027E9E}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS7EB5\OJP8500vA909_Full_13\setup\hpznui40.exe

FirewallRules: [{1A649C83-F9BE-4E5A-9450-A4A4A0E8F71F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

FirewallRules: [{B45D410B-B5B8-4963-8D87-6703C9BA22F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe

FirewallRules: [{2576125D-A259-479F-9F1F-B51C18BA8CA1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe

FirewallRules: [{96BD5F29-C91E-433D-8402-8F0BE853EE2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe

FirewallRules: [{77F823DB-06D6-4B46-8796-01543187F1DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe

FirewallRules: [{E47379FC-AB92-45FF-A81B-3870E308C8ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe

FirewallRules: [{42415531-0267-4DE3-9880-B99D0335759C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe

FirewallRules: [{16CE3075-C5EC-4D6E-9EAA-321375004F53}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe

FirewallRules: [{9A851529-AB13-49B9-B55F-2B0B20E50608}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe

FirewallRules: [{E71B519F-8461-4139-A91D-0BB078DA1AEB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe

FirewallRules: [{A5261F2F-8A51-4EBA-B831-90C2497D104E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe

FirewallRules: [{79B3A7E0-DB58-4911-9A1B-EF427DBBBA07}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe

FirewallRules: [{4ABA3AED-1E9A-411F-BDA1-6E1D26094A28}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe

FirewallRules: [{EDFF2F88-E0E2-4ACC-A8AC-D78DEE47B9A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

FirewallRules: [{F6F3DB79-15B7-412A-A5E0-FEF89F62A25E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe

FirewallRules: [{AC4DD1C0-1F9C-426E-BE09-87F5FDB7BE32}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe

FirewallRules: [{1C46CD2B-6920-470A-B552-4D4FB64AD6B4}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe

FirewallRules: [{C52F9996-E769-46DE-B291-A571F2EED59D}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe

FirewallRules: [{18A64633-A0FD-4FEE-8048-23479432530E}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsasvr.exe

FirewallRules: [{F13DDCF2-D87A-4270-BC40-DF39B9737F92}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsasvr.exe

FirewallRules: [{E2F78DD6-0416-4462-952C-6525BD64E0D3}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsvsvr.exe

FirewallRules: [{897B6510-A049-4ADA-9A34-FCA7570CA349}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsvsvr.exe

FirewallRules: [TCP Query User{C0957462-D874-4CFE-B9FF-939A23E0895F}C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe] => (Allow) C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe

FirewallRules: [UDP Query User{84832C12-5F67-4DA1-96A6-E7271C9E86EA}C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe] => (Allow) C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe

FirewallRules: [{317F6EAF-DAE6-48CC-9459-66F5D064AEC9}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{CE59ED56-BACB-4E32-B1EC-86B10893995C}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{8DE56995-CF43-4A7C-B7EC-4A58E48CAA03}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{7A67C93A-579D-4291-A98F-FFDE9451746D}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{2251F733-A846-44F1-977A-F04290671BC0}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{53FFB021-B571-4665-A546-52FC18732C28}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{4AEB8EE4-30E1-419E-9580-43354951D894}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{FC856EBE-64D6-47C1-9DB3-8D7EBA294F87}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [TCP Query User{19FB4C61-3944-4D22-933E-250244D86492}C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [UDP Query User{518FC4E6-062A-4AD6-9B1A-EF8059953E1C}C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [{DBD7C753-EDFB-45CF-BC77-A1351EC61170}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{B1293262-7D44-4EF1-AB31-8B52CB544CDC}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [TCP Query User{F767CC0C-C7D0-4791-850F-A3356A56B7E2}C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [UDP Query User{2B084990-3ACF-458F-B0DB-1932EC24BF7D}C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [TCP Query User{5D60EF0A-EE93-4B63-81D6-4DCEFE77A9F7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [UDP Query User{30C1C709-5B78-4534-BEC6-D4EBC1CCD898}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [{D1DA0B4D-2339-4058-A8C3-10D0C45460F1}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\7JHG7237.HRK\NHAGXY99.J3W\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{DD573B4A-6D13-4B4E-9DBB-021537E258F7}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\7JHG7237.HRK\NHAGXY99.J3W\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C82B9940-5E0A-4A27-8137-6BD8A83091C9}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe

FirewallRules: [{5F49AD72-F25B-4513-85BB-7CF599F7A0EA}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe

FirewallRules: [{C6B96FDB-AE10-47B6-AE7D-72583B19B607}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{AE91007B-71DE-41C4-9273-574D43CF2AE0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{4B252877-FE68-453A-8B8F-23A46DB79183}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{32EBA946-2164-4AF6-B085-D6FF08F0A0B4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{42CC78F1-7688-4430-9DBC-2374EFA11063}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe

FirewallRules: [{F62742BB-A37E-45EE-B97A-6DB714E8D432}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe

FirewallRules: [{0A61605A-E08C-4522-A69C-8FAF391ADA13}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\app\StarMoney.exe

FirewallRules: [{0CCBFC81-E02D-40C7-87E3-3F7C68EFAADF}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\app\StarMoney.exe

FirewallRules: [{5515B9C1-9D15-43A9-B705-2E5A261ED0CE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{A17D7959-38F5-41E3-9A8A-76D68EEDD966}] => (Allow) LPort=9322

FirewallRules: [{FEED730F-E300-4876-9C09-E54E8CE36959}] => (Allow) LPort=5353

FirewallRules: [{3ED5535E-EEA6-4939-B2D6-AAE000594A84}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe

FirewallRules: [{AD0288E7-E19B-4BD6-B947-73650A4A8FB9}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe

FirewallRules: [{F3A50888-4C82-4041-8099-3BD96A501F01}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe

FirewallRules: [{AF045C17-1DED-4729-ABBF-EDADCE241E94}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe

FirewallRules: [{9AEDB208-87F5-475F-850E-F4DA21533FB5}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe

FirewallRules: [{CB055D33-611C-4211-B9D2-6F7BA5F11CFB}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe

FirewallRules: [{CFB76798-0A7B-4F6C-81A3-DD52CCFE2361}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe

FirewallRules: [{49B3388D-C506-4D9F-A83E-C8A887736E08}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe

FirewallRules: [{A01F5991-4282-4B5A-98F4-2D20C4DE1F09}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe

FirewallRules: [{699C2634-F7F9-4E0C-83B1-F310D8902114}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe

FirewallRules: [{EBBDF23B-A64B-4F29-8D46-DFB5E21D0D2B}] => (Allow) LPort=5353

FirewallRules: [{A291B612-7DC2-4053-A674-A3C3B4ED8EC0}] => (Allow) C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

FirewallRules: [{D2AA0C76-6289-47D6-BA0F-A80B8D9EA215}] => (Allow) C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

FirewallRules: [{17EF27AB-E32C-4F70-AD4A-BC86A4E3D948}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{A7838210-48DF-4EBA-816F-43623E865A61}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{3454E41E-FFEC-44F5-B2FD-93C9607D9857}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C7292A3B-75E5-4854-8710-A395D0C260FC}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C2266FDF-BB49-414C-BBB8-6E27A8494D25}] => (Allow) C:\Program Files (x86)\Audials\Audials 10\Audials.exe

FirewallRules: [{75669AE8-CF83-47CF-82A8-9B206B5AC6F2}] => (Allow) LPort=12972

FirewallRules: [{FF82941F-52CE-45B6-BAD9-C02906E318B0}] => (Allow) LPort=14714

FirewallRules: [{CFFA7C30-FFF6-41FD-B249-9D179FF3B52C}] => (Allow) LPort=31931

FirewallRules: [{FFD223BE-B88B-4DCF-99DE-A43294048B04}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{0914084C-55E9-49FA-BD8F-0821C6C913B9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{07EF2CD4-31E2-414D-B616-9D8F7920C6AC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{62B0B672-A97D-4A89-AE52-DE6A26A3CCDD}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS2647\HPDiagnosticCoreUI.exe

FirewallRules: [{8541EF87-6686-4D86-93D2-04DDC211080A}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS2647\HPDiagnosticCoreUI.exe

FirewallRules: [{7F0C0A55-4C81-402C-9C9E-0B56B431C240}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{FBECAA93-E1E4-424E-BDF2-E909FB0D3B2F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{73D50136-5336-4933-A9BC-776C6395BDE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{C4198AC7-1D25-4D37-AF12-89EEC95A2A85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{0F61DA1D-2D6E-4506-B7FC-2D2EF44DA553}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe] => (Block) C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe

FirewallRules: [UDP Query User{981DCC8F-5141-4750-8FA2-97A4C2CA5503}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe] => (Block) C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe

FirewallRules: [{C4EFDD36-4653-4823-924C-7D543C1398C4}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\ZW8JXE9N.63C\CC9667DP.LKQ\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{81C8BA49-2EA4-45EE-8A42-A080466925A8}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\ZW8JXE9N.63C\CC9667DP.LKQ\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{F6FD3182-F891-403C-920D-F65074490C6B}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\RPDH7O7A.KJ7\8VE1QDO5.TOE\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{F8F9E99D-1954-4ED4-86C4-9A1E73D36D9C}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\RPDH7O7A.KJ7\8VE1QDO5.TOE\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{63401765-166F-4BE5-B875-1C72F47F7B79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{14083FD7-70C5-43FA-94D0-2A337FFF2246}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{05F36E34-621A-4058-ABCD-CD0D046D953D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{F7D4BA75-E4C5-41D6-B709-550207B17F62}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 

==================== Wiederherstellungspunkte =========================
 
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: FRITZ!WLAN Repeater N/G  (192.168.178.32)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: FRITZ!WLAN Repeater N/G  (192.168.178.2)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: SN  (192.168.178.1)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: FRITZ!Box Fon WLAN 7320  (169.254.1.1)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (09/14/2016 02:26:19 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/14/2016 01:34:49 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/07/2016 05:50:10 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm qw.exe, Version 20.36.0.133 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 3278
 

Startzeit: 01d2091e7431f441
 

Endzeit: 60000
 

Anwendungspfad: C:\Program Files (x86)\Lexware\Quicken\2013\qw.exe
 

Berichts-ID: 8aea482d-7512-11e6-9d26-00238bbbddba
 

Error: (09/07/2016 05:42:42 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm OUTLOOK.EXE, Version 12.0.6691.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 26bc
 

Startzeit: 01d2091a28e94118
 

Endzeit: 21
 

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
 

Berichts-ID: a9c8207b-7511-11e6-9d26-00238bbbddba
 

Error: (09/07/2016 05:11:51 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm OUTLOOK.EXE, Version 12.0.6691.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 2bd8
 

Startzeit: 01d206c236794c95
 

Endzeit: 0
 

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
 

Berichts-ID: 23e2164c-745c-11e6-9d26-00238bbbddba
 

Error: (08/29/2016 08:36:59 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (08/28/2016 07:24:52 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (08/28/2016 12:49:18 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (08/27/2016 07:45:35 AM) (Source: System Restore) (EventID: 8211) (User: )

Description: Der geplante Wiederherstellungspunkt konnte nicht erstellt werden. Zusätzliche Informationen: (0x81000101).
 

Error: (08/27/2016 07:45:35 AM) (Source: System Restore) (EventID: 8193) (User: )

Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x81000101).
 
 

Systemfehler:

=============

Error: (09/14/2016 02:25:59 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 

{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}

 und APPID 

{344ED43D-D086-4961-86A6-1106F4ACAD9B}

 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
 

Error: (09/14/2016 02:25:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

StarOpen
 

Error: (09/14/2016 02:24:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 

Das System kann das angegebene Gerät nicht finden.
 

Error: (09/14/2016 02:24:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "chip 1-click download service" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
 

Error: (09/14/2016 02:24:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst chip 1-click download service erreicht.
 

Error: (09/14/2016 02:24:42 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (09/14/2016 02:24:42 PM) (Source: atikmdag) (EventID: 19468) (User: )

Description: CPLIB :: General - Invalid Parameter
 

Error: (09/14/2016 02:24:42 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (09/14/2016 02:24:42 PM) (Source: atikmdag) (EventID: 19468) (User: )

Description: CPLIB :: General - Invalid Parameter
 

Error: (09/14/2016 02:24:27 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 
 

CodeIntegrity:

===================================

  Date: 2015-07-12 11:10:18.113

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.856

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.713

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.515

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-05-09 11:12:09.232

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.216

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.185

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.138

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2010-01-23 20:37:58.912

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\KLIFX64\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2010-01-23 20:37:58.897

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\KLIFX64\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM)2 Duo CPU T9550 @ 2.66GHz

Prozentuale Nutzung des RAM: 57%

Installierter physikalischer RAM: 4060.85 MB

Verfügbarer physikalischer RAM: 1737.95 MB

Summe virtueller Speicher: 6492.79 MB

Verfügbarer virtueller Speicher: 3802.79 MB
 

==================== Laufwerke ================================
 

Drive c: (Windows7) (Fixed) (Total:232.42 GB) (Free:4.83 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

Drive d: () (Fixed) (Total:465.76 GB) (Free:0.46 GB) NTFS

Drive f: (Data) (Fixed) (Total:231.87 GB) (Free:1.81 GB) NTFS

Drive h: () (Removable) (Total:1.94 GB) (Free:1.54 GB) FAT32
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BA938E8E)

Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)

Partition 2: (Active) - (Size=232.4 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (Size: 465.8 GB) (Disk ID: 553AFC2C)

Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (Size: 1.9 GB) (Disk ID: 2D703734)

Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
 

==================== Ende von Addition.txt ============================

3. Untersuchung und Umbenennung mit Desinfect:

Dateien im Anhang. Die Einzel-Logfiles von ClamAV, Kaspersky, Eset und Avira sind aufgrund der großen Datenmenge nicht beigefügt, können aber ggf. nachgeliefert werden.

4. Zweite Untersuchung mit FRST (nach Desinfect) FRST.txt:

Datei im Anhang.

5. Kaspersky- Untersuchung nach Desinfect-Behandlung und System-Reparatur:

Eine Kaspersky Meldung über Firehooker und Kaspersky Bericht im Anhang.

M-K-D-B

26.09.2016 16:01

:hallo:

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!

Wir beginnen erst mal so:

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
- Chrome Einstellungen
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

CChris

27.09.2016 10:37

Hallo Matthias,

vielen Dank für Deine Hilfe. Ich habe alle Schritte durchgeführt. Nachfolgend die logfiles.

AdwCleaner

AdwCleaner Logfile:

Code:

# AdwCleaner v6.020 - Bericht erstellt am 26/09/2016 um 22:00:27

# Aktualisiert am 14/09/2016 von ToolsLib

# Datenbank : 2016-09-26.3 [Server]

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)

# Benutzername : Chris - CHRIS-PC

# Gestartet von : C:\Users\Chris\Desktop\AdwCleaner_6.020.exe

# Modus: Löschen

# Unterstützung : https://toolslib.net/forum
 
 
 

***** [ Dienste ] *****
 

[-] Dienst gelöscht: DnsBlockUpdateSvc
 
 

***** [ Ordner ] *****
 

[-] Ordner gelöscht: C:\Program Files (x86)\{078E62BE-F461-474E-B969-2BCD63B02F00}

[-] Ordner gelöscht: C:\Program Files (x86)\{8CA5339C-60D4-479F-98AE-71A97CE5B715}

[-] Ordner gelöscht: C:\Program Files\{16916AFE-57EE-48FB-AD4A-6A0BA8760DBD}

[-] Ordner gelöscht: C:\Program Files\{48F4FBF4-1D29-4D6F-8926-17D8405B1CB5}

[-] Ordner gelöscht: C:\Windows\Installer\{046BAF37-BCDD-4CB9-B668-027022262D80}

[-] Ordner gelöscht: C:\Windows\Installer\{114AFBF0-B283-4FBB-B653-09288C067212}

[-] Ordner gelöscht: C:\Windows\Installer\{137244AB-4692-4CC2-B4FB-4D8073F7E328}

[-] Ordner gelöscht: C:\Windows\Installer\{1A3555C2-5B6D-4F7C-A5FA-1917DBFCA9F6}

[-] Ordner gelöscht: C:\Windows\Installer\{2AC185A1-F3F1-44D7-AC42-AD30F473BA25}

[-] Ordner gelöscht: C:\Windows\Installer\{2B2DF6E5-104B-4E25-9C4E-B74BAB9236CC}

[-] Ordner gelöscht: C:\Windows\Installer\{2B9CF1DB-B174-49BF-8C51-3FFF7F923F09}

[-] Ordner gelöscht: C:\Windows\Installer\{35C6C2E2-F0DC-44DB-95D3-F2017FA2A841}

[-] Ordner gelöscht: C:\Windows\Installer\{5FD6A4C8-546A-428D-AD7B-B2A3C2DACAFF}

[-] Ordner gelöscht: C:\Windows\Installer\{62052E1D-1DDE-4127-86CB-7691728448C1}

[-] Ordner gelöscht: C:\Windows\Installer\{64F99360-21E2-4A9C-A107-F88EA5C21100}

[-] Ordner gelöscht: C:\Windows\Installer\{68AA4594-C8A4-417C-B41A-E24F86E48D4F}

[-] Ordner gelöscht: C:\Windows\Installer\{6C680466-D055-4B6F-B689-CC30EC85A6A6}

[-] Ordner gelöscht: C:\Windows\Installer\{767F9B18-6DC5-46E9-8D48-597703EA76C8}

[-] Ordner gelöscht: C:\Windows\Installer\{7D8A3F66-2FA5-4022-A6A2-C1BF04BD045B}

[-] Ordner gelöscht: C:\Windows\Installer\{8A78DA40-A366-4C9D-96D5-64551AB7F41F}

[-] Ordner gelöscht: C:\Windows\Installer\{A18B9A7C-89AC-40C7-A7FB-0C4F3D84EEE7}

[-] Ordner gelöscht: C:\Windows\Installer\{A2D6E1B9-A6CF-4831-BA5A-159E5883926F}

[-] Ordner gelöscht: C:\Windows\Installer\{B89A9A0B-C535-441B-B8B1-11DB353CFC02}

[-] Ordner gelöscht: C:\Windows\Installer\{C8AE8E51-111B-4F3C-82D3-2642D0A5DDAF}

[-] Ordner gelöscht: C:\Windows\Installer\{D10B5881-7D0B-47D1-A07B-287C87BCC0D3}

[-] Ordner gelöscht: C:\Windows\Installer\{D6B8FE35-5629-4CDC-A89D-3EB6CC43700C}

[-] Ordner gelöscht: C:\Windows\Installer\{EE3D6984-44E0-4B66-8C50-AFE192EF4B2A}

[-] Ordner gelöscht: C:\Users\Chris\AppData\Local\DnsBlock

[-] Ordner gelöscht: C:\Users\Chris\AppData\LocalLow\ConduitEngine

[-] Ordner gelöscht: C:\Users\Chris\AppData\LocalLow\HPAppData

[-] Ordner gelöscht: C:\Users\Chris\AppData\Roaming\DesktopIconForAmazon

[-] Ordner gelöscht: C:\Users\Chris\AppData\Roaming\HPAppData

[-] Ordner gelöscht: C:\Users\Chris\AppData\Roaming\OCS

[-] Ordner gelöscht: C:\Users\Chris\AppData\Roaming\OpenCandy

[-] Ordner gelöscht: C:\Users\Gast\AppData\LocalLow\HPAppData

[-] Ordner gelöscht: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\ConduitCommon

[#] Ordner mit Neustart gelöscht: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\conduitcommon

[-] Ordner gelöscht: C:\ProgramData\Tarma Installer

[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Tarma Installer

[-] Ordner gelöscht: C:\Program Files (x86)\ConduitEngine

[-] Ordner gelöscht: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\extensions\{40C3CC16-7269-4B32-9531-17F2950FB06F}
 
 

***** [ Dateien ] *****
 

[-] Datei gelöscht: C:\Windows\SysNative\GroupPolicy\Machine\Registry.pol

[-] Datei gelöscht: C:\Windows\SysNative\GroupPolicy\GPT.ini

[-] Datei gelöscht: C:\Windows\SysNative\dns.block

[-] Datei gelöscht: C:\END

[-] Datei gelöscht: C:\Windows\SysWOW64\dns.block

[-] Datei gelöscht: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\foxydeal.sqlite

[-] Datei gelöscht: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\11-suche.xml
 
 

***** [ DLL ] *****
 
 
 

***** [ WMI ] *****
 
 
 

***** [ Verknüpfungen ] *****
 
 
 

***** [ Aufgabenplanung ] *****
 
 
 

***** [ Registrierungsdatenbank ] *****
 

[-] Wert gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{6729B3DF-590E-4CEB-93E2-CD0A6AD88219}]

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Toolbar.CT2319825

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Conduit.Engine

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\DPBHO.DownloadProtect

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\DPBHO.DownloadProtect.1

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\MDL Information Systems (Elsevier MDL).ChimeShimLibrary

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\MDL Information Systems (Elsevier MDL).ChimeShimLibrary.1

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\MDL Information Systems.ChimeShimLibrary

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\MDL Information Systems.ChimeShimLibrary.1

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Tv.TimeshiftProfile

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Tv.TimeshiftProfile.1

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YontooIEClient.Api

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YontooIEClient.Layers

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Conduit.Engine

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\DPBHO.DownloadProtect

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\DPBHO.DownloadProtect.1

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\MDL Information Systems (Elsevier MDL).ChimeShimLibrary

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\MDL Information Systems (Elsevier MDL).ChimeShimLibrary.1

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\MDL Information Systems.ChimeShimLibrary

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\MDL Information Systems.ChimeShimLibrary.1

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Tv.TimeshiftProfile

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Tv.TimeshiftProfile.1

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YontooIEClient.Api

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YontooIEClient.Layers

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{1C6F51F8-BCE6-4702-8952-6A8233359FBC}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{40C3CC16-7269-4B32-9531-17F2950FB06F}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{E7BF74EE-9106-4113-B216-2F980BA29141}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{40C3CC16-7269-4B32-9531-17F2950FB06F}

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{40C3CC16-7269-4B32-9531-17F2950FB06F}

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]

[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{40C3CC16-7269-4B32-9531-17F2950FB06F}]

[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]

[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]

[-] Schlüssel gelöscht: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\Conduit

[-] Schlüssel gelöscht: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\DownloadProtect

[-] Schlüssel gelöscht: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\InstallCore

[-] Schlüssel gelöscht: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\Softonic

[-] Schlüssel gelöscht: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\YahooPartnerToolbar

[-] Schlüssel gelöscht: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\AppDataLow\Toolbar

[-] Schlüssel gelöscht: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\AppDataLow\Software\Conduit

[-] Schlüssel gelöscht: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\AppDataLow\Software\conduitEngine

[-] Schlüssel gelöscht: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\AppDataLow\Software\winload

[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Conduit

[#] Schlüssel mit Neustart gelöscht: HKCU\Software\DownloadProtect

[#] Schlüssel mit Neustart gelöscht: HKCU\Software\InstallCore

[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic

[#] Schlüssel mit Neustart gelöscht: HKCU\Software\YahooPartnerToolbar

[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Toolbar

[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\Conduit

[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\conduitEngine

[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\winload

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Conduit

[-] Schlüssel gelöscht: HKLM\SOFTWARE\conduitEngine

[-] Schlüssel gelöscht: HKLM\SOFTWARE\winload

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Conduit

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\DownloadProtect

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\InstallCore

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Softonic

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\YahooPartnerToolbar

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Toolbar

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\Conduit

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\conduitEngine

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\winload

[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Speedchecker Limited

[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Tarma Installer

[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

[-] Daten  wiederhergestellt: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\Microsoft\Internet Explorer\Main [Start Page] 

[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 

[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 

[-] Schlüssel gelöscht: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\DPBHO.DLL

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\s

[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\CLASSES\APPID\DPBHO.DLL
 
 

***** [ Browser ] *****
 

[-] Firefox Einstellungen bereinigt: "CT2319825..clientLogIsEnabled" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825..clientLogServiceUrl" -  "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"

[-] Firefox Einstellungen bereinigt: "CT2319825..uninstallLogServiceUrl" -  "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"

[-] Firefox Einstellungen bereinigt: "CT2319825.AboutPrivacyUrl" -  "hxxp://www.conduit.com/privacy/Default.aspx"

[-] Firefox Einstellungen bereinigt: "CT2319825.CTID" -  "CT2319825"

[-] Firefox Einstellungen bereinigt: "CT2319825.CurrentServerDate" -  "29-10-2011"

[-] Firefox Einstellungen bereinigt: "CT2319825.DSInstall" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.DialogsAlignMode" -  "LTR"

[-] Firefox Einstellungen bereinigt: "CT2319825.DialogsGetterLastCheckTime" -  "Sat Oct 29 2011 00:41:49 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.DownloadReferralCookieData" -  ""

[-] Firefox Einstellungen bereinigt: "CT2319825.EMailNotifierPollDate" -  "Sat Oct 29 2011 00:41:47 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.FeedPollDate11908299" -  "Sat Oct 29 2011 00:41:58 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.FirstServerDate" -  "29-10-2011"

[-] Firefox Einstellungen bereinigt: "CT2319825.FirstTime" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.FirstTimeFF3" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.FixPageNotFoundErrors" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.GroupingServerCheckInterval" -  1440

[-] Firefox Einstellungen bereinigt: "CT2319825.GroupingServiceUrl" -  "hxxp://grouping.services.conduit.com/"

[-] Firefox Einstellungen bereinigt: "CT2319825.HPInstall" -  false

[-] Firefox Einstellungen bereinigt: "CT2319825.HasUserGlobalKeys" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.HomePageProtectorEnabled" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.HomepageBeforeUnload" -  "hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=13"

[-] Firefox Einstellungen bereinigt: "CT2319825.Initialize" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.InitializeCommonPrefs" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.InstallationAndCookieDataSentCount" -  1

[-] Firefox Einstellungen bereinigt: "CT2319825.InstallationType" -  "ConduitIntegration"

[-] Firefox Einstellungen bereinigt: "CT2319825.InstalledDate" -  "Sat Oct 29 2011 00:41:47 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.InvalidateCache" -  false

[-] Firefox Einstellungen bereinigt: "CT2319825.IsGrouping" -  false

[-] Firefox Einstellungen bereinigt: "CT2319825.IsInitSetupIni" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.IsMulticommunity" -  false

[-] Firefox Einstellungen bereinigt: "CT2319825.IsOpenThankYouPage" -  false

[-] Firefox Einstellungen bereinigt: "CT2319825.IsOpenUninstallPage" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.IsProtectorsInit" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.LanguagePackLastCheckTime" -  "Sat Oct 29 2011 00:41:48 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.LanguagePackReloadIntervalMM" -  1440

[-] Firefox Einstellungen bereinigt: "CT2319825.LanguagePackServiceUrl" -  "hxxp://translation.users.conduit.com/Translation.ashx"

[-] Firefox Einstellungen bereinigt: "CT2319825.LastLogin_3.7.0.6" -  "Sat Oct 29 2011 00:41:48 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.LatestVersion" -  "3.7.0.6"

[-] Firefox Einstellungen bereinigt: "CT2319825.Locale" -  "de"

[-] Firefox Einstellungen bereinigt: "CT2319825.MCDetectTooltipHeight" -  "83"

[-] Firefox Einstellungen bereinigt: "CT2319825.MCDetectTooltipUrl" -  "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"

[-] Firefox Einstellungen bereinigt: "CT2319825.MCDetectTooltipWidth" -  "295"

[-] Firefox Einstellungen bereinigt: "CT2319825.MyStuffEnabledAtInstallation" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.OriginalFirstVersion" -  "3.7.0.6"

[-] Firefox Einstellungen bereinigt: "CT2319825.RadioLastCheckTime" -  "Sat Oct 29 2011 00:41:48 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.RadioLastUpdateIPServer" -  "3"

[-] Firefox Einstellungen bereinigt: "CT2319825.RadioLastUpdateServer" -  "129224641269630000"

[-] Firefox Einstellungen bereinigt: "CT2319825.RadioShrinkedFromSetup" -  false

[-] Firefox Einstellungen bereinigt: "CT2319825.SavedHomepage" -  "www.google.de"

[-] Firefox Einstellungen bereinigt: "CT2319825.SearchCaption" -  "Winload Customized Web Search"

[-] Firefox Einstellungen bereinigt: "CT2319825.SearchEngineBeforeUnload" -  "Winload Customized Web Search"

[-] Firefox Einstellungen bereinigt: "CT2319825.SearchFromAddressBarIsInit" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.SearchFromAddressBarUrl" -  "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q="

[-] Firefox Einstellungen bereinigt: "CT2319825.SearchInNewTabEnabled" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.SearchInNewTabIntervalMM" -  1440

[-] Firefox Einstellungen bereinigt: "CT2319825.SearchInNewTabLastCheckTime" -  "Sat Oct 29 2011 00:41:48 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.SearchInNewTabServiceUrl" -  "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"

[-] Firefox Einstellungen bereinigt: "CT2319825.SearchInNewTabUsageUrl" -  "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID"

[-] Firefox Einstellungen bereinigt: "CT2319825.SearchProtectorEnabled" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.SearchProtectorToolbarDisabled" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.SendProtectorDataViaLogin" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.ServiceMapLastCheckTime" -  "Sat Oct 29 2011 00:41:46 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.SettingsLastCheckTime" -  "Sat Oct 29 2011 00:41:46 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.SettingsLastUpdate" -  "1313478201"

[-] Firefox Einstellungen bereinigt: "CT2319825.TBHomePageUrl" -  "hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=13"

[-] Firefox Einstellungen bereinigt: "CT2319825.ThirdPartyComponentsInterval" -  504

[-] Firefox Einstellungen bereinigt: "CT2319825.ThirdPartyComponentsLastCheck" -  "Sat Oct 29 2011 00:41:46 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.ThirdPartyComponentsLastUpdate" -  "1255344657"

[-] Firefox Einstellungen bereinigt: "CT2319825.ToolbarDisabled" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.ToolbarShrinkedFromSetup" -  false

[-] Firefox Einstellungen bereinigt: "CT2319825.TrusteLinkUrl" -  "hxxp://trust.conduit.com/CT2319825"

[-] Firefox Einstellungen bereinigt: "CT2319825.TrustedApiDomains" -  "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCityToolbar.com,MyCollegeToolbar.com,MyFamilyToolbar.com,MyForumToolbar.com,MyLibraryToolbar.com,MyRadioToolbar.com,MyStoreToolbar.com,MyTownToolbar.com,MyUniversityToolbar.com,OurChurchToolbar.com,MyXangaToolbar.com,Media-Toolbar.com,LoyaltyToolbar.com,MyTeamToolbar.com,GreatToolbars.com,OurOrganizationToolbar.com,OurBusinessToolbar.com,Toolbar.fm"

[-] Firefox Einstellungen bereinigt: "CT2319825.UserID" -  "UN42560113433226543"

[-] Firefox Einstellungen bereinigt: "CT2319825.WeatherNetwork" -  ""

[-] Firefox Einstellungen bereinigt: "CT2319825.WeatherPollDate" -  "Sat Oct 29 2011 00:41:47 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.WeatherUnit" -  "C"

[-] Firefox Einstellungen bereinigt: "CT2319825.alertChannelId" -  "715912"

[-] Firefox Einstellungen bereinigt: "CT2319825.backendstorage.id" -  "3238303036313234"

[-] Firefox Einstellungen bereinigt: "CT2319825.generalConfigFromLogin" -  "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdownload.conduit.com/\",\"RevertSettingsEnabled\":\"FALSE\"}"

[-] Firefox Einstellungen bereinigt: "CT2319825.globalFirstTimeInfoLastCheckTime" -  "Sat Oct 29 2011 00:41:47 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.homepageProtectorEnableByLogin" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.initDone" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.isAppTrackingManagerOn" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.isFirstRadioInstallation" -  false

[-] Firefox Einstellungen bereinigt: "CT2319825.myStuffEnabled" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.myStuffPublihserMinWidth" -  400

[-] Firefox Einstellungen bereinigt: "CT2319825.myStuffSearchUrl" -  "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"

[-] Firefox Einstellungen bereinigt: "CT2319825.myStuffServiceIntervalMM" -  1440

[-] Firefox Einstellungen bereinigt: "CT2319825.myStuffServiceUrl" -  "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT"

[-] Firefox Einstellungen bereinigt: "CT2319825.revertSettingsEnabled" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.searchProtectorDialogDelayInSec" -  10

[-] Firefox Einstellungen bereinigt: "CT2319825.searchProtectorEnableByLogin" -  true

[-] Firefox Einstellungen bereinigt: "CT2319825.testingCtid" -  ""

[-] Firefox Einstellungen bereinigt: "CT2319825.toolbarAppMetaDataLastCheckTime" -  "Sat Oct 29 2011 00:41:46 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CT2319825.toolbarContextMenuLastCheckTime" -  "Sat Oct 29 2011 00:41:47 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ConduitHomepagesList" -  "hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=13"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ConduitSearchList" -  "Winload Customized Web Search"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/715912/711772/DE" -  "\"1-205962-57582000\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2319825" -  "\"1282729563\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=de" -  "oIwsta2spzadhjRgiY1Nhw=="

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=de" -  "WiZSpHJzJ/uTUKvfHHyj/w=="

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=de" -  "9H/gICSaMqbmx+Gd+8W4Sg=="

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=de" -  "eJfMrdrGnhGHiiPiYjgAww=="

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg" -  "\"07879643d3acc1:0\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6" -  "\"6a637346d78ccc1:0\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2319825" -  "\"634553316085800000\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2319825&octid=CT2319825" -  "\"1313478201\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer_dead.gif" -  "\"0a8c48d3330c81:0\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.gif" -  "\"0e2106f3030c81:0\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif" -  "\"0f475394430c81:0\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif" -  "\"08d9ef44430c81:0\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif" -  "\"066e8863030c81:0\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de" -  "\"07bb177151bafb3279d86644950b67e1\""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.LatestLibsPath" -  "file:///C:\\Users\\Chris\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\464scs16.default\\conduitCommon\\modules\\3.7.0.6"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.LatestToolbarVersionInstalled" -  "3.7.0.6"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.SearchFromAddressBarSavedUrl" -  ""

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ToolbarsList" -  "CT2319825"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ToolbarsList2" -  "CT2319825"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.ToolbarsList4" -  "CT2319825"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.facebook.settingsLastCheckTime" -  "Sat Oct 29 2011 00:41:47 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.globalUserId" -  "6874a72d-b713-4ffc-9725-8863554258a4"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.isAlertUrlAddedToFeedItemTable" -  true

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.isClickActionAddedToFeedItemTable" -  true

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.keywordURLSelectedCTID" -  "CT2319825"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.alertDialogsGetterLastCheckTime" -  "Sat Oct 29 2011 00:41:48 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.alertInfoInterval" -  60

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.alertInfoLastCheckTime" -  "Sat Oct 29 2011 00:41:56 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.clientsServerUrl" -  "hxxp://alert.client.conduit.com"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.firstTimeAlertShown" -  true

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.locale" -  "en"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.loginIntervalMin" -  1440

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.loginLastCheckTime" -  "Sat Oct 29 2011 00:41:46 GMT+0200"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.loginLastUpdateTime" -  "1313487611"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.messageShowTimeSec" -  20

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.servicesServerUrl" -  "hxxp://alert.services.conduit.com"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.showTrayIcon" -  false

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.userCloseIntervalMin" -  300

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.notifications.userId" -  "1fbf7b53-7e40-4d2b-a903-a3d44d63fd04"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.originalHomepage" -  "www.google.de"

[-] Firefox Einstellungen bereinigt: "CommunityToolbar.originalSearchEngine" -  "chrome://browser-region/locale/region.properties"

[-] Firefox Einstellungen bereinigt: "browser.search.defaultthis.engineName" -  "Winload Customized Web Search"

[-] Firefox Einstellungen bereinigt: "extensions.fvd_single.surfcanyon.ramp.start_time" -  "1394016700366"

[-] Firefox Einstellungen bereinigt: "extentions.y2layers.defaultEnableAppsList" -  "twittube,buzzdock,YontooNewOffers"

[-] Firefox Einstellungen bereinigt: "extentions.y2layers.installId" -  "c38f4469-a5d5-4103-b766-510101c1a776"
 
 

*************************
 

:: "Tracing" Schlüssel gelöscht

:: Winsock Einstellungen zurückgesetzt

:: "Prefetch" Dateien gelöscht

:: Proxy Einstellungen zurückgesetzt

:: Internet Explorer Richtlinien gelöscht

:: Chrome Richtlinien gelöscht

:: Chrome Einstellungen zurückgesetzt: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
 

*************************
 

C:\AdwCleaner\AdwCleaner[C0].txt - [31277 Bytes] - [26/09/2016 22:00:27]

C:\AdwCleaner\AdwCleaner[S0].txt - [39915 Bytes] - [26/09/2016 21:56:45]
 

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [31425 Bytes] ##########

--- --- ---

[/CODE]

MBAM Log 1 -Schutzprotokoll

Code:



Malwarebytes Anti-Malware

www.malwarebytes.org
 
 

Protection, 26.09.2016 22:34, SYSTEM, CHRIS-PC, Protection, Malware Protection, Starting, 

Protection, 26.09.2016 22:34, SYSTEM, CHRIS-PC, Protection, Malware Protection, Started, 

Protection, 26.09.2016 22:34, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, 

Protection, 26.09.2016 22:34, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, 

Update, 26.09.2016 22:36, SYSTEM, CHRIS-PC, Manual, Remediation Database, 2016.2.12.1, 2016.9.21.1, 

Update, 26.09.2016 22:36, SYSTEM, CHRIS-PC, Manual, IP Database, 2016.2.8.1, 2016.9.23.1, 

Update, 26.09.2016 22:36, SYSTEM, CHRIS-PC, Manual, Rootkit Database, 2016.2.8.1, 2016.9.26.2, 

Update, 26.09.2016 22:37, SYSTEM, CHRIS-PC, Manual, Domain Database, 2016.2.16.8, 2016.9.26.4, 

Update, 26.09.2016 22:37, SYSTEM, CHRIS-PC, Manual, Malware Database, 2016.2.16.6, 2016.9.26.10, 

Protection, 26.09.2016 22:37, SYSTEM, CHRIS-PC, Protection, Refresh, Starting, 

Protection, 26.09.2016 22:37, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 26.09.2016 22:37, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 26.09.2016 22:37, SYSTEM, CHRIS-PC, Protection, Refresh, Success, 

Protection, 26.09.2016 22:37, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, 

Protection, 26.09.2016 22:37, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, 

Update, 26.09.2016 23:01, SYSTEM, CHRIS-PC, Scheduler, Malware Database, 2016.9.26.10, 2016.9.26.11, 

Protection, 26.09.2016 23:01, SYSTEM, CHRIS-PC, Protection, Refresh, Starting, 

Protection, 26.09.2016 23:01, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 26.09.2016 23:01, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 26.09.2016 23:02, SYSTEM, CHRIS-PC, Protection, Refresh, Success, 

Protection, 26.09.2016 23:02, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, 

Protection, 26.09.2016 23:02, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, 
 

(end)

MBAM Log 2 - Scan-Protokoll

Code:



Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlaufdatum: 27.09.2016

Suchlaufzeit: 04:07

Protokolldatei: mbam 2.txt

Administrator: Ja
 

Version: 0.0.0.0000

Malware-Datenbank: v2016.09.27.03

Rootkit-Datenbank: v2016.09.26.02

Lizenz: Testversion

Malware-Schutz: Aktiviert

Schutz vor bösartigen Websites: Aktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 7 Service Pack 1

CPU: x64

Dateisystem: NTFS

Benutzer: Chris
 

Suchlauftyp: Bedrohungssuchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 438898

Abgelaufene Zeit: 36 Min., 55 Sek.
 

Speicher: Aktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(keine bösartigen Elemente erkannt)
 

Module: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsschlüssel: 0

(keine bösartigen Elemente erkannt)
 

Registrierungswerte: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsdaten: 0

(keine bösartigen Elemente erkannt)
 

Ordner: 0

(keine bösartigen Elemente erkannt)
 

Dateien: 0

(keine bösartigen Elemente erkannt)
 

Physische Sektoren: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

MBAM Log 3 -Schutzprotokoll

Code:



Malwarebytes Anti-Malware

www.malwarebytes.org
 
 

Update, 27.09.2016 00:39, SYSTEM, CHRIS-PC, Scheduler, Domain Database, 2016.9.26.4, 2016.9.26.5, 

Protection, 27.09.2016 00:39, SYSTEM, CHRIS-PC, Protection, Refresh, Starting, 

Protection, 27.09.2016 00:39, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 27.09.2016 00:39, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 27.09.2016 00:39, SYSTEM, CHRIS-PC, Protection, Refresh, Success, 

Protection, 27.09.2016 00:39, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, 

Protection, 27.09.2016 00:39, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, 

Detection, 27.09.2016 01:05, SYSTEM, CHRIS-PC, Protection, Malware-Schutz, Datei, PUP.Optional.Conduit, C:\Program Files (x86)\Winload\uninstall.exe, Quarantäne, [d2f1c0b66f2bbb7b50aef3e7db26d62a]

Detection, 27.09.2016 01:05, SYSTEM, CHRIS-PC, Protection, Malware-Schutz, Datei, PUP.Optional.Conduit, C:\Program Files (x86)\Winload\WinloadToolbarHelper.exe, Quarantäne, [e2e1492dd6c481b559a6d30746bbc53b]

Detection, 27.09.2016 01:07, SYSTEM, CHRIS-PC, Protection, Malware-Schutz, Datei, PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Winload\prxtbWinl.dll, Quarantäne, [1da699ddf4a6b08650bc3a568a7a52ae]

Update, 27.09.2016 02:50, SYSTEM, CHRIS-PC, Scheduler, Malware Database, 2016.9.26.11, 2016.9.27.1, 

Protection, 27.09.2016 02:50, SYSTEM, CHRIS-PC, Protection, Refresh, Starting, 

Protection, 27.09.2016 02:50, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 27.09.2016 02:50, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 27.09.2016 02:50, SYSTEM, CHRIS-PC, Protection, Refresh, Success, 

Protection, 27.09.2016 02:50, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, 

Protection, 27.09.2016 02:50, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, 

Update, 27.09.2016 03:51, SYSTEM, CHRIS-PC, Scheduler, Malware Database, 2016.9.27.1, 2016.9.27.2, 

Protection, 27.09.2016 03:51, SYSTEM, CHRIS-PC, Protection, Refresh, Starting, 

Protection, 27.09.2016 03:51, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 27.09.2016 03:51, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 27.09.2016 03:51, SYSTEM, CHRIS-PC, Protection, Refresh, Success, 

Protection, 27.09.2016 03:51, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, 

Protection, 27.09.2016 03:51, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, 

Update, 27.09.2016 04:07, SYSTEM, CHRIS-PC, Scheduler, Malware Database, 2016.9.27.2, 2016.9.27.3, 

Protection, 27.09.2016 04:07, SYSTEM, CHRIS-PC, Protection, Refresh, Starting, 

Protection, 27.09.2016 04:07, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 27.09.2016 04:07, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 27.09.2016 04:07, SYSTEM, CHRIS-PC, Protection, Refresh, Success, 

Protection, 27.09.2016 04:07, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, 

Protection, 27.09.2016 04:07, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, 

Scan, 27.09.2016 06:41, SYSTEM, CHRIS-PC, Context, Start: 27.09.2016 02:50, Dauer: 36 Min. 55 Sek., Bedrohungssuchlauf, Abgeschlossen, 1 Malware-Erkennung, 117 Nicht-Malware-Erkennungen, 

Protection, 27.09.2016 06:44, SYSTEM, CHRIS-PC, Protection, Malware Protection, Starting, 

Protection, 27.09.2016 06:44, SYSTEM, CHRIS-PC, Protection, Malware Protection, Started, 

Protection, 27.09.2016 06:44, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, 

Protection, 27.09.2016 06:44, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, 
 

(end)

Junkware Removal Tool

Code:



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.8 (09.20.2016)

Operating System: Windows 7 Home Premium x64 

Ran by Chris (Administrator) on 27.09.2016 at  7:21:03,08

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

File System: 64 
 

Successfully deleted: C:\Users\Chris\AppData\Local\crashrpt (Folder) 

Successfully deleted: C:\Users\Chris\Documents\add-in express (Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0R0GN4C3 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1V1INL09 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\28DY7D8J (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VM07S21 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3XAMIAXG (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5EA8QCWQ (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7LPTSQ4Y (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\89OWVTX3 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A7LB6306 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTKS93KV (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8Y09G2 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GTE18SRP (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZF5WQ8E (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LX3V5BMJ (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NA432P7M (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O3N4QFMJ (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O936H79Y (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OJB8MT8L (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJ4PH8RQ (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QNQF5E96 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SB7OKKF1 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8T1A7Z1 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBH1BLNX (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X87Q0MVU (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XG8G5OUD (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YU22HH0I (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0R0GN4C3 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1V1INL09 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\28DY7D8J (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VM07S21 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3XAMIAXG (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5EA8QCWQ (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7LPTSQ4Y (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\89OWVTX3 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A7LB6306 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTKS93KV (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8Y09G2 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GTE18SRP (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZF5WQ8E (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LX3V5BMJ (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NA432P7M (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O3N4QFMJ (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O936H79Y (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OJB8MT8L (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJ4PH8RQ (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QNQF5E96 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SB7OKKF1 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8T1A7Z1 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBH1BLNX (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X87Q0MVU (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XG8G5OUD (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YU22HH0I (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\SysWOW64\REN4A3A.tmp (File) 

Successfully deleted: C:\Windows\SysWOW64\REN4A3B.tmp (File) 
 
 
 

Registry: 1 
 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D0718CFD-76E4-4DFA-919C-A32398055F4B} (Registry Key)
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 27.09.2016 at  7:32:48,93

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST.txt

FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016

durchgeführt von Chris (Administrator) auf CHRIS-PC (27-09-2016 11:01:33)

Gestartet von C:\Users\Chris\Desktop

Geladene Profile: Chris (Verfügbare Profile: Chris & Gast)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(brother Industries Ltd) C:\Windows\SysWOW64\brsvc01a.exe

(brother Industries Ltd) C:\Windows\SysWOW64\brss01a.exe

(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

(O2Micro International) C:\Windows\System32\drivers\o2flash.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

(market maker Software AG) C:\Program Files (x86)\Buhl\WISO Börse 2009\bin\watchdog.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Toshiba) C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE

(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [237056 2007-12-15] (Alps Electric Co., Ltd.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [492600 2008-11-06] (Conexant Systems, Inc.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)

HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)

HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)

HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.)

HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-10-26] (Toshiba Europe GmbH)

HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe [777728 2006-07-19] (Logitech Inc.)

HKLM\...\Run: [Launch LGDCore] => "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE

HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-29] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Camera Assistant Software] => C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe [417792 2009-04-10] (Chicony)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [520192 2006-12-01] ()

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)

HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2499584 2010-07-09] (Vodafone)

HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [SMB50StarMoneyRunEntry] => C:\Program Files (x86)\StarMoney Business 5.0\app\oflagent.exe [56976 2014-02-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)

HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)

HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)

HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()

HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [TOSCDSPD] => TOSCDSPD.EXE

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6158240 2009-03-16] (TOSHIBA)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [Remote Control Editor] => C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe [1689088 2010-06-09] (Elgato Systems)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [AVMUSBFernanschluss] => C:\Users\Chris\AppData\Local\Apps\2.0\RPDH7O7A.KJ7\8VE1QDO5.TOE\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2016-07-02] (AVM Berlin)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [FAD_4027] => C:\Program Files (x86)\Switcher\FAD_4027\SwitchUSB.exe [1572864 2011-05-06] (Taiwan)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [PMCLoader] => C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe [644368 2008-08-12] (Pinnacle Systems GmbH)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [WEB.DE Application {sync-000021}] => C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [792064 2016-04-21] (1&1 Mail & Media GmbH)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [Dropbox Update] => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-04] (Dropbox, Inc.)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: E - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: H - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: K - K:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {038e06f0-fa97-11e0-8958-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {038e0701-fa97-11e0-8958-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae71-abb2-11df-97d8-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae83-abb2-11df-97d8-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae89-abb2-11df-97d8-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae9b-abb2-11df-97d8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae9d-abb2-11df-97d8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733aea0-abb2-11df-97d8-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {082f7345-82df-11e0-8094-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {082f7352-82df-11e0-8094-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0a375e63-7d71-11e0-9562-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0d5245e5-a91f-11df-8e2c-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {1829e236-11ce-11e0-aba4-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {1829e238-11ce-11e0-aba4-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {1829e243-11ce-11e0-aba4-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {280017ec-a6e0-11df-b3b1-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {280017fd-a6e0-11df-b3b1-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {280017ff-a6e0-11df-b3b1-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {2e0891ee-76af-11df-aaec-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {2e0891fc-76af-11df-aaec-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {47657fbc-76d2-11df-8f4f-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {47657fc0-76d2-11df-8f4f-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {51f0eb5d-09da-11df-9141-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {54f8e4d2-9d8a-11e0-806c-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa897-0df4-11e0-883b-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa899-0df4-11e0-883b-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa8a6-0df4-11e0-883b-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa8ab-0df4-11e0-883b-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {59eeb5b4-7a1c-11e0-a47e-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {59eeb5b6-7a1c-11e0-a47e-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {59eeb5b8-7a1c-11e0-a47e-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {62de1d1f-f194-11e0-8ed9-00238bbbddba} - H:\Setup.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7ad4b769-0a92-11df-8968-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7bd73ea4-74c0-11e1-be50-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7bd73eba-74c0-11e1-be50-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7f843874-e21c-11e0-a098-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {829be880-a6f8-11df-bab8-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {829be88c-a6f8-11df-bab8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {829be88e-a6f8-11df-bab8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {88c07d4b-afb2-11df-9fab-806e6f6e6963} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {8ee591ad-7d78-11e0-ac5d-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {90805008-92a8-11e0-8e79-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {9080500a-92a8-11e0-8e79-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {9080500d-92a8-11e0-8e79-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc17-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc1f-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc21-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc24-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc27-a302-11df-a842-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {9e17bd9a-7960-11e0-95b0-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f38-885a-11e0-b570-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f3a-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f3c-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f5a-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f65-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f71-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f8d-885a-11e0-b570-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d1ff-11b3-11e0-801f-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d219-11b3-11e0-801f-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d21b-11b3-11e0-801f-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d21d-11b3-11e0-801f-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd40ac59-16ec-11e2-9b9e-00238bbbddba} - H:\LaunchU3.exe -a

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd821c4e-a3cd-11df-a8b3-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd821c52-a3cd-11df-a8b3-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd821caa-a3cd-11df-a8b3-00238bbbddba} - I:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bf4bbd5f-e222-11e0-90a7-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {cbb02f6b-f9bc-11e0-95a3-806e6f6e6963} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {cd95a5ca-3e71-11e4-b596-d923af0aeae4} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ce49b37a-f8f4-11e0-89e2-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ce49b37d-f8f4-11e0-89e2-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ce49b384-f8f4-11e0-89e2-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {cfbcd11f-0939-11df-9106-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d3bb6547-0d91-11e2-bac9-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d3bb6558-0d91-11e2-bac9-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d4f7ab93-f7e4-11e3-8c74-f18faab755e8} - H:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d4f7add3-f7e4-11e3-8c74-f18faab755e8} - H:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {db008455-7796-11df-bab8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {dbf6f75b-a492-11df-ad9f-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {dcfd3d4f-08ec-11df-a486-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {e8a82fea-af13-11df-8863-806e6f6e6963} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {e8a83017-af13-11df-8863-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ed0363e7-0d05-11df-a601-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ed0363e9-0d05-11df-a601-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f0d2606e-a1be-11e0-bc48-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f2f23acd-78a6-11e0-9ce8-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f2f23acf-78a6-11e0-9ce8-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f608f4a4-0df7-11e0-bbed-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f608f4af-0df7-11e0-bbed-00238bbbddba} - J:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {fc8e8b49-8374-11e0-8a5b-806e6f6e6963} - H:\StartVMCLite.exe

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-01-25]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2010-08-01]

ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-11-25]

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Pinnacle Streaming Server.lnk [2012-12-12]

ShortcutTarget: Pinnacle Streaming Server.lnk -> C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe (Avid Development GmbH)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Jubiläumsversion Zahlungserinnerung.lnk [2013-01-03]

ShortcutTarget: Quicken Jubiläumsversion Zahlungserinnerung.lnk -> C:\Windows\Installer\{A907A713-DA24-4352-8786-96C7A6944646}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)

Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-25]

ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2010-05-27]

ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-04-06]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-04-06]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-12-30]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{599541DB-9000-473F-AA32-19C82244BA5C}: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{FED48F3B-BAB7-40A0-B64D-F146BE4A6402}: [DhcpNameServer] 192.168.42.129
 

Internet Explorer:

==================

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 

SearchScopes: HKLM -> DefaultScope {D0718CFD-76E4-4DFA-919C-A32398055F4B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKLM -> {D0718CFD-76E4-4DFA-919C-A32398055F4B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)

BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)

BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)

BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)

Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)

Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)

Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll [2010-04-15] (TerraTec Electronic GmbH)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)

Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
 

FireFox:

========

FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default

FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF SelectedSearchEngine: google

FF Homepage: hxxp://www.google.de?hl=de&gl=de

FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF NetworkProxy: "socks_remote_dns", true

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-15] ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2013-10-02] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-15] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)

FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-10-28] (DivX, LLC)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)

FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll [2012-06-25] ( )

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ChimeShim.dll [2007-07-26] (MDL Information Systems, Inc. (Elsevier MDL))

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npchime.dll [2007-07-26] (MDL Information Systems, Inc (Elsevier MDL))

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-04-16] (Apple Inc.)

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\englische-ergebnisse.xml [2013-05-21]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\gmx-suche.xml [2013-05-21]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\lastminute.xml [2013-05-21]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\onvista.xml [2015-03-13]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\webde-suche.xml [2013-05-21]

FF Extension: (FoxyProxy Standard) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\extensions\foxyproxy@eric.h.jung [2015-06-01]

FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox [2016-05-28]

FF Extension: (Skype extension for Firefox) - C:\Program Files (x86)\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2015-07-04] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-24] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-05-18] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa => nicht gefunden

FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox

FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - C:\Program Files (x86)\Mobile Master\ext\1

FF Extension: (Mobile Master Add-In) - C:\Program Files (x86)\Mobile Master\ext\1 [2011-04-09] [ist nicht signiert]

FF HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

CHR HKLM-x32\...\Chrome\Extension: [obdlfebkcikbbhhnpmabhadfhgfjcemn] - C:\Users\Chris\Webgears\Chrome\Gutscheinsammler\gutscheinsammler-finder-2.0-chrome.crx [2011-10-28]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2015-12-08] (Kaspersky Lab ZAO)

R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)

S2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [84992 2016-06-24] (Chip Digital GmbH) [Datei ist nicht signiert]

R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]

R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]

R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [216080 2012-06-25] (Nitro PDF Software)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]

R3 SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [89600 2008-08-25] (Toshiba) [Datei ist nicht signiert]

R2 StarMoney Business 5.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)

R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)

R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [Datei ist nicht signiert]

S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG) [Datei ist nicht signiert]

R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2013-11-14] () [Datei ist nicht signiert]

R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2010-07-09] (Vodafone) [Datei ist nicht signiert]

S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)

R2 WBWatchDog; C:\Program Files (x86)\Buhl\WISO Börse 2009\bin\watchdog.exe [481408 2008-10-16] (market maker Software AG)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S3 androidusb; C:\Windows\System32\Drivers\fxxandroidusb.sys [31744 2011-05-06] (Google Inc)

S3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2010-03-22] (AVM Berlin)

R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-24] (AVM Berlin)

S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [114176 2013-07-22] (ASIX Electronics Corp.)

R0 B50EA66D; C:\Windows\System32\drivers\B50EA66D.sys [478392 2016-04-16] (Kaspersky Lab ZAO)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)

R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [684544 2009-06-23] (Conexant Systems Inc.)

R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)

R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)

S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)

R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)

R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)

R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-05-28] (AO Kaspersky Lab)

R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-12-08] (AO Kaspersky Lab)

R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237480 2016-05-28] (AO Kaspersky Lab)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [943536 2016-05-28] (AO Kaspersky Lab)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49240 2016-05-28] (AO Kaspersky Lab)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-08] (AO Kaspersky Lab)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)

R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-27] (Malwarebytes)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)

S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [1077840 2010-11-19] (DiBcom SA)

S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [24272 2010-11-19] (DiBcom S.A.)

R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [64160 2009-07-13] (O2Micro )

R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()

S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-05-24] (RapidSolution Software AG)

R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-05-24] (RapidSolution Software AG)

S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [Datei ist nicht signiert]

R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-09-18] ()

R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-09-18] ()

R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-09-18] ()

S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)

S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [X]

S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-09-27 11:01 - 2016-09-27 11:02 - 00051765 _____ C:\Users\Chris\Desktop\FRST.txt

2016-09-27 11:00 - 2016-09-27 11:00 - 02403328 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe

2016-09-27 07:32 - 2016-09-27 07:32 - 00010797 _____ C:\Users\Chris\Desktop\JRT.txt

2016-09-26 22:33 - 2016-09-26 22:33 - 00001074 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2016-09-26 22:33 - 2016-09-26 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-09-26 22:33 - 2016-09-26 22:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2016-09-26 22:33 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2016-09-26 22:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2016-09-26 22:30 - 2016-09-26 22:30 - 01615456 _____ (Malwarebytes) C:\Users\Chris\Desktop\JRT.exe

2016-09-26 22:27 - 2016-09-26 22:28 - 22851472 _____ (Malwarebytes ) C:\Users\Chris\Desktop\mbam-setup-2.2.1.1043.exe

2016-09-26 21:52 - 2016-09-26 22:00 - 00000000 ____D C:\AdwCleaner

2016-09-26 21:51 - 2016-09-26 21:51 - 03861056 _____ C:\Users\Chris\Desktop\AdwCleaner_6.020.exe

2016-09-25 19:06 - 2016-09-26 22:25 - 00000000 ____D C:\Users\Chris\Documents\Viren Trojaner Erfassung

2016-09-25 15:22 - 2016-09-27 11:00 - 00000000 ____D C:\Users\Chris\Downloads\FRST-OlderVersion

2016-09-25 15:22 - 2016-09-25 15:22 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2016-09-15 16:38 - 2016-09-26 21:58 - 00000000 ____D C:\Program Files\{16916AFE-57EE-48FB-AD4A-6A0BA8760DBD}

2016-09-14 15:31 - 2016-09-14 15:31 - 00000048 _____ C:\Users\Chris\Downloads\.directory

2016-09-14 15:28 - 2016-09-14 15:28 - 00052633 _____ C:\Users\Chris\Downloads\8642_kaspersky.html

2016-09-14 15:23 - 2016-09-27 11:00 - 02403328 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe

2016-09-14 14:41 - 2016-09-14 14:45 - 00104287 _____ C:\Users\Chris\Downloads\Addition.txt

2016-09-14 14:38 - 2016-09-25 16:52 - 00071172 _____ C:\Users\Chris\Downloads\FRST.txt

2016-09-14 14:36 - 2016-09-27 11:01 - 00000000 ____D C:\FRST

2016-09-07 20:14 - 2016-09-07 20:14 - 00000000 ____D C:\ProgramData\launcher

2016-09-07 19:07 - 2016-09-07 19:07 - 00002421 _____ C:\Users\Public\Desktop\Paragon Festplatten Manager™ 15 Professional.lnk

2016-09-07 19:07 - 2016-09-07 19:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_blockmounter_01_09_00.Wdf

2016-09-07 19:07 - 2016-09-07 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Festplatten Manager™ 15 Professional

2016-09-07 19:05 - 2016-09-07 19:05 - 00000000 ____D C:\Program Files\Paragon Software

2016-09-07 18:47 - 2016-09-10 16:25 - 00000000 ____D C:\Program Files\{CACC03DD-9A08-4DDD-835C-48048033E61E}
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-09-27 10:45 - 2011-06-18 14:48 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-09-27 10:34 - 2013-01-16 09:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-09-27 10:09 - 2016-06-22 18:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2016-09-27 10:05 - 2015-06-04 09:52 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000UA.job

2016-09-27 08:45 - 2011-06-18 14:48 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-09-27 07:05 - 2010-01-24 05:27 - 00019680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2016-09-27 07:05 - 2010-01-24 05:27 - 00019680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2016-09-27 07:03 - 2011-01-09 22:50 - 00000000 ___RD C:\Users\Chris\Dropbox

2016-09-27 07:02 - 2010-03-22 00:37 - 00000000 ____D C:\Users\Chris\AppData\Local\Deployment

2016-09-27 07:01 - 2012-12-12 22:58 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI

2016-09-27 07:00 - 2010-03-22 00:37 - 00000000 ____D C:\Users\Chris\AppData\Local\Apps\2.0

2016-09-27 07:00 - 2010-01-25 22:06 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2016-09-27 06:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-09-27 06:43 - 2014-05-19 13:46 - 00000000 ____D C:\Windows\ELAMBKUP

2016-09-27 06:41 - 2011-10-28 23:47 - 00000000 ____D C:\Program Files (x86)\Winload

2016-09-26 22:33 - 2016-06-22 18:12 - 00000000 ____D C:\ProgramData\Malwarebytes

2016-09-26 22:00 - 2015-07-12 10:54 - 00000008 __RSH C:\ProgramData\ntuser.pol

2016-09-26 14:00 - 2010-01-25 00:03 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C40BD253-3E22-4A50-B277-3698584BFC1A}

2016-09-26 11:04 - 2015-06-04 09:52 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000Core.job

2016-09-26 09:36 - 2010-02-04 23:42 - 00039424 ___SH C:\Users\Chris\Documents\Thumbs.db

2016-09-25 15:22 - 2011-01-09 22:36 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox

2016-09-24 20:38 - 2010-08-16 17:46 - 00000000 ____D C:\Program Files (x86)\Surf & E-Mail-Stick

2016-09-24 20:34 - 2016-06-25 13:49 - 00000000 ____D C:\Program Files\{59DC0B16-6721-47A2-8A18-638F86DE577B}

2016-09-24 20:28 - 2014-06-20 00:46 - 00000000 ____D C:\android

2016-09-24 19:57 - 2011-12-15 03:00 - 00000000 ____D C:\Program Files (x86)\fotokasten comfort

2016-09-24 19:57 - 2011-11-24 19:00 - 00000000 ____D C:\Program Files (x86)\moneyplex

2016-09-24 19:41 - 2010-07-31 23:42 - 00000000 ____D C:\Program Files (x86)\Auktionatrix

2016-09-21 22:09 - 2009-07-14 19:58 - 00662748 _____ C:\Windows\system32\perfh007.dat

2016-09-21 22:09 - 2009-07-14 19:58 - 00133786 _____ C:\Windows\system32\perfc007.dat

2016-09-21 22:09 - 2009-07-14 07:13 - 01521082 _____ C:\Windows\system32\PerfStringBackup.INI

2016-09-21 22:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf

2016-09-15 16:37 - 2013-01-16 09:40 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2016-09-15 16:37 - 2013-01-16 09:40 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2016-09-15 16:37 - 2012-03-15 20:25 - 00000000 ____D C:\Windows\system32\Macromed

2016-09-15 16:37 - 2011-07-18 09:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2016-09-15 16:37 - 2009-04-06 14:22 - 00000000 ____D C:\Windows\SysWOW64\Macromed

2016-09-14 14:23 - 2016-04-16 19:20 - 01847697 ____H C:\Users\Chris\AppData\Local\IconCache.db.backup

2016-09-14 13:57 - 2014-12-30 16:06 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2016-09-11 03:02 - 2010-05-14 06:57 - 00000000 ____D C:\Users\Gast

2016-09-11 03:01 - 2010-01-24 05:28 - 00000000 ____D C:\Users\Admin

2016-09-07 18:45 - 2010-08-09 21:08 - 00000000 ____D C:\Users\Chris\AppData\Local\Downloaded Installations
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2013-11-25 22:05 - 2013-11-25 22:05 - 0000697 _____ () C:\Users\Chris\AppData\Roaming\ConvAPIPlugin.log

2011-07-15 14:35 - 2011-07-15 14:35 - 0000106 _____ () C:\Users\Chris\AppData\Roaming\psppirerc

2015-07-12 11:14 - 2015-07-12 11:14 - 0000275 _____ () C:\Users\Chris\AppData\Roaming\uninstall.bat

2013-11-27 21:35 - 2013-12-16 12:54 - 0000600 _____ () C:\Users\Chris\AppData\Roaming\winscp.rnd

2010-01-26 00:19 - 2010-01-26 00:19 - 0000000 _____ () C:\Users\Chris\AppData\Roaming\wklnhst.dat

2010-08-04 14:13 - 2014-02-24 19:33 - 0006656 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2010-11-16 23:36 - 2010-11-16 23:37 - 0000079 _____ () C:\Users\Chris\AppData\Local\DVDPATH.TXT

2013-08-06 16:58 - 2013-08-13 22:06 - 0004096 ____H () C:\Users\Chris\AppData\Local\keyfile3.drm

2012-10-16 08:32 - 2012-10-16 08:32 - 0000236 _____ () C:\Users\Chris\AppData\Local\LaunchHomeCenter.log

2011-06-21 13:36 - 2011-11-16 18:36 - 0001516 _____ () C:\Users\Chris\AppData\Local\MiniAssist.ini

2011-06-21 13:36 - 2011-06-21 13:36 - 0001516 _____ () C:\Users\Chris\AppData\Local\MiniAssist.ini.bak

2011-06-21 13:36 - 2011-11-16 19:06 - 0071452 _____ () C:\Users\Chris\AppData\Local\MiniAssist.log

2014-09-04 21:59 - 2014-09-04 21:59 - 0010170 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel

2012-12-03 18:11 - 2015-03-18 15:02 - 0007601 _____ () C:\Users\Chris\AppData\Local\resmon.resmoncfg

2013-11-27 22:31 - 2013-11-27 22:31 - 2529622 _____ () C:\Users\Chris\AppData\Local\[j0019]-[p04].bmp

2010-07-09 12:36 - 2010-07-09 12:36 - 0159464 ____R () C:\ProgramData\DeviceManager.xml.rc4

2010-01-31 00:46 - 2010-01-31 00:46 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

2010-04-05 13:30 - 2013-11-25 22:05 - 0003493 _____ () C:\ProgramData\hpzinstall.log

2010-05-02 14:50 - 2011-08-24 22:18 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt

2003-10-06 10:21 - 2003-10-06 10:21 - 0000000 ____H () C:\ProgramData\sdpsenv.dat
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\ProgramData\sdpsenv.dat
 
 

Einige Dateien in TEMP:

====================

C:\Users\Admin\AppData\Local\Temp\install_7.exe

C:\Users\Admin\AppData\Local\Temp\ready.exe

C:\Users\Admin\AppData\Local\Temp\SpOrder.dll

C:\Users\Admin\AppData\Local\Temp\starter.exe

C:\Users\Chris\AppData\Local\Temp\DataCard_Setup64.exe

C:\Users\Chris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptfaw74.dll

C:\Users\Chris\AppData\Local\Temp\DseShExt-x64.dll

C:\Users\Chris\AppData\Local\Temp\DseShExt-x86.dll

C:\Users\Chris\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\Chris\AppData\Local\Temp\jre-8u91-windows-au.exe

C:\Users\Chris\AppData\Local\Temp\libeay32.dll

C:\Users\Chris\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe

C:\Users\Chris\AppData\Local\Temp\msvcr120.dll

C:\Users\Chris\AppData\Local\Temp\pdf24-creator-update.exe

C:\Users\Chris\AppData\Local\Temp\ResetDevice.exe

C:\Users\Chris\AppData\Local\Temp\SDShelEx-win32.dll

C:\Users\Chris\AppData\Local\Temp\SDShelEx-x64.dll

C:\Users\Chris\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Chris\AppData\Local\Temp\sqlite3.dll

C:\Users\Chris\AppData\Local\Temp\xmlUpdater.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\Windows\system32\winlogon.exe => Datei ist digital signiert

C:\Windows\system32\wininit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert

C:\Windows\explorer.exe => Datei ist digital signiert

C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert

C:\Windows\system32\svchost.exe => Datei ist digital signiert

C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert

C:\Windows\system32\services.exe => Datei ist digital signiert

C:\Windows\system32\User32.dll => Datei ist digital signiert

C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert

C:\Windows\system32\userinit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert

C:\Windows\system32\rpcss.dll => Datei ist digital signiert

C:\Windows\system32\dnsapi.dll => Datei ist digital signiert

C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2016-09-26 10:55
 

==================== Ende von FRST.txt ============================

--- --- ---

[/CODE]

CChris

27.09.2016 10:38

Addition.txt

Code:



Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2016

durchgeführt von Chris (27-09-2016 11:02:35)

Gestartet von C:\Users\Chris\Desktop

Windows 7 Home Premium Service Pack 1 (X64) (2010-01-24 04:27:32)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-3975404785-3629955362-1126565087-500 - Administrator - Disabled)

Chris (S-1-5-21-3975404785-3629955362-1126565087-1000 - Administrator - Enabled) => C:\Users\Chris

Gast (S-1-5-21-3975404785-3629955362-1126565087-501 - Limited - Enabled) => C:\Users\Gast

HomeGroupUser$ (S-1-5-21-3975404785-3629955362-1126565087-1006 - Limited - Enabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Kaspersky Total Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}

AS: Kaspersky Total Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Total Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

6500_E709a (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

8500A909_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

8500A909_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

8500A909a (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)

Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)

Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)

Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)

AKVIS Retoucher (HKLM-x32\...\{3096C412-7636-45FD-9074-F596F4417076}) (Version: 5.5.869.8634 - AKVIS)

ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )

Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )

ATI Catalyst Install Manager (HKLM\...\{0FB2E75A-1024-331F-77EF-D45F71505D58}) (Version: 3.0.732.0 - ATI Technologies, Inc.)

Audials (HKLM-x32\...\{FFA5E466-D1D3-44AE-BB20-8D56CF061877}) (Version: 10.2.22605.500 - Audials AG)

Auktionatrix - der schnelle Weg zu eBay (HKLM-x32\...\{02E8DF80-DFB9-4C56-8CB9-AFA1CE97AF9C}) (Version: 4.10.4.0 - Z-Dev)

Avery Wizard 4.0 (HKLM-x32\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)

Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)

Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.10(T) - TOSHIBA CORPORATION)

BPD_DSWizards (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden

BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

Brew Recipe Developer (HKLM-x32\...\{B203CBE3-7CF4-40E7-A6F4-761C87AA945F}) (Version: 2.0.0 - Oli Weiss)

Brother MFL-Pro Suite DCP-115C (HKLM-x32\...\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}) (Version: 1.0.1.0 - Brother Industries, Ltd.)

Brother MFL-Pro Suite DCP-357C (HKLM-x32\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.0.2.0 - Brother Industries, Ltd.)

BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

Camera Assistant Software for Toshiba (HKLM-x32\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.260.0526L - Chicony Electronics Co.,Ltd.)

Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)

Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)

Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)

Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)

Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - *Canon Inc.)

Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)

Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)

Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)

Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)

Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)

ccc-core-static (x32 Version: 2009.0729.2238.38827 - Ihr Firmenname) Hidden

CD/DVD Drive Acoustic Silencer (HKLM-x32\...\{4C3F3228-13BE-41D0-A782-3DDE7CB2479A}) (Version: 3.01.05 - TOSHIBA)

chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 2.2.1.0 - Chip Digital GmbH)

Cinergy HTC USB XS V5.09.1202.00 (HKLM-x32\...\Cinergy HTC USB XS) (Version: 5.09.1202.00 - )

Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{0F9639CB-D661-4FA0-A4B1-0441E515E0B7}) (Version: 3.1.04072 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden

Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Compiled Driver Disc (Full) 0.99 (HKLM-x32\...\{3DCF00F5-04A5-4543-A088-70548081120E}_is1) (Version: 0.99.0.1 - COMPELSON Labs)

Compiled Driver Disk (Samsung) 0.99 (HKLM-x32\...\{3DCF00F5-04A5-4543-A088-705480811206}_is1) (Version: 0.99.0.1 - COMPELSON Labs)

Conexant Audio Driver For AMD HDMI Codec (HKLM\...\CNXT_AUDIO_HDA_HDMI) (Version: 4.98.6.0 - Conexant)

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.6.61 - Conexant)

DDBAC (HKLM-x32\...\{7CF93713-EB2A-475C-93CA-D1C9DA388EF4}) (Version: 5.3.50.0 - DataDesign)

Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)

DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden

DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden

Dropbox (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.)

DVD MovieFactory for TOSHIBA (HKLM-x32\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.51 - Ulead Systems, Inc.)

EpsonNet SetupManager (HKLM-x32\...\InstallShield_{BB828C7B-44A6-4A83-A96E-EF80B8680B8D}) (Version: 1.7.2 - SEIKO EPSON CORPORATION)

EpsonNet SetupManager (x32 Version: 1.7.2 - SEIKO EPSON CORPORATION) Hidden

EQUIP (HKLM-x32\...\{3BE64D7E-367A-EB54-9BE0-4D3E2A62EF17}) (Version: 3.3.0 - ISI GmbH)

EQUIP CAPI (HKLM-x32\...\{7B7618C6-0CF3-B1F4-496C-5E147D73AEA7}) (Version: 3.3.0 - )

Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

FileZilla Client 3.3.3 (HKLM-x32\...\FileZilla Client) (Version: 3.3.3 - )

Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)

fotokasten comfort 4.2 (HKLM-x32\...\fotokasten comfort_is1) (Version:  - )

Free Image Convert and Resize version 2.1 (HKLM-x32\...\Free Image Convert and Resize_is1) (Version:  - DVDVideoSoft Limited.)

Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.)

Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)

FreeCommander 2009.02a (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)

FRITZ!Box USB-Fernanschluss - 1  (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)

FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\f018cf21c0452c64) (Version: 2.3.0.2 - AVM Berlin)

GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)

Gini! (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\93edd1682ad811a0) (Version: 1.0.73.0 - FRITZ! Mini)

Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden

GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

grafstat4 (HKLM-x32\...\{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1) (Version: 4.249 - DrSoft)

HDMI Control Manager (HKLM-x32\...\InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA)

HDMI Control Manager (Version: 2.0 - TOSHIBA) Hidden

HDMI Control Manager (x32 Version: 2.0 - TOSHIBA) Hidden

HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)

HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP)

HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)

HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden

HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)

Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)

JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

Kalenderdruck-Assistent für Microsoft Office Outlook 2007 (HKLM-x32\...\{90120000-00A7-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)

Kaspersky Total Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden

kleiner-brauhelfer version 1.1.4.0 (HKLM-x32\...\kleiner-brauhelfer_is1) (Version:  - )

Lexware Abschreibungsrechner (HKLM-x32\...\{204294E8-371C-4DFB-8162-EF5BB4FEBFE1}) (Version: 11.00.04.0001 - Haufe-Lexware GmbH & Co.KG)

Lexware Elster (HKLM-x32\...\{AFB25971-2545-4EFF-922C-938915ACE6A8}) (Version: 11.01.00.0006 - Haufe-Lexware GmbH & Co.KG)

Lexware Info Service (HKLM-x32\...\{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}) (Version: 2.80.00.0007 - Haufe-Lexware GmbH & Co.KG)

Lexware online banking (HKLM-x32\...\{2C41394E-E15B-47DC-B33C-54D33EA85B68}) (Version: 15.00.00.0005 - Haufe-Lexware GmbH & Co.KG)

Logitech Z-series Software 1.03 (HKLM\...\{A8BE7A89-11DE-49B3-A4FC-6CDCB0C32B51}) (Version: 1.03.000 - Logitech)

Lottoschein-Check (HKLM-x32\...\Lottoschein-Check) (Version:  - )

MAGIX Foto Manager 9 (HKLM-x32\...\MAGIX Foto Manager 9 D) (Version: 7.0.0.91 - MAGIX AG)

MAGIX MP3 deluxe MX Download-Version (HKLM-x32\...\MAGIX_MSI_mp3_deluxe_mx) (Version: 18.0.0.109 - MAGIX AG)

MAGIX MP3 deluxe MX Download-Version (x32 Version: 18.0.0.109 - MAGIX AG) Hidden

MAGIX MP3 Maker 16 11.0.0.78 (D) (HKLM-x32\...\MAGIX MP3 Maker 16 D) (Version: 11.0.0.78 - MAGIX AG)

MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)

MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)

MAGIX Screenshare (HKLM-x32\...\MAGIX_MSI_PCVisit) (Version: 4.3.6.1987 - MAGIX AG)

MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden

MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.2.7 - MAGIX AG)

MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_MSI_Speed3_burnR_mxcdr_MSI) (Version: 7.0.2.6 - MAGIX AG)

MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden

Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden

Markets-Börsenticker (HKLM-x32\...\Markets-Börsenticker) (Version: 2 - Financial Times Deutschland)

Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.10.5.3 - Marvell)

maxdome - Online Videothek Version 3.1.0 (HKLM\...\maxdome - Online Videothek_is1) (Version:  - maxdome)

MDL Chime/Chime Pro for Internet Explorer (HKLM-x32\...\{46761278-BF32-4008-833B-93487FF0A06E}) (Version: 2.6 SP7 - MDL Information Systems, Inc.)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office Communicator 2007 (HKLM-x32\...\{0FCA0973-24C0-48EA-8CF6-71B53C135C09}) (Version: 2.0.6362.0 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)

Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)

MightyUninstaller (HKLM-x32\...\{91A02C6C-1FAA-49FA-957F-6ACF30D6B47D}_is1) (Version: 2.5.0.0 - MightyUninstaller.com)

MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)

Miranda Fusion 2.0.15 (HKLM-x32\...\MirandaFusion) (Version: 2.0.15 - Miranda Fusion Team)

Mobile Master (x32 Version: 7.8.3 - Jumping Bytes) Hidden

Mobile Master 7.8.3 (HKLM-x32\...\Mobile Master) (Version: 7.8.3 - Jumping Bytes)

MOBILedit! Support Libraries (HKLM-x32\...\{1A834332-A9EE-440C-9505-2D07F445F05A}) (Version: 4.0.0 - COMPELSON Labs)

MOBILedit! ver. 5.0.2.1015 (HKLM-x32\...\{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1) (Version: 5.0.2.1015 - COMPELSON Labs)

moneyplex 2011 (HKLM-x32\...\{B3946E24-EF59-4CEE-930F-7465D9C19A85}_is1) (Version: moneyplex 2011 - matrica GmbH)

MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)

Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)

MP3 deluxe MX Update (Version: 18.0.3.115 - MAGIX AG) Hidden

MPM (HKLM-x32\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)

MSXML 4.0 SP2 (KB941833) (HKLM-x32\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)

NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)

NetWaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.55 - BVRP Software, Inc)

Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden

Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden

Nitro Reader 2 (HKLM\...\{0723532B-AD75-4D04-B88A-8CCEC6624E6D}) (Version: 2.4.1.15 - Nitro PDF Software)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)

O2Micro Flash Memory Card Reader Driver (HKLM\...\{729F014A-9E91-49A6-B5F2-E8AA941452AE}) (Version: 3.31.03.A - O2Micro)

OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)

Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)

Ontrack EasyRecovery Home (HKLM-x32\...\{B8686BCF-5181-477F-9CBE-786391011B9C}_is1) (Version: 10.0.2.3 - Kroll Ontrack Inc.)

Paragon Festplatten Manager™ 15 Professional (HKLM\...\{1E104AF0-EA49-11DE-AC07-005056C00008}) (Version: 90.00.0003 - Paragon Software)

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Pinnacle DistanTV Server (HKLM-x32\...\{7C7AC2D4-1077-45C8-826A-16445B5E0DB7}) (Version: 1.0.0.095 - Pinnacle Systems)

Pinnacle TVCenter Pro (HKLM-x32\...\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}) (Version: 5.1.0.2722 - Pinnacle Systems)

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden

ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

PSPP (HKLM-x32\...\B426B849-6071-5684-6429-7BE6B77DAB5B) (Version: 20100611 - GNU)

Quicken HOME & BUSINESS Jubiläumsversion (HKLM-x32\...\{A907A713-DA24-4352-8786-96C7A6944646}) (Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG)

Quicken Import Export Server Jubiläumsversion (HKLM-x32\...\{7FE9F5F5-8C9B-49F2-989C-BD885BD79B8D}) (Version: 20.30.00.0099 - Haufe-Lexware GmbH & Co.KG)

QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )

RasWin (remove only) (HKLM-x32\...\RasWin) (Version:  - )

RG eBook (HKLM-x32\...\com.radeberger-gruppe.ebook) (Version: 1.1.7 - Radeberger Gruppe KG)

RG eBook (x32 Version: 1.1.7 - Radeberger Gruppe KG) Hidden

Samsung ML-2010 Series (HKLM-x32\...\Samsung ML-2010 Series) (Version:  - )

Samsung ML-2010 Series SmartPanel (HKLM-x32\...\Samsung ML-2010 Series SmartPanel) (Version:  - )

SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )

Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )

SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )

Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )

Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )

SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )

SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )

Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.3.90702 - Samsung Electronics Co., Ltd.)

Samsung PC Studio 3 (x32 Version: 3.0.0.90702 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )

SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)

Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden

SecuBrowser (HKLM-x32\...\{A7287C0E-C94F-4009-B438-485E38286EB9}) (Version: 1.0.7.0 - Frank Eschenbacher)

ShaDown! (HKLM-x32\...\{909F4A33-D068-4D61-BBF1-B3135DD19C18}) (Version: 1.3.0.0 - Inforall.net)

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)

simfy VZ edition (HKLM-x32\...\simfy-VZ-edition) (Version: 1.2.0 - simfy GmbH)

simfy VZ edition (x32 Version: 1.2.0 - simfy GmbH) Hidden

Skype web features (HKLM-x32\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)

Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)

SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden

SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden

Spelling Dictionaries Support For Adobe Reader 8 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)

StarMoney (x32 Version: 3.0.2.50 - StarFinanz) Hidden

StarMoney Business 5.0  (HKLM-x32\...\{96CA5ACD-1A36-417E-AC15-707E93AB895C}) (Version: 5.0 - Star Finanz GmbH)

STATISTICA TRIAL DE 10 (HKLM-x32\...\{E492A541-96C6-4D38-B698-805A745C5EBC}) (Version: 10.0.228.8 - StatSoft (Europe) GmbH)

STATNOVAPDF (novaPDF 7.1 printer) (HKLM\...\STATNOVAPDF_is1) (Version:  - Softland)

Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden

Stellar Phoenix PowerPoint Recovery (HKLM-x32\...\Stellar Phoenix PowerPoint Recovery_is1) (Version: 1.0.0.0 - Stellar Information Systems Ltd.)

StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )

Stundenplan v1.0 (HKLM-x32\...\Stundenplan_is1) (Version:  - Bastian Dornauf)

Surf & E-Mail-Stick (HKLM-x32\...\Surf & E-Mail-Stick) (Version: 16.001.06.02.35 - Huawei Technologies Co.,Ltd)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)

TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.15.11 - )

Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)

Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden

Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.07 - TOSHIBA)

TOSHIBA Benutzerhandbücher (HKLM-x32\...\{1C971EE3-B4C4-4367-9676-57549919C6CE}) (Version: 7.40 - TOSHIBA)

TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.23 - TOSHIBA Corporation)

TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 for x64 - TOSHIBA Corporation)

TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 2.50.0.11-AU - TOSHIBA Corporation)

TOSHIBA Extended Tiles for Windows Mobility Center (HKLM-x32\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version:  - )

TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 2.0.17.64 - TOSHIBA)

TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{E8B39B08-7FAB-48CC-89E9-37C5589E130C}) (Version:  - )

Toshiba Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.06.0000 - TOSHIBA)

TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.2 for x64 - TOSHIBA)

TOSHIBA Recovery Disk Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0017 - TOSHIBA)

TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{DF0853CA-A1D0-4169-8472-F2822C8FA1EB}) (Version:  - )

TOSHIBA TEMPRO (HKLM-x32\...\{3A9B3B6D-3C08-4283-AF50-FD82C49DD71E}) (Version: 3.34 - Toshiba Europe GmbH)

TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.2.28.64 - TOSHIBA Corporation)

TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

TRORDCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.6 - TOSHIBA)

TRORDCLauncher (x32 Version: 1.0.0.6 - TOSHIBA) Hidden

Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )

Universal Document Converter (Demo) (HKLM-x32\...\Universal Document Converter_is1) (Version: 5.2 - fCoder Group, Inc.)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

UPS Widget 2 (HKLM-x32\...\com.polythink.ups.wda.03EBA0C726630DF115D9764F9B83F5185396D811.1) (Version: 2.1.81 - ThinkDesktop LLC)

UPS Widget 2 (x32 Version: 2.1.81 - ThinkDesktop LLC) Hidden

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)

VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)

Vodafone Mobile Connect (HKLM-x32\...\{91252C0A-59F9-42F9-9181-B9CC74F592C0}) (Version: 9.4.10.24647 - Vodafone)

Vodafone Mobile Connect Lite (HKLM-x32\...\{B5761811-28F3-4257-B537-815C5EEF472C}) (Version: 3.1.2.104 - Vodafone)

Währungsumrechner (HKLM-x32\...\{5B0A0143-7ED2-4B68-A60B-9D92987DE5BD}) (Version: 1.0.1 - Stephan Muller)

WatchTVPro Essential Version 1.00 (HKLM-x32\...\WatchTVPro Essential_is1) (Version: 3.11 - Michael Hepp)

WEB.DE Online-Speicher 1.32.1.0 (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\WEB.DE Application {sync-000021}) (Version: 1.32.1.0 - 1&1 Mail & Media GmbH)

WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden

Wertpapieranalyse 2012 (HKLM-x32\...\{A7166A02-9745-4F19-BB16-A0CC1F3ABDB1}) (Version: 1.01.0006 - Haufe-Lexware GmbH & Co. KG)

Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

Windows-Treiberpaket - Chicony (usbvideo) Image  (05/12/2009 6.3.251.0512) (HKLM\...\4D0A78D60CE7E81C31D46CB92DBA41CCF993C9BD) (Version: 05/12/2009 6.3.251.0512 - Chicony)

Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.3.3.3 - Winload)

WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

WinSCP 5.1.7 (HKLM-x32\...\winscp3_is1) (Version: 5.1.7 - Martin Prikryl)

WinTimeKill 3.2 (HKLM-x32\...\{8667C09D-CD26-40BB-95F6-423272ACAA0A}_is1) (Version:  - Patrik Abend)

WISO Börse 2009 (HKLM-x32\...\{8596363E-8F5F-4693-BAA4-CC32973455D6}) (Version: 9.0.0.0 - Buhl Data Service GmbH)

WISO Mein Geld 2009 Professional (HKLM-x32\...\{44061C54-0775-4AE1-B433-79BCC6431817}) (Version: 10.01.0082 - Buhl Data Service GmbH)

WISO Mein Geld 2012 Professional (HKLM-x32\...\WISO Mein Geld 2012 Professional) (Version:  - Buhl Data Service GmbH)

WISO Mein Geld 2012 Professional (x32 Version: 14.0.1.18 - Buhl Data Service GmbH) Hidden
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{009EDA42-71E4-4C16-BB2E-578DC33BA491}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0274CF59-F6B1-474B-A138-51A810564926}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{063E01DE-C9E1-4809-A15F-B84F52E578D2}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0E5E5B83-A16D-4D15-AB45-7A0F8EECB0A5}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0F8B006E-892B-4863-982B-29FBE45536F9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{1D2BA6AE-3D89-4187-85CB-E5AF407887FF}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{1E78821A-BA30-4AA0-B7A6-670DC23459DA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{32B32854-7FEC-4816-B0BD-D053DE2B2918}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{43B3E546-36B7-48C9-9796-2C7574787A1C}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{4E285563-1863-4D93-805F-2D2FFCD4814F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{511B6700-19AE-4143-812F-1543B5E1C985}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{54614417-8AA4-4B1B-AA98-559FC054636D}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{5F67A6B4-1A03-4371-A8A1-BD3263A2C2EC}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{6DB72514-5DA2-4791-9B68-310FDEB85CC9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{6FBE247C-3300-4F44-B5E6-1AC33BF03995}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{7C3F44C4-07D3-418D-A3BA-C7F1A5EF1235}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{7FE2C97A-562F-4791-ABB1-7C02D18EEC59}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8790471D-FE4E-4FF5-A91F-0808F923BEB9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8951CFDD-B3F7-4F2D-AF61-FE2228347429}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8EB50499-42D6-456A-A1A7-4DC4BB4B0F5B}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{90E6DB72-4FBB-4F7A-9D36-3B56F3C4A517}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{90FC7BE4-DBEB-4CF4-828B-9AA72AE8FF74}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9221816B-AC34-4E7B-AE2F-4032653ECDDB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9962A902-9E84-45FA-B2E9-FC6CDD02674E}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9BDE95FF-99CA-413F-A4B4-2D1B21FC9EE8}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9D40216B-B7B9-4402-BF6A-D21FD70A6000}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{A607C93C-A6EF-4B55-B8F9-6CA2C10690E4}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{A83FBE75-11CB-49F5-B9D7-802782B81CCB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{AE86BB6A-EB9A-4A4A-B0A9-FBAE38CFFBC9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{B037D8DB-0736-46A4-AF2B-E902E59DDD54}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{B716B7B7-443C-4E2D-A4B1-29BEB5987FC1}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{BB1B99DE-B2EB-4561-880E-BFCD4438E657}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C1E8B9C9-A293-4813-B730-54F5972AEE5A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C28602FF-7932-4EE2-9315-B47E2C6E1ED3}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C8F19C62-21CD-428E-AA37-773DAA8917E5}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{CAADC8E8-5514-495E-9DAC-C53C3A8D503F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D04F500B-185A-4E3E-B82A-76509373F9AC}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D2B3ACC4-B475-4435-8AA7-DA83C7D86C7E}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D8CAEBA4-584C-43DF-8C0F-2F764E2B1BCB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{DDF489D3-8A13-4761-ABD7-FAF62A428252}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{DE119701-E35B-49BD-BB71-A51B2EE8B251}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E00AF38E-7813-4623-BBB2-9DB8323648DF}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E41726A5-6A44-4112-8C22-9658E343B903}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E6CED06A-26B6-455B-90C4-0EAFC522BC71}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E8FE3CF4-FDC0-41DD-9B2E-3E7750CA3990}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{EE4A1121-C3D3-464E-B86B-CE0AA5D6D948}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{F6D701F8-799E-432F-BF81-C90B53D73AFD}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{F911124F-7BE5-4977-9B72-DEB00CE30D04}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FAE7A96A-56C3-4ABF-A6C2-D5D78089A7D8}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {00A50F64-49EA-4E90-B353-DD359493C931} - System32\Tasks\{AA37AD7A-A892-46C2-B416-734ACEC8F226} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe

Task: {0B51DC78-6AB9-40B1-B476-1C87752223F8} - System32\Tasks\{D4789B5A-6DB4-44E9-A9ED-5AC6AF432DF7} => pcalua.exe -a "C:\Users\Chris\Downloads\Treiber - DA2 Hybrid\driver\yInstallTools.exe" -d "C:\Users\Chris\Downloads\Treiber - DA2 Hybrid\driver"

Task: {16F46E11-86F0-4CA1-ABFD-14FF70BAC4F9} - System32\Tasks\{FB826B21-F920-416A-8815-52AC2A56170B} => pcalua.exe -a C:\Users\Chris\Downloads\iview436_setup.exe -d C:\Users\Chris\Downloads

Task: {1AD9F8B0-5360-453D-9AD1-F251165E341D} - System32\Tasks\{7C18FACC-B665-4062-86F3-56F5668D95C8} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.)

Task: {2308EF6C-BB71-4AE7-92B9-64093BAA4F8D} - System32\Tasks\{B8A6E478-3AF8-46BD-8261-CB722F6903D3} => pcalua.exe -a C:\Users\Chris\Downloads\LiveUSBHelper.exe -d "C:\Program Files (x86)\Mozilla Firefox"

Task: {29BA79AF-3117-4068-B736-6ECF72F7BF56} - System32\Tasks\{BD8A5EF9-D2C1-4FCB-93A7-808176143B30} => pcalua.exe -a H:\Setup.exe -d H:\

Task: {35449C4F-B1E9-470D-8E2D-6826A9E9FBAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-15] (Adobe Systems Incorporated)

Task: {35ECE4F3-BC11-4315-933F-C18A85205DF1} - System32\Tasks\{6B21BEC5-D3AE-4354-80D2-764432510387} => pcalua.exe -a H:\Setup.exe -d H:\

Task: {43AD022A-2BB9-4FE2-818B-39D95CFE1827} - System32\Tasks\{68B17966-2F73-40C4-8B36-89087A972312} => pcalua.exe -a "C:\Program Files (x86)\MAGIX\MP3_Maker_16\unwise.exe"

Task: {45036D35-7B87-417D-AF59-26D433D20432} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"]

Task: {52313735-3929-43EC-91CD-77FB0BD62FBE} - System32\Tasks\{3AF93069-6DC9-46EE-97A3-A591F702CA35} => pcalua.exe -a I:\boot\Porteus-installer-for-Windows.exe -d I:\boot

Task: {543369A4-C969-4838-B92D-2A7DC84EA3CA} - System32\Tasks\{0C1C7759-13FA-458D-8090-A6078AC5C98C} => pcalua.exe -a C:\Users\Chris\Downloads\Officejet6500E709a_ES_MJP1FN0935AR_GER.exe -d C:\Users\Chris\Downloads

Task: {5B7EFF43-D7BF-477E-8772-8D7C5C1BFBFA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000Core => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-04] (Dropbox, Inc.)

Task: {5C728041-8EC9-49D1-A954-327E77027CEE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {5DA7E1B4-84E0-4C01-BF11-964D2216F958} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {64FB3D25-1327-4F5A-BAFC-38156858BB45} - System32\Tasks\{DEBE6408-024E-4819-8D61-8410057B6AC2} => Firefox.exe hxxp://ui.skype.com/ui/0/7.8.0.102/de/abandoninstall?page=tsProgressBar

Task: {652A2DBE-83F4-423A-8EEC-5501B5B5DF19} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)

Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs

Task: {7FED724C-9CDF-458C-8B90-F268EA033E74} - System32\Tasks\{69CE9557-BA97-4474-A45E-0968A6CA6AD2} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp2_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

Task: {818E3FB0-85F8-4E77-8493-4817184891DF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {8601B210-24FA-4436-A263-15A5673BE8E9} - System32\Tasks\{BDB07A78-03B3-49A5-BD37-5175E8D7F861} => pcalua.exe -a "C:\Program Files (x86)\Universal Phonebook Editor\uninstall.exe" -d "C:\Program Files (x86)\Universal Phonebook Editor"

Task: {8827FA34-3070-421D-BB2F-572653596B85} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {8936FA70-2D15-4D08-B70D-514777D204FF} - System32\Tasks\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0} => pcalua.exe -a "C:\Users\Chris\AppData\Local\Temp\Temp1_Treiber - DA2 Hybrid.zip\driver\yInstallTools.exe" <==== ACHTUNG

Task: {93067070-B8A9-4C20-AAC0-11C374778F84} - System32\Tasks\{716937DF-D5A3-4046-8594-CCDA873196E5} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\2\SSM_Uninstall.exe

Task: {93F317F6-81A7-40BC-B552-BEDDE69C2C73} - System32\Tasks\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp1_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

Task: {9B543991-FD98-4728-83CD-468052D2F1C9} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-09-03] (TOSHIBA CORPORATION)

Task: {A4E44E72-EF5C-41A1-B3C3-A60EDD61A7D9} - System32\Tasks\{8B7373D6-C48D-492C-8734-AF5087D2E2D5} => pcalua.exe -a C:\Users\Chris\Downloads\Samsung_PC_Studio_322_HK4.exe -d C:\Users\Chris\Downloads

Task: {A71F18D1-2CB9-4682-A5D8-BEEDEB44A63A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {A74E11CE-2F3E-4EF4-90C0-A21FEA0E5316} - System32\Tasks\{99CAA6B9-ACBA-4021-90BB-18A369274190} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\1\SS_Uninstall.exe

Task: {A90215A6-803C-40C1-9D04-2CBA3E518C80} - System32\Tasks\{4908698E-00E3-4059-B956-2F876C3A0468} => pcalua.exe -a "C:\Program Files (x86)\MAGIX\MP3_Maker_16\InstallLauncher.exe" -d "C:\Program Files (x86)\MAGIX\MP3_Maker_16"

Task: {AC11D051-7009-45E9-AB9A-AF149069458D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {BE35B1E0-8578-45C7-B0EE-EE6B4F3B86F4} - System32\Tasks\{9B33248F-F8DF-4A45-ABBB-8F53BBD07115} => pcalua.exe -a H:\VMCLiteSetup.exe -d H:\

Task: {C368FF83-A215-47DB-AAB8-4C2E43EDAB49} - System32\Tasks\{FAE26A1A-8FCC-41F2-A570-2FCF7D9A1C24} => pcalua.exe -a C:\Users\Chris\Downloads\AVM_FRITZ!_Mini_Assistent.exe -d "C:\Program Files (x86)\Mozilla Firefox"

Task: {C54E3770-6F3B-462A-AB96-EDBA234D8901} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000UA => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-04] (Dropbox, Inc.)

Task: {DBBDBC63-5585-4360-B96F-9FF11A80721E} - System32\Tasks\{F333CAB0-1196-4AE6-9CC5-5790870CA562} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\7\SSECUninstall.exe

Task: {E5B85FED-B082-42A8-80D8-0A448C829E79} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs

Task: {F3BB91A4-A792-4C1C-96B9-AEC4E69D4AD7} - System32\Tasks\{046C2D50-3619-4E16-9AB7-8FAAC3CB7CE3} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\6\SSBCUninstall.exe

Task: {FB973E15-0B31-4011-8CC5-4DF7055CB3A9} - System32\Tasks\{F16B9B92-3000-4D0A-A6C0-2897B7481825} => pcalua.exe -a C:\Users\Chris\Downloads\Statistikprogs\SPSS_Stats_trial_19_Language_win64.exe -d C:\Users\Chris\Downloads\Statistikprogs
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000Core.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000UA.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2014-09-21 15:01 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll

2006-12-04 02:26 - 2006-12-04 02:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll

2014-09-21 15:01 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll

2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2013-11-14 15:28 - 2013-11-14 15:28 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 00135680 _____ () C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 07553024 _____ () C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 01032704 _____ () C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll

2010-04-24 15:23 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll

2016-05-18 00:42 - 2016-05-18 00:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll

2009-07-16 16:27 - 2009-07-16 16:27 - 07244600 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll

2009-07-16 16:27 - 2009-07-16 16:27 - 00051512 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll

2009-04-06 14:17 - 2007-04-23 09:09 - 00016896 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll

2009-03-12 20:08 - 2009-03-12 20:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll

2009-07-25 18:38 - 2009-07-25 18:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll

2013-10-10 23:48 - 2013-10-10 23:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll

2013-02-18 19:52 - 2011-01-13 12:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney Business 5.0\ouservice\PATCHW32.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]

AlternateDataStreams: C:\ProgramData\TEMP:B6AC352B [127]
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27644631.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\58058682.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\B50EA66D.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27644631.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\58058682.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\B50EA66D.sys => ""="Driver"
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
 

127.0.0.1       localhost

::1             localhost
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.178.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{3B498F82-E6B1-4079-92C5-B809AAC1D572}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe

FirewallRules: [{94B915EA-362B-4182-B20B-23100E9775B0}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe

FirewallRules: [{CAC92C89-3768-4335-9C6B-A7D295780EFC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [TCP Query User{5862B42F-63CC-4FCE-87DE-6D182CADA2DB}C:\program files (x86)\mirandafusion\miranda32.exe] => (Allow) C:\program files (x86)\mirandafusion\miranda32.exe

FirewallRules: [UDP Query User{675CC335-508C-42F0-BD63-FC3E09F4CBC6}C:\program files (x86)\mirandafusion\miranda32.exe] => (Allow) C:\program files (x86)\mirandafusion\miranda32.exe

FirewallRules: [{08F2CAA4-9983-4293-AE11-2689ED92A48F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe

FirewallRules: [{F27EBA1D-F7BE-40D3-BB69-D39A17022BC5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe

FirewallRules: [{1BF0AC42-126D-423F-963E-93EFE7C661D1}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{6AEB7994-DF92-4248-A124-EB261430D800}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{3B65A749-CD90-4B76-9FD8-E1A470D71D4B}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{136DA2BF-1E6E-445F-97D2-9CB5B2840D1A}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{2910747F-5B2E-460F-9F34-BA3246D949C9}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe

FirewallRules: [{5363A111-4EDE-4891-AC7E-0D015D28895D}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe

FirewallRules: [TCP Query User{7F6BA431-5258-41BF-8D63-DF80F3260424}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe] => (Allow) C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe

FirewallRules: [UDP Query User{690E7D39-CF3D-429E-B10A-BF4076E8EDA9}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe] => (Allow) C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe

FirewallRules: [{48E308A4-4A33-4B4D-B409-9A750BA2AE3D}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe

FirewallRules: [{B1CB65F8-53D0-4332-85D7-C18030C1E031}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe

FirewallRules: [{1E598ADB-4672-464D-8CFF-7E03DA9F13DC}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{22A011A9-7A10-48D6-A8E9-8BE89975CB07}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{1D89CAFF-3E75-41D3-ACB8-D45FB8027E9E}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS7EB5\OJP8500vA909_Full_13\setup\hpznui40.exe

FirewallRules: [{1A649C83-F9BE-4E5A-9450-A4A4A0E8F71F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

FirewallRules: [{B45D410B-B5B8-4963-8D87-6703C9BA22F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe

FirewallRules: [{2576125D-A259-479F-9F1F-B51C18BA8CA1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe

FirewallRules: [{96BD5F29-C91E-433D-8402-8F0BE853EE2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe

FirewallRules: [{77F823DB-06D6-4B46-8796-01543187F1DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe

FirewallRules: [{E47379FC-AB92-45FF-A81B-3870E308C8ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe

FirewallRules: [{42415531-0267-4DE3-9880-B99D0335759C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe

FirewallRules: [{16CE3075-C5EC-4D6E-9EAA-321375004F53}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe

FirewallRules: [{9A851529-AB13-49B9-B55F-2B0B20E50608}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe

FirewallRules: [{E71B519F-8461-4139-A91D-0BB078DA1AEB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe

FirewallRules: [{A5261F2F-8A51-4EBA-B831-90C2497D104E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe

FirewallRules: [{79B3A7E0-DB58-4911-9A1B-EF427DBBBA07}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe

FirewallRules: [{4ABA3AED-1E9A-411F-BDA1-6E1D26094A28}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe

FirewallRules: [{EDFF2F88-E0E2-4ACC-A8AC-D78DEE47B9A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

FirewallRules: [{F6F3DB79-15B7-412A-A5E0-FEF89F62A25E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe

FirewallRules: [{AC4DD1C0-1F9C-426E-BE09-87F5FDB7BE32}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe

FirewallRules: [{1C46CD2B-6920-470A-B552-4D4FB64AD6B4}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe

FirewallRules: [{C52F9996-E769-46DE-B291-A571F2EED59D}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe

FirewallRules: [{18A64633-A0FD-4FEE-8048-23479432530E}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsasvr.exe

FirewallRules: [{F13DDCF2-D87A-4270-BC40-DF39B9737F92}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsasvr.exe

FirewallRules: [{E2F78DD6-0416-4462-952C-6525BD64E0D3}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsvsvr.exe

FirewallRules: [{897B6510-A049-4ADA-9A34-FCA7570CA349}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsvsvr.exe

FirewallRules: [TCP Query User{C0957462-D874-4CFE-B9FF-939A23E0895F}C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe] => (Allow) C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe

FirewallRules: [UDP Query User{84832C12-5F67-4DA1-96A6-E7271C9E86EA}C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe] => (Allow) C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe

FirewallRules: [{317F6EAF-DAE6-48CC-9459-66F5D064AEC9}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{CE59ED56-BACB-4E32-B1EC-86B10893995C}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{8DE56995-CF43-4A7C-B7EC-4A58E48CAA03}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{7A67C93A-579D-4291-A98F-FFDE9451746D}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{2251F733-A846-44F1-977A-F04290671BC0}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{53FFB021-B571-4665-A546-52FC18732C28}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{4AEB8EE4-30E1-419E-9580-43354951D894}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{FC856EBE-64D6-47C1-9DB3-8D7EBA294F87}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [TCP Query User{19FB4C61-3944-4D22-933E-250244D86492}C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [UDP Query User{518FC4E6-062A-4AD6-9B1A-EF8059953E1C}C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [{DBD7C753-EDFB-45CF-BC77-A1351EC61170}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{B1293262-7D44-4EF1-AB31-8B52CB544CDC}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [TCP Query User{F767CC0C-C7D0-4791-850F-A3356A56B7E2}C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [UDP Query User{2B084990-3ACF-458F-B0DB-1932EC24BF7D}C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [TCP Query User{5D60EF0A-EE93-4B63-81D6-4DCEFE77A9F7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [UDP Query User{30C1C709-5B78-4534-BEC6-D4EBC1CCD898}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [{D1DA0B4D-2339-4058-A8C3-10D0C45460F1}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\7JHG7237.HRK\NHAGXY99.J3W\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{DD573B4A-6D13-4B4E-9DBB-021537E258F7}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\7JHG7237.HRK\NHAGXY99.J3W\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C82B9940-5E0A-4A27-8137-6BD8A83091C9}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe

FirewallRules: [{5F49AD72-F25B-4513-85BB-7CF599F7A0EA}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe

FirewallRules: [{C6B96FDB-AE10-47B6-AE7D-72583B19B607}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{AE91007B-71DE-41C4-9273-574D43CF2AE0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{4B252877-FE68-453A-8B8F-23A46DB79183}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{32EBA946-2164-4AF6-B085-D6FF08F0A0B4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{42CC78F1-7688-4430-9DBC-2374EFA11063}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe

FirewallRules: [{F62742BB-A37E-45EE-B97A-6DB714E8D432}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe

FirewallRules: [{0A61605A-E08C-4522-A69C-8FAF391ADA13}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\app\StarMoney.exe

FirewallRules: [{0CCBFC81-E02D-40C7-87E3-3F7C68EFAADF}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\app\StarMoney.exe

FirewallRules: [{5515B9C1-9D15-43A9-B705-2E5A261ED0CE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{A17D7959-38F5-41E3-9A8A-76D68EEDD966}] => (Allow) LPort=9322

FirewallRules: [{FEED730F-E300-4876-9C09-E54E8CE36959}] => (Allow) LPort=5353

FirewallRules: [{3ED5535E-EEA6-4939-B2D6-AAE000594A84}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe

FirewallRules: [{AD0288E7-E19B-4BD6-B947-73650A4A8FB9}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe

FirewallRules: [{F3A50888-4C82-4041-8099-3BD96A501F01}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe

FirewallRules: [{AF045C17-1DED-4729-ABBF-EDADCE241E94}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe

FirewallRules: [{9AEDB208-87F5-475F-850E-F4DA21533FB5}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe

FirewallRules: [{CB055D33-611C-4211-B9D2-6F7BA5F11CFB}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe

FirewallRules: [{CFB76798-0A7B-4F6C-81A3-DD52CCFE2361}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe

FirewallRules: [{49B3388D-C506-4D9F-A83E-C8A887736E08}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe

FirewallRules: [{A01F5991-4282-4B5A-98F4-2D20C4DE1F09}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe

FirewallRules: [{699C2634-F7F9-4E0C-83B1-F310D8902114}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe

FirewallRules: [{EBBDF23B-A64B-4F29-8D46-DFB5E21D0D2B}] => (Allow) LPort=5353

FirewallRules: [{A291B612-7DC2-4053-A674-A3C3B4ED8EC0}] => (Allow) C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

FirewallRules: [{D2AA0C76-6289-47D6-BA0F-A80B8D9EA215}] => (Allow) C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

FirewallRules: [{17EF27AB-E32C-4F70-AD4A-BC86A4E3D948}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{A7838210-48DF-4EBA-816F-43623E865A61}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{3454E41E-FFEC-44F5-B2FD-93C9607D9857}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C7292A3B-75E5-4854-8710-A395D0C260FC}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C2266FDF-BB49-414C-BBB8-6E27A8494D25}] => (Allow) C:\Program Files (x86)\Audials\Audials 10\Audials.exe

FirewallRules: [{75669AE8-CF83-47CF-82A8-9B206B5AC6F2}] => (Allow) LPort=12972

FirewallRules: [{FF82941F-52CE-45B6-BAD9-C02906E318B0}] => (Allow) LPort=14714

FirewallRules: [{CFFA7C30-FFF6-41FD-B249-9D179FF3B52C}] => (Allow) LPort=31931

FirewallRules: [{FFD223BE-B88B-4DCF-99DE-A43294048B04}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{0914084C-55E9-49FA-BD8F-0821C6C913B9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{07EF2CD4-31E2-414D-B616-9D8F7920C6AC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{62B0B672-A97D-4A89-AE52-DE6A26A3CCDD}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS2647\HPDiagnosticCoreUI.exe

FirewallRules: [{8541EF87-6686-4D86-93D2-04DDC211080A}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS2647\HPDiagnosticCoreUI.exe

FirewallRules: [{7F0C0A55-4C81-402C-9C9E-0B56B431C240}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{FBECAA93-E1E4-424E-BDF2-E909FB0D3B2F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{73D50136-5336-4933-A9BC-776C6395BDE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{C4198AC7-1D25-4D37-AF12-89EEC95A2A85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{0F61DA1D-2D6E-4506-B7FC-2D2EF44DA553}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe] => (Block) C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe

FirewallRules: [UDP Query User{981DCC8F-5141-4750-8FA2-97A4C2CA5503}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe] => (Block) C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe

FirewallRules: [{C4EFDD36-4653-4823-924C-7D543C1398C4}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\ZW8JXE9N.63C\CC9667DP.LKQ\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{81C8BA49-2EA4-45EE-8A42-A080466925A8}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\ZW8JXE9N.63C\CC9667DP.LKQ\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{F6FD3182-F891-403C-920D-F65074490C6B}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\RPDH7O7A.KJ7\8VE1QDO5.TOE\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{F8F9E99D-1954-4ED4-86C4-9A1E73D36D9C}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\RPDH7O7A.KJ7\8VE1QDO5.TOE\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{63401765-166F-4BE5-B875-1C72F47F7B79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{14083FD7-70C5-43FA-94D0-2A337FFF2246}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{05F36E34-621A-4058-ABCD-CD0D046D953D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{F7D4BA75-E4C5-41D6-B709-550207B17F62}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 

==================== Wiederherstellungspunkte =========================
 

27-09-2016 07:21:07 JRT Pre-Junkware Removal
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: FRITZ!WLAN Repeater N/G  (192.168.178.32)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: FRITZ!WLAN Repeater N/G  (192.168.178.2)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: SN  (192.168.178.1)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: FRITZ!Box Fon WLAN 7320  (169.254.1.1)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (09/27/2016 06:45:41 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/26/2016 10:17:26 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/26/2016 09:33:15 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/25/2016 11:15:25 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/14/2016 02:26:19 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/14/2016 01:34:49 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/07/2016 05:50:10 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm qw.exe, Version 20.36.0.133 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 3278
 

Startzeit: 01d2091e7431f441
 

Endzeit: 60000
 

Anwendungspfad: C:\Program Files (x86)\Lexware\Quicken\2013\qw.exe
 

Berichts-ID: 8aea482d-7512-11e6-9d26-00238bbbddba
 

Error: (09/07/2016 05:42:42 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm OUTLOOK.EXE, Version 12.0.6691.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 26bc
 

Startzeit: 01d2091a28e94118
 

Endzeit: 21
 

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
 

Berichts-ID: a9c8207b-7511-11e6-9d26-00238bbbddba
 

Error: (09/07/2016 05:11:51 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm OUTLOOK.EXE, Version 12.0.6691.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 2bd8
 

Startzeit: 01d206c236794c95
 

Endzeit: 0
 

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
 

Berichts-ID: 23e2164c-745c-11e6-9d26-00238bbbddba
 

Error: (08/29/2016 08:36:59 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 
 

Systemfehler:

=============

Error: (09/27/2016 06:45:12 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 

{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}

 und APPID 

{344ED43D-D086-4961-86A6-1106F4ACAD9B}

 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
 

Error: (09/27/2016 06:44:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

StarOpen
 

Error: (09/27/2016 06:44:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 

Das System kann das angegebene Gerät nicht finden.
 

Error: (09/27/2016 06:44:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "chip 1-click download service" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
 

Error: (09/27/2016 06:44:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst chip 1-click download service erreicht.
 

Error: (09/27/2016 06:44:02 AM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (09/27/2016 06:44:02 AM) (Source: atikmdag) (EventID: 19468) (User: )

Description: CPLIB :: General - Invalid Parameter
 

Error: (09/27/2016 06:44:01 AM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (09/27/2016 06:44:01 AM) (Source: atikmdag) (EventID: 19468) (User: )

Description: CPLIB :: General - Invalid Parameter
 

Error: (09/27/2016 06:43:49 AM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 
 

CodeIntegrity:

===================================

  Date: 2015-07-12 11:10:18.113

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.856

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.713

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.515

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-05-09 11:12:09.232

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.216

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.185

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.138

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2010-01-23 20:37:58.912

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\KLIFX64\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2010-01-23 20:37:58.897

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\KLIFX64\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM)2 Duo CPU T9550 @ 2.66GHz

Prozentuale Nutzung des RAM: 46%

Installierter physikalischer RAM: 4060.85 MB

Verfügbarer physikalischer RAM: 2170.7 MB

Summe virtueller Speicher: 6812.59 MB

Verfügbarer virtueller Speicher: 4720.17 MB
 

==================== Laufwerke ================================
 

Drive c: (Windows7) (Fixed) (Total:232.42 GB) (Free:4.81 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

Drive d: () (Fixed) (Total:465.76 GB) (Free:0.46 GB) NTFS

Drive f: (Data) (Fixed) (Total:231.87 GB) (Free:1.81 GB) NTFS

Drive h: (desinfDATA) (Removable) (Total:1.59 GB) (Free:1.5 GB) FAT32
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BA938E8E)

Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)

Partition 2: (Active) - (Size=232.4 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (Size: 465.8 GB) (Disk ID: 553AFC2C)

Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (Size: 7.7 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

M-K-D-B

27.09.2016 16:12

Servus,

sehr gut gemacht. :applaus: :applaus:

So geht es weiter:

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

start

CloseProcesses:

C:\Program Files (x86)\Winload

HKLM-x32\...\Run: [] => [X]

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG

Task: {7FED724C-9CDF-458C-8B90-F268EA033E74} - System32\Tasks\{69CE9557-BA97-4474-A45E-0968A6CA6AD2} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp2_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

Task: {8936FA70-2D15-4D08-B70D-514777D204FF} - System32\Tasks\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0} => pcalua.exe -a "C:\Users\Chris\AppData\Local\Temp\Temp1_Treiber - DA2 Hybrid.zip\driver\yInstallTools.exe" <==== ACHTUNG

Task: {93F317F6-81A7-40BC-B552-BEDDE69C2C73} - System32\Tasks\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp1_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]

AlternateDataStreams: C:\ProgramData\TEMP:B6AC352B [127]

CMD: dir "%ProgramFiles%"

CMD: dir "%ProgramFiles(x86)%"

CMD: dir "%ProgramData%"

CMD: dir "%Appdata%"

CMD: dir "%LocalAppdata%"

RemoveProxy:

CMD: ipconfig /flushdns

CMD: netsh winsock reset

EmptyTemp:

end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

Code:

:folderfind DnsBlock Conduit OpenCandy DownloadProtect DPBHO Yontoo Softonic YahooPartnerToolbar winload :regfind DnsBlock Conduit OpenCandy DownloadProtect DPBHO Yontoo Softonic YahooPartnerToolbar winload
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Schritt 3

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von SystemLook,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

CChris

28.09.2016 05:18

FRST.exe scheint beim ersten Schritt abgeschmiert zu sein. Und zwar beim Löschen der temporären Dateien in \Firefox\Profiles.

Beim Firefox-Start, um dieses zu posten erschien folgende Fehler-Meldung:

Einige Ihrer Proxies haben "Alle Cookies entfernen, bevor dieser Proxy genutzt wird" oder "Alle Cookies blockieren, wenn dieser Proxy benutzt wird" ausgewählt, während andere dies nicht haben. Da Netzwerkverkehr von Natur aus asynchron ist, kann es passieren, dass unterschiedliche Cookieeinstellungen bei verschiedenen Proxies in diesem Modus nicht so funktionieren, wie erwartet.

Ich würde jetzt FRST.exe über den Taskmanager beenden und nochmal starten?

-------------------------------------------------------------------------------------------
Nachtrag:

Habe FRST64.exe über den Taskmanager beendet und den PC neu gestartet. Beim 3. Anlauf ist es ordentlich zu Ende gelaufen. Daher 3 Protokolle der Fixlog.txt
Die Warnmeldung beim Start des Firefoxes kam wieder.

Muss ich die SystemLook (32 bit) Version auch noch laufen lassen, da ich ja anscheinend auch Win 32 Ordner auf dem PC habe?

Fixlog_Absturz 1

Code:



Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2016

durchgeführt von Chris (27-09-2016 17:40:01) Run:1

Gestartet von C:\Users\Chris\Desktop

Geladene Profile: Chris (Verfügbare Profile: Chris & Gast)

Start-Modus: Normal

==============================================
 

fixlist Inhalt:

*****************

start

CloseProcesses:

C:\Program Files (x86)\Winload

HKLM-x32\...\Run: [] => [X]

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG

Task: {7FED724C-9CDF-458C-8B90-F268EA033E74} - System32\Tasks\{69CE9557-BA97-4474-A45E-0968A6CA6AD2} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp2_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

Task: {8936FA70-2D15-4D08-B70D-514777D204FF} - System32\Tasks\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0} => pcalua.exe -a "C:\Users\Chris\AppData\Local\Temp\Temp1_Treiber - DA2 Hybrid.zip\driver\yInstallTools.exe" <==== ACHTUNG

Task: {93F317F6-81A7-40BC-B552-BEDDE69C2C73} - System32\Tasks\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp1_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]

AlternateDataStreams: C:\ProgramData\TEMP:B6AC352B [127]

CMD: dir "%ProgramFiles%"

CMD: dir "%ProgramFiles(x86)%"

CMD: dir "%ProgramData%"

CMD: dir "%Appdata%"

CMD: dir "%LocalAppdata%"

RemoveProxy:

CMD: ipconfig /flushdns

CMD: netsh winsock reset

EmptyTemp:

end

*****************
 

Prozess erfolgreich geschlossen.

C:\Program Files (x86)\Winload => erfolgreich verschoben

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt

"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FED724C-9CDF-458C-8B90-F268EA033E74}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FED724C-9CDF-458C-8B90-F268EA033E74}" => Schlüssel erfolgreich entfernt

C:\Windows\System32\Tasks\{69CE9557-BA97-4474-A45E-0968A6CA6AD2} => erfolgreich verschoben

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{69CE9557-BA97-4474-A45E-0968A6CA6AD2}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8936FA70-2D15-4D08-B70D-514777D204FF}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8936FA70-2D15-4D08-B70D-514777D204FF}" => Schlüssel erfolgreich entfernt

C:\Windows\System32\Tasks\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0} => erfolgreich verschoben

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93F317F6-81A7-40BC-B552-BEDDE69C2C73}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93F317F6-81A7-40BC-B552-BEDDE69C2C73}" => Schlüssel erfolgreich entfernt

C:\Windows\System32\Tasks\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0} => erfolgreich verschoben

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0}" => Schlüssel erfolgreich entfernt

C:\ProgramData\sdpsenv.dat => ":naughtypirates" ADS erfolgreich entfernt.

C:\ProgramData\TEMP => ":B6AC352B" ADS erfolgreich entfernt.
 

========= dir "%ProgramFiles%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Program Files
 

26.09.2016  21:58    <DIR>          .

26.09.2016  21:58    <DIR>          ..

23.04.2011  13:09    <DIR>          7-Zip

24.01.2010  05:26    <DIR>          Apoint2K

24.01.2010  05:31    <DIR>          ATI

02.06.2014  17:34    <DIR>          Canon

13.09.2015  19:25    <DIR>          Common Files

24.01.2010  05:31    <DIR>          CONEXANT

24.01.2010  15:21    <DIR>          DIFX

04.12.2013  21:07    <DIR>          DivX

21.06.2011  12:02    <DIR>          DVD Maker

16.10.2013  13:35    <DIR>          GIMP 2

22.06.2015  21:30    <DIR>          Internet Explorer

20.12.2014  18:31    <DIR>          Java

01.02.2013  14:02    <DIR>          Logitech

04.06.2011  00:21    <DIR>          maxdome

24.01.2010  05:31    <DIR>          Microsoft Games

19.03.2015  12:12    <DIR>          Microsoft Mouse and Keyboard Center

25.01.2010  23:41    <DIR>          Microsoft Office

27.06.2016  08:16    <DIR>          Microsoft Silverlight

14.07.2009  07:32    <DIR>          MSBuild

07.09.2016  19:05    <DIR>          Paragon Software

04.09.2011  13:48    <DIR>          PlayReady

14.07.2009  07:32    <DIR>          Reference Assemblies

24.01.2010  15:28    <DIR>          Toshiba

24.01.2010  05:31    <DIR>          Windows Calendar

24.01.2010  05:31    <DIR>          Windows Collaboration

18.03.2015  15:55    <DIR>          Windows Defender

22.06.2015  21:30    <DIR>          Windows Journal

21.06.2011  12:02    <DIR>          Windows Mail

22.06.2015  21:30    <DIR>          Windows Media Player

24.01.2010  06:27    <DIR>          Windows NT

24.01.2010  05:31    <DIR>          Windows Photo Gallery

21.06.2011  12:02    <DIR>          Windows Photo Viewer

21.06.2011  12:02    <DIR>          Windows Portable Devices

21.06.2011  12:02    <DIR>          Windows Sidebar

24.04.2010  15:24    <DIR>          WinRAR

15.10.2015  09:51    <DIR>          {08182E2D-B449-4D76-A8B3-A36FF9A8CE4E}

03.07.2016  16:37    <DIR>          {0BA15EA7-137E-47DE-9952-536F0754F5C6}

26.09.2016  21:58    <DIR>          {16916AFE-57EE-48FB-AD4A-6A0BA8760DBD}

16.01.2016  18:20    <DIR>          {2E581B0F-78F6-46EC-963C-74734453F68B}

24.09.2016  20:34    <DIR>          {59DC0B16-6721-47A2-8A18-638F86DE577B}

15.03.2016  12:13    <DIR>          {5DE52103-CB18-4C18-9731-CA12C6608B4E}

27.06.2016  08:45    <DIR>          {6898554C-783C-4ABE-BB8A-0D19E0BBD00E}

24.06.2016  17:18    <DIR>          {7F691B94-EC20-4AB1-B359-65F7E779A79A}

18.04.2016  17:31    <DIR>          {846F4C8A-F6AD-4D76-803E-FA53E52E7B77}

01.04.2016  10:48    <DIR>          {A8AB7588-B27F-4596-8EBA-B7BCEF12A0C1}

22.06.2016  18:34    <DIR>          {C424C90C-BE90-4C5A-B85C-A058A6CFD745}

10.09.2016  16:25    <DIR>          {CACC03DD-9A08-4DDD-835C-48048033E61E}

28.10.2015  22:25    <DIR>          {D7139FD5-6BBD-4CBF-8C21-770ED5ECB337}

15.08.2016  09:17    <DIR>          {ECA3C7D6-410D-4C8C-97D0-99041876CB1E}

12.11.2015  09:26    <DIR>          {F1F8D207-809B-4951-821A-9AFC3E8EF560}

19.08.2016  20:08    <DIR>          {F7F09E8D-C722-4D76-8582-F88D0B42ADCE}

               0 Datei(en),              0 Bytes

              53 Verzeichnis(se),  5.479.596.032 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%ProgramFiles(x86)%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Program Files (x86)
 

27.09.2016  17:40    <DIR>          .

27.09.2016  17:40    <DIR>          ..

24.01.2010  05:31    <DIR>          Activation Assistant for the 2007 Microsoft Office suites

07.11.2015  09:53    <DIR>          Adobe

31.03.2013  02:15    <DIR>          AKVIS

29.09.2010  00:08    <DIR>          Amazon

24.01.2010  15:20    <DIR>          ATI Technologies

27.05.2013  20:41    <DIR>          Audials

24.09.2016  19:41    <DIR>          Auktionatrix

05.08.2011  21:57    <DIR>          Avery

26.07.2015  19:41    <DIR>          AVG

03.12.2012  21:58    <DIR>          Brother

17.11.2011  02:12    <DIR>          Buhl

23.11.2011  22:51    <DIR>          Business Objects

24.01.2010  15:21    <DIR>          Camera Assistant Software for Toshiba

02.06.2014  17:41    <DIR>          Canon

09.08.2016  00:07    <DIR>          Chip Digital GmbH

04.09.2014  14:45    <DIR>          Cisco

28.05.2016  16:54    <DIR>          Common Files

08.05.2011  14:03    <DIR>          COMPELSON Labs

09.05.2011  14:40    <DIR>          Compiled Driver Disc (Full)

08.05.2011  15:42    <DIR>          Compiled Driver Disk (Samsung)

04.12.2013  21:08    <DIR>          DivX

18.12.2015  19:31    <DIR>          DVDVideoSoft

14.02.2011  16:49    <DIR>          Elaborate Bytes

26.07.2010  23:46    <DIR>          EpsonNet

09.01.2012  18:30    <DIR>          Equip

09.01.2012  17:51    <DIR>          EQUIP CAPI

30.07.2010  19:58    <DIR>          FileZilla FTP Client

24.09.2016  19:57    <DIR>          fotokasten comfort

18.12.2015  19:30    <DIR>          FreeCodecPack

02.02.2010  20:05    <DIR>          FreeCommander

17.06.2010  11:05    <DIR>          FTD.de

03.06.2015  21:20    <DIR>          Google

18.05.2011  21:23    <DIR>          grafstat4

25.11.2013  21:50    <DIR>          HP

20.06.2014  02:37    <DIR>          HTC

27.11.2013  13:29    <DIR>          Inforall

24.01.2010  05:32    <DIR>          Intel

22.06.2015  21:30    <DIR>          Internet Explorer

24.01.2010  05:32    <DIR>          InterVideo

14.01.2012  19:46    <DIR>          IrfanView

01.05.2016  15:46    <DIR>          Java

06.02.2013  20:49    <DIR>          JDownloader

28.05.2016  16:54    <DIR>          Kaspersky Lab

13.06.2013  20:25    <DIR>          kleiner_brauhelfer

29.10.2012  10:23    <DIR>          Kodak

29.10.2012  18:20    <DIR>          Kroll Ontrack

02.12.2011  01:46    <DIR>          Lexware

02.02.2010  22:49    <DIR>          Lottoschein-Check

17.05.2013  23:31    <DIR>          MAGIX

26.09.2016  22:33    <DIR>          Malwarebytes Anti-Malware

24.01.2010  15:25    <DIR>          Marvell

18.03.2015  20:21    <DIR>          Microsoft

18.03.2015  13:06    <DIR>          Microsoft Office

24.01.2010  05:33    <DIR>          Microsoft Office Communicator

27.06.2016  08:16    <DIR>          Microsoft Silverlight

25.01.2010  23:47    <DIR>          Microsoft Visual Studio

25.01.2010  23:41    <DIR>          Microsoft Visual Studio 8

18.03.2015  12:37    <DIR>          Microsoft Works

16.11.2010  09:49    <DIR>          Microsoft.NET

27.06.2015  15:17    <DIR>          Mighty Uninstaller

12.07.2015  14:55    <DIR>          MiniTool Partition Wizard Free 9.0

30.01.2010  14:20    <DIR>          MirandaFusion

09.04.2011  19:38    <DIR>          Mobile Master

09.05.2011  14:31    <DIR>          MOBILedit!

24.04.2011  14:46    <DIR>          MOBILedit! PhoneCopier

24.09.2016  19:57    <DIR>          moneyplex

18.01.2015  12:44    <DIR>          MozBackup

12.07.2015  11:39    <DIR>          Mozilla Firefox

11.07.2015  17:57    <DIR>          Mozilla Maintenance Service

25.01.2010  23:47    <DIR>          MSBuild

11.04.2013  13:21    <DIR>          MSECache

30.05.2011  23:15    <DIR>          MSXML 4.0

04.06.2012  14:00    <DIR>          NAVIGON

24.01.2010  05:33    <DIR>          NetWaiting

09.07.2012  20:12    <DIR>          Nitro PDF

09.08.2016  00:08    <DIR>          Notepad++

04.05.2010  00:11    <DIR>          Numus Auto Disk Builder and Burner

24.01.2010  15:26    <DIR>          O2Micro Flash Memory Card Driver

07.10.2013  20:32    <DIR>          OCSetup

20.11.2015  17:17    <DIR>          PDF24

12.12.2012  22:59    <DIR>          Pinnacle

28.05.2011  18:59    <DIR>          PSPP

13.03.2011  18:25    <DIR>          QuickTime Alternative

03.04.2014  18:45    <DIR>          RasWin

14.07.2009  07:32    <DIR>          Reference Assemblies

10.06.2014  15:31    <DIR>          RG eBook

09.05.2010  13:51    <DIR>          SAMSUNG

14.07.2015  17:41    <DIR>          SecuBrowser

16.12.2010  18:46    <DIR>          simfy VZ edition

06.04.2015  20:13    <DIR>          Skype

19.06.2014  22:39    <DIR>          Spirent Communications

13.04.2014  10:37    <DIR>          StarMoney Business 5.0

18.03.2010  20:51    <DIR>          StarPrint Limited

30.05.2011  16:48    <DIR>          StatSoft

25.08.2011  22:59    <DIR>          Stellar Phoenix PowerPoint Recovery

20.10.2013  22:44    <DIR>          StreamTransport

15.11.2012  14:17    <DIR>          Stundenplan

24.09.2016  20:38    <DIR>          Surf & E-Mail-Stick

08.10.2011  13:14    <DIR>          Switcher

12.02.2014  10:19    <DIR>          Synology

16.08.2016  11:12    <DIR>          TeamViewer

27.03.2010  21:25    <DIR>          TerraTec

31.12.2015  17:22    <DIR>          Tinypic

24.01.2010  15:11    <DIR>          Toshiba

26.03.2011  22:09    <DIR>          Toshiba TEMPRO

24.01.2010  05:34    <DIR>          Ulead Systems

04.05.2011  12:41    <DIR>          Universal Document Converter

30.07.2010  13:47    <DIR>          UPS Widget

09.05.2011  11:06    <DIR>          Verbindungsassistent

15.05.2010  15:20    <DIR>          VideoLAN

23.03.2012  11:28    <DIR>          Vodafone

10.08.2012  19:32    <DIR>          WatchTVPro Essential

02.12.2011  01:45    <DIR>          Wertpapieranalyse 2012

16.10.2013  12:56    <DIR>          Winamp

24.01.2010  05:34    <DIR>          Windows Calendar

21.01.2008  05:09    <DIR>          Windows Collaboration

18.03.2015  15:55    <DIR>          Windows Defender

21.06.2011  12:02    <DIR>          Windows Mail

24.01.2010  05:34    <DIR>          Windows Media Components

22.06.2015  21:30    <DIR>          Windows Media Player

14.07.2009  07:32    <DIR>          Windows NT

24.01.2010  05:34    <DIR>          Windows Photo Gallery

21.06.2011  12:02    <DIR>          Windows Photo Viewer

21.06.2011  12:02    <DIR>          Windows Portable Devices

21.06.2011  12:02    <DIR>          Windows Sidebar

27.11.2013  13:59    <DIR>          WinSCP

02.02.2010  00:46    <DIR>          WinTimeKill

04.05.2010  00:10    <DIR>          Xenocode

28.10.2015  22:25    <DIR>          {01615F43-3647-4928-8CB4-0B7F4F940DEA}

16.08.2015  14:20    <DIR>          {0F4AA5F5-B1C3-4A4E-B8BB-814F3FAAA4CA}

23.06.2016  05:07    <DIR>          {21FFFEFC-5DD2-4991-9B43-509D22668380}

29.06.2016  11:05    <DIR>          {34200A20-0B27-4742-B4A2-009E0EC4DA7E}

24.06.2016  17:18    <DIR>          {71834002-D354-430D-8859-FA657575900E}

28.11.2015  15:27    <DIR>          {7DD2579A-B226-4D61-BAA6-01947EBECE7D}

               0 Datei(en),              0 Bytes

             136 Verzeichnis(se),  5.479.583.744 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%ProgramData%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\ProgramData
 

09.06.2014  22:29    <DIR>          1&1 Sync

07.11.2015  09:53    <DIR>          Adobe

13.03.2011  17:53    <DIR>          Apple Computer

24.01.2010  15:21    <DIR>          ATI

26.07.2015  19:41    <DIR>          AVG

04.06.2012  14:06    <DIR>          boost_interprocess

27.10.2011  12:30    <DIR>          Brother

24.01.2010  05:34    <DIR>          Buhl Data Service GmbH

02.06.2014  17:41    <DIR>          Canon IJ Network Tool

10.08.2016  23:19    <DIR>          CanonIJPLM

02.06.2014  17:38    <DIR>          CanonIJWSpt

04.09.2014  14:45    <DIR>          Cisco

09.07.2010  12:36           159.464 DeviceManager.xml.rc4

04.12.2013  21:08    <DIR>          DivX

04.06.2015  09:52    <DIR>          Dropbox

24.01.2010  05:34    <DIR>          FLEXnet

15.12.2011  03:00    <DIR>          fotokasten comfort

03.06.2010  15:00    <DIR>          FREEDB

25.11.2013  21:51    <DIR>          HP

25.11.2013  21:51    <DIR>          HP Product Assistant

25.11.2013  22:05             3.493 hpzinstall.log

20.06.2014  02:37    <DIR>          HTC

26.03.2011  22:12    <DIR>          IsolatedStorage

27.09.2016  07:00    <DIR>          Kaspersky Lab

28.05.2016  16:56    <DIR>          Kaspersky Lab Setup Files

29.10.2012  10:24    <DIR>          Kodak

07.09.2016  20:14    <DIR>          launcher

24.08.2011  22:18                 0 LauncherAccess.dt

05.05.2016  19:40    <DIR>          Lexware

26.01.2010  18:02    <DIR>          Macrovision

17.05.2013  23:33    <DIR>          MAGIX

26.09.2016  22:33    <DIR>          Malwarebytes

23.06.2016  22:38    <DIR>          Malwarebytes' Anti-Malware (portable)

01.11.2011  01:31    <DIR>          maxdome

18.07.2010  19:07    <DIR>          McAfee

01.06.2016  21:50    <DIR>          Microsoft Help

09.04.2011  19:46    <DIR>          Mobile Master

22.07.2012  22:41    <DIR>          Mozilla

09.07.2012  20:12    <DIR>          Nitro PDF

01.04.2011  08:10    <DIR>          Norton

01.04.2011  08:08    <DIR>          NortonInstaller

19.05.2014  13:46           262.144 ntuser.dat

01.05.2016  16:45    <DIR>          Oracle

03.05.2010  22:18    <DIR>          PC Suite

12.12.2012  23:04    <DIR>          Pinnacle

27.05.2013  20:41    <DIR>          RapidSolution

24.01.2010  05:35    <DIR>          SiteAdvisor

16.09.2015  13:17    <DIR>          Skype

23.11.2011  22:54    <DIR>          StarMoney Business 5.0

30.05.2011  16:48    <DIR>          StatSoft

05.04.2010  01:57    <DIR>          Sun

01.04.2011  08:08    <DIR>          Symantec

12.02.2014  10:19    <DIR>          Synology

18.04.2013  09:30    <DIR>          TEMP

27.03.2010  21:25    <DIR>          TerraTec

24.01.2010  15:06    <DIR>          Toshiba

26.03.2011  22:12    <DIR>          TOSHIBA Tempro

24.01.2010  05:35    <DIR>          ToshibaEurope

16.10.2013  12:59    <DIR>          TuneUp Software

24.01.2010  05:35    <DIR>          Ulead Systems

20.05.2011  20:22    <DIR>          Vodafone

05.04.2010  13:59    <DIR>          WEBREG

26.01.2010  00:04    <DIR>          WISO B”rse 2009

02.12.2011  01:45    <DIR>          World Money

24.01.2010  05:35    <DIR>          {174892B1-CBE7-44F5-86FF-AB555EFD73A3}

               4 Datei(en),        425.101 Bytes

              61 Verzeichnis(se),  5.479.579.648 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%Appdata%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Users\Chris\AppData\Roaming
 

26.09.2016  21:58    <DIR>          .

26.09.2016  21:58    <DIR>          ..

21.06.2011  13:27    <DIR>          Adobe

29.09.2010  00:10    <DIR>          Amazon

19.06.2014  22:41    <DIR>          Apple Computer

24.01.2010  05:44    <DIR>          ATI

05.08.2011  22:01    <DIR>          Avery

26.07.2015  19:41    <DIR>          AVG

20.03.2010  10:44    <DIR>          Brother

25.01.2010  23:59    <DIR>          Buhl Data Service

18.11.2011  17:46    <DIR>          Buhl Data Service GmbH

27.07.2014  11:18    <DIR>          Canon

30.07.2010  13:47    <DIR>          com.polythink.ups.wda.03EBA0C726630DF115D9764F9B83F5185396D811.1

10.06.2014  15:32    <DIR>          com.radeberger-gruppe.ebook

25.11.2013  22:05               697 ConvAPIPlugin.log

07.05.2016  17:09    <DIR>          DataDesign

11.03.2015  16:52    <DIR>          DivX

12.07.2015  11:09    <DIR>          dlg

09.07.2012  20:09    <DIR>          Downloaded Installations

25.09.2016  15:22    <DIR>          Dropbox

10.11.2013  22:41    <DIR>          dvdcss

18.12.2015  19:38    <DIR>          DVDVideoSoft

30.07.2010  14:58    <DIR>          EurekaLog

31.07.2010  00:48    <DIR>          FileZilla

25.01.2010  23:15    <DIR>          FLEXnet

02.02.2010  20:05    <DIR>          FreeCommander

17.06.2010  13:12    <DIR>          FTD

13.06.2013  20:26    <DIR>          Gremmelsoft

15.06.2011  21:15    <DIR>          gtk-2.0

27.07.2010  21:03    <DIR>          HP

27.10.2015  09:29    <DIR>          HpUpdate

20.06.2014  02:37    <DIR>          HTC

28.01.2010  00:09    <DIR>          Identities

27.10.2011  12:30    <DIR>          InstallShield

14.01.2012  19:46    <DIR>          IrfanView

09.04.2011  19:37    <DIR>          Jumping Bytes

01.02.2010  23:19    <DIR>          LetsTrade

02.12.2011  19:52    <DIR>          Lexware

24.01.2010  05:44    <DIR>          Macromedia

27.01.2010  18:31    <DIR>          Macrovision

27.05.2013  20:24    <DIR>          MAGIX

09.10.2014  17:15    <DIR>          Marmiko IT-Solutions GmbH

14.07.2009  20:18    <DIR>          Media Center Programs

30.01.2010  16:24    <DIR>          Miranda Fusion

23.04.2011  18:10    <DIR>          Mobile Master

09.05.2011  14:24    <DIR>          MOBILedit

03.04.2011  14:32    <DIR>          MOBILedit! PhoneCopier

18.01.2015  11:21    <DIR>          Mozilla

26.01.2010  00:11    <DIR>          myphotobook

09.08.2016  23:24    <DIR>          Nitro PDF

09.08.2016  00:13    <DIR>          Notepad++

04.05.2010  00:10    <DIR>          NumusAutoDiskBuilder

21.05.2013  00:03    <DIR>          Opera

20.12.2014  18:28    <DIR>          Oracle

03.05.2010  22:18    <DIR>          PC Suite

15.07.2011  14:35               106 psppirerc

14.04.2014  19:31    <DIR>          RasWin

09.05.2010  13:59    <DIR>          Samsung

16.09.2015  13:17    <DIR>          Skype

02.02.2010  21:06    <DIR>          skypePM

30.05.2011  16:49    <DIR>          Softland

30.05.2011  16:51    <DIR>          StatSoft

30.07.2010  14:47    <DIR>          Stephan Muller

01.05.2016  15:48    <DIR>          Sun

20.08.2015  22:01    <DIR>          TeamViewer

16.10.2012  08:21    <DIR>          Temp

31.03.2010  17:45    <DIR>          TerraTec

13.07.2011  11:50    <DIR>          TOSHIBA

16.10.2013  12:55    <DIR>          TuneUp Software

01.11.2012  15:56    <DIR>          U3

04.05.2011  12:41    <DIR>          UDC Profiles

14.02.2011  11:32    <DIR>          Ulead Systems

12.07.2015  11:14               275 uninstall.bat

01.06.2016  17:42    <DIR>          vlc

24.01.2010  05:44    <DIR>          Vodafone

11.12.2011  04:03    <DIR>          Winamp

24.04.2010  15:24    <DIR>          WinRAR

16.12.2013  12:54               600 winscp.rnd

26.01.2010  00:19                 0 wklnhst.dat

               5 Datei(en),          1.678 Bytes

              74 Verzeichnis(se),  5.479.575.552 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%LocalAppdata%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Users\Chris\AppData\Local
 

27.09.2016  07:27    <DIR>          .

27.09.2016  07:27    <DIR>          ..

20.11.2015  17:36    <DIR>          Adobe

19.06.2014  22:41    <DIR>          Apple Computer

22.03.2010  00:37    <DIR>          Apps

30.07.2010  14:48    <DIR>          assembly

24.01.2010  05:44    <DIR>          ATI

26.07.2015  19:41    <DIR>          Avg

16.10.2013  13:01    <DIR>          Avg2014

25.01.2010  23:59    <DIR>          Buhl Data Service

20.11.2015  17:36    <DIR>          CEF

06.03.2013  18:06    <DIR>          Cisco

24.02.2014  19:33             6.656 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

02.10.2013  12:40    <DIR>          DDMSettings

27.09.2016  07:02    <DIR>          Deployment

31.05.2011  11:18    <DIR>          Diagnostics

07.09.2016  18:45    <DIR>          Downloaded Installations

16.04.2016  11:08    <DIR>          Dropbox

16.11.2010  23:37                79 DVDPATH.TXT

16.10.2012  08:28    <DIR>          Eastman Kodak Company

29.10.2012  10:20    <DIR>          Eastman_Kodak_Company

02.02.2015  20:52    <DIR>          ElevatedDiagnostics

18.12.2015  20:05    <DIR>          fotokasten comfort

15.12.2011  02:26    <DIR>          fotokasten_GmbH

12.02.2016  11:34           138.936 GDIPFONTCACHEV1.DAT

11.06.2014  00:01    <DIR>          gegl-0.2

28.10.2011  23:49    <DIR>          Google

04.09.2014  21:59    <DIR>          gtk-2.0

28.06.2015  20:45    <DIR>          GWX

05.04.2010  13:55    <DIR>          HP

25.05.2011  21:19    <DIR>          ISI

13.12.2012  00:37    <DIR>          IsolatedStorage

16.10.2012  08:32               236 LaunchHomeCenter.log

02.12.2011  01:49    <DIR>          Lexware

01.02.2013  14:03    <DIR>          Logitech

17.01.2013  10:00    <DIR>          Macromedia

15.05.2010  15:08    <DIR>          MAGIX

09.10.2014  17:15    <DIR>          Marmiko IT-Solutions GmbH

27.06.2015  14:27    <DIR>          Microsoft

12.07.2010  22:04    <DIR>          Microsoft Help

16.11.2011  18:36             1.516 MiniAssist.ini

21.06.2011  13:36             1.516 MiniAssist.ini.bak

16.11.2011  19:06            71.452 MiniAssist.log

07.05.2011  16:55    <DIR>          Mobile Master

02.10.2013  12:49    <DIR>          Mozilla

01.12.2012  14:46    <DIR>          Nexway

20.07.2011  11:54    <DIR>          PDF24

13.12.2012  00:37    <DIR>          Pinnacle

13.12.2012  00:37    <DIR>          Pinnacle Systems GmbH

26.01.2010  18:03    <DIR>          Programs

27.05.2013  20:37    <DIR>          RapidSolution

04.09.2014  21:59            10.170 recently-used.xbel

18.03.2015  15:02             7.601 resmon.resmoncfg

06.04.2015  20:14    <DIR>          Skype

18.03.2010  20:53    <DIR>          StarPrint Limited

31.01.2016  12:29    <DIR>          TeamViewer

27.09.2016  17:37    <DIR>          Temp

02.05.2010  15:28    <DIR>          Toshiba

03.05.2011  22:13    <DIR>          VirtualStore

28.05.2016  15:44    <DIR>          WEB.DE Application {sync-000021}

04.05.2010  00:10    <DIR>          Xenocode

27.11.2013  22:31         2.529.622 [j0019]-[p04].bmp

24.01.2010  05:44    <DIR>          {488CA21E-322E-4720-8CF4-9B475A5D5676}

20.05.2011  20:17    <DIR>          {51118E21-1324-4510-AB66-D6360E215EF3}

              10 Datei(en),      2.767.784 Bytes

              54 Verzeichnis(se),  5.479.571.456 Bytes frei
 

========= Ende von CMD: =========
 
 

========= RemoveProxy: =========
 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
 
 

========= Ende von RemoveProxy: =========
 
 

========= ipconfig /flushdns =========
 
 

Windows-IP-Konfiguration
 

Der DNS-Aufl”sungscache wurde geleert.
 

========= Ende von CMD: =========
 
 

========= netsh winsock reset =========
 
 

Der Winsock-Katalog wurde zurckgesetzt.

Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
 
 

========= Ende von CMD: =========
 
 

=========== EmptyTemp: ==========
 

BITS transfer queue => 8388608 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39493818 B

Java, Flash, Steam htmlcache => 80689 B

Windows/system/drivers => 1648434762 B

Edge => 0 B

Chrome => 0 B

Fixlog_Absturz 2

Code:



Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2016

durchgeführt von Chris (27-09-2016 22:18:37) Run:2

Gestartet von C:\Users\Chris\Desktop

Geladene Profile: Chris (Verfügbare Profile: Chris & Gast)

Start-Modus: Normal

==============================================
 

fixlist Inhalt:

*****************

start

CloseProcesses:

C:\Program Files (x86)\Winload

HKLM-x32\...\Run: [] => [X]

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG

Task: {7FED724C-9CDF-458C-8B90-F268EA033E74} - System32\Tasks\{69CE9557-BA97-4474-A45E-0968A6CA6AD2} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp2_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

Task: {8936FA70-2D15-4D08-B70D-514777D204FF} - System32\Tasks\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0} => pcalua.exe -a "C:\Users\Chris\AppData\Local\Temp\Temp1_Treiber - DA2 Hybrid.zip\driver\yInstallTools.exe" <==== ACHTUNG

Task: {93F317F6-81A7-40BC-B552-BEDDE69C2C73} - System32\Tasks\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp1_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]

AlternateDataStreams: C:\ProgramData\TEMP:B6AC352B [127]

CMD: dir "%ProgramFiles%"

CMD: dir "%ProgramFiles(x86)%"

CMD: dir "%ProgramData%"

CMD: dir "%Appdata%"

CMD: dir "%LocalAppdata%"

RemoveProxy:

CMD: ipconfig /flushdns

CMD: netsh winsock reset

EmptyTemp:

end

*****************
 

Prozess erfolgreich geschlossen.

"C:\Program Files (x86)\Winload" => nicht gefunden.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert nicht gefunden.

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel nicht gefunden. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FED724C-9CDF-458C-8B90-F268EA033E74} => Schlüssel nicht gefunden. 

C:\Windows\System32\Tasks\{69CE9557-BA97-4474-A45E-0968A6CA6AD2} => nicht gefunden.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{69CE9557-BA97-4474-A45E-0968A6CA6AD2} => Schlüssel nicht gefunden. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8936FA70-2D15-4D08-B70D-514777D204FF} => Schlüssel nicht gefunden. 

C:\Windows\System32\Tasks\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0} => nicht gefunden.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0} => Schlüssel nicht gefunden. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93F317F6-81A7-40BC-B552-BEDDE69C2C73} => Schlüssel nicht gefunden. 

C:\Windows\System32\Tasks\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0} => nicht gefunden.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0} => Schlüssel nicht gefunden. 

"C:\ProgramData\sdpsenv.dat" => ":naughtypirates" ADS nicht gefunden.

"C:\ProgramData\TEMP" => ":B6AC352B" ADS nicht gefunden.
 

========= dir "%ProgramFiles%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Program Files
 

26.09.2016  21:58    <DIR>          .

26.09.2016  21:58    <DIR>          ..

23.04.2011  13:09    <DIR>          7-Zip

24.01.2010  05:26    <DIR>          Apoint2K

24.01.2010  05:31    <DIR>          ATI

02.06.2014  17:34    <DIR>          Canon

13.09.2015  19:25    <DIR>          Common Files

24.01.2010  05:31    <DIR>          CONEXANT

24.01.2010  15:21    <DIR>          DIFX

04.12.2013  21:07    <DIR>          DivX

21.06.2011  12:02    <DIR>          DVD Maker

16.10.2013  13:35    <DIR>          GIMP 2

22.06.2015  21:30    <DIR>          Internet Explorer

20.12.2014  18:31    <DIR>          Java

01.02.2013  14:02    <DIR>          Logitech

04.06.2011  00:21    <DIR>          maxdome

24.01.2010  05:31    <DIR>          Microsoft Games

19.03.2015  12:12    <DIR>          Microsoft Mouse and Keyboard Center

25.01.2010  23:41    <DIR>          Microsoft Office

27.06.2016  08:16    <DIR>          Microsoft Silverlight

14.07.2009  07:32    <DIR>          MSBuild

07.09.2016  19:05    <DIR>          Paragon Software

04.09.2011  13:48    <DIR>          PlayReady

14.07.2009  07:32    <DIR>          Reference Assemblies

24.01.2010  15:28    <DIR>          Toshiba

24.01.2010  05:31    <DIR>          Windows Calendar

24.01.2010  05:31    <DIR>          Windows Collaboration

18.03.2015  15:55    <DIR>          Windows Defender

22.06.2015  21:30    <DIR>          Windows Journal

21.06.2011  12:02    <DIR>          Windows Mail

22.06.2015  21:30    <DIR>          Windows Media Player

24.01.2010  06:27    <DIR>          Windows NT

24.01.2010  05:31    <DIR>          Windows Photo Gallery

21.06.2011  12:02    <DIR>          Windows Photo Viewer

21.06.2011  12:02    <DIR>          Windows Portable Devices

21.06.2011  12:02    <DIR>          Windows Sidebar

24.04.2010  15:24    <DIR>          WinRAR

15.10.2015  09:51    <DIR>          {08182E2D-B449-4D76-A8B3-A36FF9A8CE4E}

03.07.2016  16:37    <DIR>          {0BA15EA7-137E-47DE-9952-536F0754F5C6}

26.09.2016  21:58    <DIR>          {16916AFE-57EE-48FB-AD4A-6A0BA8760DBD}

16.01.2016  18:20    <DIR>          {2E581B0F-78F6-46EC-963C-74734453F68B}

24.09.2016  20:34    <DIR>          {59DC0B16-6721-47A2-8A18-638F86DE577B}

15.03.2016  12:13    <DIR>          {5DE52103-CB18-4C18-9731-CA12C6608B4E}

27.06.2016  08:45    <DIR>          {6898554C-783C-4ABE-BB8A-0D19E0BBD00E}

24.06.2016  17:18    <DIR>          {7F691B94-EC20-4AB1-B359-65F7E779A79A}

18.04.2016  17:31    <DIR>          {846F4C8A-F6AD-4D76-803E-FA53E52E7B77}

01.04.2016  10:48    <DIR>          {A8AB7588-B27F-4596-8EBA-B7BCEF12A0C1}

22.06.2016  18:34    <DIR>          {C424C90C-BE90-4C5A-B85C-A058A6CFD745}

10.09.2016  16:25    <DIR>          {CACC03DD-9A08-4DDD-835C-48048033E61E}

28.10.2015  22:25    <DIR>          {D7139FD5-6BBD-4CBF-8C21-770ED5ECB337}

15.08.2016  09:17    <DIR>          {ECA3C7D6-410D-4C8C-97D0-99041876CB1E}

12.11.2015  09:26    <DIR>          {F1F8D207-809B-4951-821A-9AFC3E8EF560}

19.08.2016  20:08    <DIR>          {F7F09E8D-C722-4D76-8582-F88D0B42ADCE}

               0 Datei(en),              0 Bytes

              53 Verzeichnis(se),  7.185.137.664 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%ProgramFiles(x86)%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Program Files (x86)
 

27.09.2016  17:40    <DIR>          .

27.09.2016  17:40    <DIR>          ..

24.01.2010  05:31    <DIR>          Activation Assistant for the 2007 Microsoft Office suites

07.11.2015  09:53    <DIR>          Adobe

31.03.2013  02:15    <DIR>          AKVIS

29.09.2010  00:08    <DIR>          Amazon

24.01.2010  15:20    <DIR>          ATI Technologies

27.05.2013  20:41    <DIR>          Audials

24.09.2016  19:41    <DIR>          Auktionatrix

05.08.2011  21:57    <DIR>          Avery

26.07.2015  19:41    <DIR>          AVG

03.12.2012  21:58    <DIR>          Brother

17.11.2011  02:12    <DIR>          Buhl

23.11.2011  22:51    <DIR>          Business Objects

24.01.2010  15:21    <DIR>          Camera Assistant Software for Toshiba

02.06.2014  17:41    <DIR>          Canon

09.08.2016  00:07    <DIR>          Chip Digital GmbH

04.09.2014  14:45    <DIR>          Cisco

28.05.2016  16:54    <DIR>          Common Files

08.05.2011  14:03    <DIR>          COMPELSON Labs

09.05.2011  14:40    <DIR>          Compiled Driver Disc (Full)

08.05.2011  15:42    <DIR>          Compiled Driver Disk (Samsung)

04.12.2013  21:08    <DIR>          DivX

18.12.2015  19:31    <DIR>          DVDVideoSoft

14.02.2011  16:49    <DIR>          Elaborate Bytes

26.07.2010  23:46    <DIR>          EpsonNet

09.01.2012  18:30    <DIR>          Equip

09.01.2012  17:51    <DIR>          EQUIP CAPI

30.07.2010  19:58    <DIR>          FileZilla FTP Client

24.09.2016  19:57    <DIR>          fotokasten comfort

18.12.2015  19:30    <DIR>          FreeCodecPack

02.02.2010  20:05    <DIR>          FreeCommander

17.06.2010  11:05    <DIR>          FTD.de

03.06.2015  21:20    <DIR>          Google

18.05.2011  21:23    <DIR>          grafstat4

25.11.2013  21:50    <DIR>          HP

20.06.2014  02:37    <DIR>          HTC

27.11.2013  13:29    <DIR>          Inforall

24.01.2010  05:32    <DIR>          Intel

22.06.2015  21:30    <DIR>          Internet Explorer

24.01.2010  05:32    <DIR>          InterVideo

14.01.2012  19:46    <DIR>          IrfanView

01.05.2016  15:46    <DIR>          Java

06.02.2013  20:49    <DIR>          JDownloader

28.05.2016  16:54    <DIR>          Kaspersky Lab

13.06.2013  20:25    <DIR>          kleiner_brauhelfer

29.10.2012  10:23    <DIR>          Kodak

29.10.2012  18:20    <DIR>          Kroll Ontrack

02.12.2011  01:46    <DIR>          Lexware

02.02.2010  22:49    <DIR>          Lottoschein-Check

17.05.2013  23:31    <DIR>          MAGIX

26.09.2016  22:33    <DIR>          Malwarebytes Anti-Malware

24.01.2010  15:25    <DIR>          Marvell

18.03.2015  20:21    <DIR>          Microsoft

18.03.2015  13:06    <DIR>          Microsoft Office

24.01.2010  05:33    <DIR>          Microsoft Office Communicator

27.06.2016  08:16    <DIR>          Microsoft Silverlight

25.01.2010  23:47    <DIR>          Microsoft Visual Studio

25.01.2010  23:41    <DIR>          Microsoft Visual Studio 8

18.03.2015  12:37    <DIR>          Microsoft Works

16.11.2010  09:49    <DIR>          Microsoft.NET

27.06.2015  15:17    <DIR>          Mighty Uninstaller

12.07.2015  14:55    <DIR>          MiniTool Partition Wizard Free 9.0

30.01.2010  14:20    <DIR>          MirandaFusion

09.04.2011  19:38    <DIR>          Mobile Master

09.05.2011  14:31    <DIR>          MOBILedit!

24.04.2011  14:46    <DIR>          MOBILedit! PhoneCopier

24.09.2016  19:57    <DIR>          moneyplex

18.01.2015  12:44    <DIR>          MozBackup

12.07.2015  11:39    <DIR>          Mozilla Firefox

11.07.2015  17:57    <DIR>          Mozilla Maintenance Service

25.01.2010  23:47    <DIR>          MSBuild

11.04.2013  13:21    <DIR>          MSECache

30.05.2011  23:15    <DIR>          MSXML 4.0

04.06.2012  14:00    <DIR>          NAVIGON

24.01.2010  05:33    <DIR>          NetWaiting

09.07.2012  20:12    <DIR>          Nitro PDF

09.08.2016  00:08    <DIR>          Notepad++

04.05.2010  00:11    <DIR>          Numus Auto Disk Builder and Burner

24.01.2010  15:26    <DIR>          O2Micro Flash Memory Card Driver

07.10.2013  20:32    <DIR>          OCSetup

20.11.2015  17:17    <DIR>          PDF24

12.12.2012  22:59    <DIR>          Pinnacle

28.05.2011  18:59    <DIR>          PSPP

13.03.2011  18:25    <DIR>          QuickTime Alternative

03.04.2014  18:45    <DIR>          RasWin

14.07.2009  07:32    <DIR>          Reference Assemblies

10.06.2014  15:31    <DIR>          RG eBook

09.05.2010  13:51    <DIR>          SAMSUNG

14.07.2015  17:41    <DIR>          SecuBrowser

16.12.2010  18:46    <DIR>          simfy VZ edition

06.04.2015  20:13    <DIR>          Skype

19.06.2014  22:39    <DIR>          Spirent Communications

13.04.2014  10:37    <DIR>          StarMoney Business 5.0

18.03.2010  20:51    <DIR>          StarPrint Limited

30.05.2011  16:48    <DIR>          StatSoft

25.08.2011  22:59    <DIR>          Stellar Phoenix PowerPoint Recovery

20.10.2013  22:44    <DIR>          StreamTransport

15.11.2012  14:17    <DIR>          Stundenplan

24.09.2016  20:38    <DIR>          Surf & E-Mail-Stick

08.10.2011  13:14    <DIR>          Switcher

12.02.2014  10:19    <DIR>          Synology

16.08.2016  11:12    <DIR>          TeamViewer

27.03.2010  21:25    <DIR>          TerraTec

31.12.2015  17:22    <DIR>          Tinypic

24.01.2010  15:11    <DIR>          Toshiba

26.03.2011  22:09    <DIR>          Toshiba TEMPRO

24.01.2010  05:34    <DIR>          Ulead Systems

04.05.2011  12:41    <DIR>          Universal Document Converter

30.07.2010  13:47    <DIR>          UPS Widget

09.05.2011  11:06    <DIR>          Verbindungsassistent

15.05.2010  15:20    <DIR>          VideoLAN

23.03.2012  11:28    <DIR>          Vodafone

10.08.2012  19:32    <DIR>          WatchTVPro Essential

02.12.2011  01:45    <DIR>          Wertpapieranalyse 2012

16.10.2013  12:56    <DIR>          Winamp

24.01.2010  05:34    <DIR>          Windows Calendar

21.01.2008  05:09    <DIR>          Windows Collaboration

18.03.2015  15:55    <DIR>          Windows Defender

21.06.2011  12:02    <DIR>          Windows Mail

24.01.2010  05:34    <DIR>          Windows Media Components

22.06.2015  21:30    <DIR>          Windows Media Player

14.07.2009  07:32    <DIR>          Windows NT

24.01.2010  05:34    <DIR>          Windows Photo Gallery

21.06.2011  12:02    <DIR>          Windows Photo Viewer

21.06.2011  12:02    <DIR>          Windows Portable Devices

21.06.2011  12:02    <DIR>          Windows Sidebar

27.11.2013  13:59    <DIR>          WinSCP

02.02.2010  00:46    <DIR>          WinTimeKill

04.05.2010  00:10    <DIR>          Xenocode

28.10.2015  22:25    <DIR>          {01615F43-3647-4928-8CB4-0B7F4F940DEA}

16.08.2015  14:20    <DIR>          {0F4AA5F5-B1C3-4A4E-B8BB-814F3FAAA4CA}

23.06.2016  05:07    <DIR>          {21FFFEFC-5DD2-4991-9B43-509D22668380}

29.06.2016  11:05    <DIR>          {34200A20-0B27-4742-B4A2-009E0EC4DA7E}

24.06.2016  17:18    <DIR>          {71834002-D354-430D-8859-FA657575900E}

28.11.2015  15:27    <DIR>          {7DD2579A-B226-4D61-BAA6-01947EBECE7D}

               0 Datei(en),              0 Bytes

             136 Verzeichnis(se),  7.185.129.472 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%ProgramData%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\ProgramData
 

09.06.2014  22:29    <DIR>          1&1 Sync

07.11.2015  09:53    <DIR>          Adobe

13.03.2011  17:53    <DIR>          Apple Computer

24.01.2010  15:21    <DIR>          ATI

26.07.2015  19:41    <DIR>          AVG

04.06.2012  14:06    <DIR>          boost_interprocess

27.10.2011  12:30    <DIR>          Brother

24.01.2010  05:34    <DIR>          Buhl Data Service GmbH

02.06.2014  17:41    <DIR>          Canon IJ Network Tool

10.08.2016  23:19    <DIR>          CanonIJPLM

02.06.2014  17:38    <DIR>          CanonIJWSpt

04.09.2014  14:45    <DIR>          Cisco

09.07.2010  12:36           159.464 DeviceManager.xml.rc4

04.12.2013  21:08    <DIR>          DivX

04.06.2015  09:52    <DIR>          Dropbox

24.01.2010  05:34    <DIR>          FLEXnet

15.12.2011  03:00    <DIR>          fotokasten comfort

03.06.2010  15:00    <DIR>          FREEDB

25.11.2013  21:51    <DIR>          HP

25.11.2013  21:51    <DIR>          HP Product Assistant

25.11.2013  22:05             3.493 hpzinstall.log

20.06.2014  02:37    <DIR>          HTC

26.03.2011  22:12    <DIR>          IsolatedStorage

27.09.2016  07:00    <DIR>          Kaspersky Lab

28.05.2016  16:56    <DIR>          Kaspersky Lab Setup Files

29.10.2012  10:24    <DIR>          Kodak

07.09.2016  20:14    <DIR>          launcher

24.08.2011  22:18                 0 LauncherAccess.dt

05.05.2016  19:40    <DIR>          Lexware

26.01.2010  18:02    <DIR>          Macrovision

17.05.2013  23:33    <DIR>          MAGIX

26.09.2016  22:33    <DIR>          Malwarebytes

23.06.2016  22:38    <DIR>          Malwarebytes' Anti-Malware (portable)

01.11.2011  01:31    <DIR>          maxdome

18.07.2010  19:07    <DIR>          McAfee

01.06.2016  21:50    <DIR>          Microsoft Help

09.04.2011  19:46    <DIR>          Mobile Master

22.07.2012  22:41    <DIR>          Mozilla

09.07.2012  20:12    <DIR>          Nitro PDF

01.04.2011  08:10    <DIR>          Norton

01.04.2011  08:08    <DIR>          NortonInstaller

19.05.2014  13:46           262.144 ntuser.dat

01.05.2016  16:45    <DIR>          Oracle

03.05.2010  22:18    <DIR>          PC Suite

12.12.2012  23:04    <DIR>          Pinnacle

27.05.2013  20:41    <DIR>          RapidSolution

24.01.2010  05:35    <DIR>          SiteAdvisor

16.09.2015  13:17    <DIR>          Skype

23.11.2011  22:54    <DIR>          StarMoney Business 5.0

30.05.2011  16:48    <DIR>          StatSoft

05.04.2010  01:57    <DIR>          Sun

01.04.2011  08:08    <DIR>          Symantec

12.02.2014  10:19    <DIR>          Synology

18.04.2013  09:30    <DIR>          TEMP

27.03.2010  21:25    <DIR>          TerraTec

24.01.2010  15:06    <DIR>          Toshiba

26.03.2011  22:12    <DIR>          TOSHIBA Tempro

24.01.2010  05:35    <DIR>          ToshibaEurope

16.10.2013  12:59    <DIR>          TuneUp Software

24.01.2010  05:35    <DIR>          Ulead Systems

20.05.2011  20:22    <DIR>          Vodafone

05.04.2010  13:59    <DIR>          WEBREG

26.01.2010  00:04    <DIR>          WISO B”rse 2009

02.12.2011  01:45    <DIR>          World Money

24.01.2010  05:35    <DIR>          {174892B1-CBE7-44F5-86FF-AB555EFD73A3}

               4 Datei(en),        425.101 Bytes

              61 Verzeichnis(se),  7.185.125.376 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%Appdata%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Users\Chris\AppData\Roaming
 

26.09.2016  21:58    <DIR>          .

26.09.2016  21:58    <DIR>          ..

21.06.2011  13:27    <DIR>          Adobe

29.09.2010  00:10    <DIR>          Amazon

19.06.2014  22:41    <DIR>          Apple Computer

24.01.2010  05:44    <DIR>          ATI

05.08.2011  22:01    <DIR>          Avery

26.07.2015  19:41    <DIR>          AVG

20.03.2010  10:44    <DIR>          Brother

25.01.2010  23:59    <DIR>          Buhl Data Service

18.11.2011  17:46    <DIR>          Buhl Data Service GmbH

27.07.2014  11:18    <DIR>          Canon

30.07.2010  13:47    <DIR>          com.polythink.ups.wda.03EBA0C726630DF115D9764F9B83F5185396D811.1

10.06.2014  15:32    <DIR>          com.radeberger-gruppe.ebook

25.11.2013  22:05               697 ConvAPIPlugin.log

07.05.2016  17:09    <DIR>          DataDesign

11.03.2015  16:52    <DIR>          DivX

12.07.2015  11:09    <DIR>          dlg

09.07.2012  20:09    <DIR>          Downloaded Installations

25.09.2016  15:22    <DIR>          Dropbox

10.11.2013  22:41    <DIR>          dvdcss

18.12.2015  19:38    <DIR>          DVDVideoSoft

30.07.2010  14:58    <DIR>          EurekaLog

31.07.2010  00:48    <DIR>          FileZilla

25.01.2010  23:15    <DIR>          FLEXnet

02.02.2010  20:05    <DIR>          FreeCommander

17.06.2010  13:12    <DIR>          FTD

13.06.2013  20:26    <DIR>          Gremmelsoft

15.06.2011  21:15    <DIR>          gtk-2.0

27.07.2010  21:03    <DIR>          HP

27.10.2015  09:29    <DIR>          HpUpdate

20.06.2014  02:37    <DIR>          HTC

28.01.2010  00:09    <DIR>          Identities

27.10.2011  12:30    <DIR>          InstallShield

14.01.2012  19:46    <DIR>          IrfanView

09.04.2011  19:37    <DIR>          Jumping Bytes

01.02.2010  23:19    <DIR>          LetsTrade

02.12.2011  19:52    <DIR>          Lexware

24.01.2010  05:44    <DIR>          Macromedia

27.01.2010  18:31    <DIR>          Macrovision

27.05.2013  20:24    <DIR>          MAGIX

09.10.2014  17:15    <DIR>          Marmiko IT-Solutions GmbH

14.07.2009  20:18    <DIR>          Media Center Programs

30.01.2010  16:24    <DIR>          Miranda Fusion

23.04.2011  18:10    <DIR>          Mobile Master

09.05.2011  14:24    <DIR>          MOBILedit

03.04.2011  14:32    <DIR>          MOBILedit! PhoneCopier

18.01.2015  11:21    <DIR>          Mozilla

26.01.2010  00:11    <DIR>          myphotobook

09.08.2016  23:24    <DIR>          Nitro PDF

09.08.2016  00:13    <DIR>          Notepad++

04.05.2010  00:10    <DIR>          NumusAutoDiskBuilder

21.05.2013  00:03    <DIR>          Opera

20.12.2014  18:28    <DIR>          Oracle

03.05.2010  22:18    <DIR>          PC Suite

15.07.2011  14:35               106 psppirerc

14.04.2014  19:31    <DIR>          RasWin

09.05.2010  13:59    <DIR>          Samsung

16.09.2015  13:17    <DIR>          Skype

02.02.2010  21:06    <DIR>          skypePM

30.05.2011  16:49    <DIR>          Softland

30.05.2011  16:51    <DIR>          StatSoft

30.07.2010  14:47    <DIR>          Stephan Muller

01.05.2016  15:48    <DIR>          Sun

20.08.2015  22:01    <DIR>          TeamViewer

16.10.2012  08:21    <DIR>          Temp

31.03.2010  17:45    <DIR>          TerraTec

13.07.2011  11:50    <DIR>          TOSHIBA

16.10.2013  12:55    <DIR>          TuneUp Software

01.11.2012  15:56    <DIR>          U3

04.05.2011  12:41    <DIR>          UDC Profiles

14.02.2011  11:32    <DIR>          Ulead Systems

12.07.2015  11:14               275 uninstall.bat

01.06.2016  17:42    <DIR>          vlc

24.01.2010  05:44    <DIR>          Vodafone

11.12.2011  04:03    <DIR>          Winamp

24.04.2010  15:24    <DIR>          WinRAR

16.12.2013  12:54               600 winscp.rnd

26.01.2010  00:19                 0 wklnhst.dat

               5 Datei(en),          1.678 Bytes

              74 Verzeichnis(se),  7.185.121.280 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%LocalAppdata%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Users\Chris\AppData\Local
 

27.09.2016  17:40    <DIR>          .

27.09.2016  17:40    <DIR>          ..

20.11.2015  17:36    <DIR>          Adobe

19.06.2014  22:41    <DIR>          Apple Computer

22.03.2010  00:37    <DIR>          Apps

30.07.2010  14:48    <DIR>          assembly

24.01.2010  05:44    <DIR>          ATI

26.07.2015  19:41    <DIR>          Avg

16.10.2013  13:01    <DIR>          Avg2014

25.01.2010  23:59    <DIR>          Buhl Data Service

20.11.2015  17:36    <DIR>          CEF

06.03.2013  18:06    <DIR>          Cisco

24.02.2014  19:33             6.656 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

02.10.2013  12:40    <DIR>          DDMSettings

27.09.2016  07:02    <DIR>          Deployment

31.05.2011  11:18    <DIR>          Diagnostics

07.09.2016  18:45    <DIR>          Downloaded Installations

16.04.2016  11:08    <DIR>          Dropbox

16.11.2010  23:37                79 DVDPATH.TXT

16.10.2012  08:28    <DIR>          Eastman Kodak Company

29.10.2012  10:20    <DIR>          Eastman_Kodak_Company

02.02.2015  20:52    <DIR>          ElevatedDiagnostics

18.12.2015  20:05    <DIR>          fotokasten comfort

15.12.2011  02:26    <DIR>          fotokasten_GmbH

12.02.2016  11:34           138.936 GDIPFONTCACHEV1.DAT

11.06.2014  00:01    <DIR>          gegl-0.2

28.10.2011  23:49    <DIR>          Google

04.09.2014  21:59    <DIR>          gtk-2.0

28.06.2015  20:45    <DIR>          GWX

05.04.2010  13:55    <DIR>          HP

25.05.2011  21:19    <DIR>          ISI

13.12.2012  00:37    <DIR>          IsolatedStorage

16.10.2012  08:32               236 LaunchHomeCenter.log

02.12.2011  01:49    <DIR>          Lexware

01.02.2013  14:03    <DIR>          Logitech

17.01.2013  10:00    <DIR>          Macromedia

15.05.2010  15:08    <DIR>          MAGIX

09.10.2014  17:15    <DIR>          Marmiko IT-Solutions GmbH

27.06.2015  14:27    <DIR>          Microsoft

12.07.2010  22:04    <DIR>          Microsoft Help

16.11.2011  18:36             1.516 MiniAssist.ini

21.06.2011  13:36             1.516 MiniAssist.ini.bak

16.11.2011  19:06            71.452 MiniAssist.log

07.05.2011  16:55    <DIR>          Mobile Master

02.10.2013  12:49    <DIR>          Mozilla

01.12.2012  14:46    <DIR>          Nexway

20.07.2011  11:54    <DIR>          PDF24

13.12.2012  00:37    <DIR>          Pinnacle

13.12.2012  00:37    <DIR>          Pinnacle Systems GmbH

26.01.2010  18:03    <DIR>          Programs

27.05.2013  20:37    <DIR>          RapidSolution

04.09.2014  21:59            10.170 recently-used.xbel

18.03.2015  15:02             7.601 resmon.resmoncfg

06.04.2015  20:14    <DIR>          Skype

18.03.2010  20:53    <DIR>          StarPrint Limited

31.01.2016  12:29    <DIR>          TeamViewer

27.09.2016  22:18    <DIR>          Temp

02.05.2010  15:28    <DIR>          Toshiba

03.05.2011  22:13    <DIR>          VirtualStore

28.05.2016  15:44    <DIR>          WEB.DE Application {sync-000021}

04.05.2010  00:10    <DIR>          Xenocode

27.11.2013  22:31         2.529.622 [j0019]-[p04].bmp

24.01.2010  05:44    <DIR>          {488CA21E-322E-4720-8CF4-9B475A5D5676}

20.05.2011  20:17    <DIR>          {51118E21-1324-4510-AB66-D6360E215EF3}

              10 Datei(en),      2.767.784 Bytes

              54 Verzeichnis(se),  7.185.117.184 Bytes frei
 

========= Ende von CMD: =========
 
 

========= RemoveProxy: =========
 

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
 
 

========= Ende von RemoveProxy: =========
 
 

========= ipconfig /flushdns =========
 
 

Windows-IP-Konfiguration
 

Der DNS-Aufl”sungscache wurde geleert.
 

========= Ende von CMD: =========
 
 

========= netsh winsock reset =========
 
 

Der Winsock-Katalog wurde zurckgesetzt.

Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
 
 

========= Ende von CMD: =========
 
 

=========== EmptyTemp: ==========
 

BITS transfer queue => 8388608 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2100480 B

Java, Flash, Steam htmlcache => 492 B

Windows/system/drivers => 840 B

Edge => 0 B

Chrome => 0 B

Fixlog

Code:



Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2016

durchgeführt von Chris (27-09-2016 22:33:18) Run:3

Gestartet von C:\Users\Chris\Desktop

Geladene Profile: Chris (Verfügbare Profile: Chris & Gast)

Start-Modus: Normal

==============================================
 

fixlist Inhalt:

*****************

start

CloseProcesses:

C:\Program Files (x86)\Winload

HKLM-x32\...\Run: [] => [X]

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG

Task: {7FED724C-9CDF-458C-8B90-F268EA033E74} - System32\Tasks\{69CE9557-BA97-4474-A45E-0968A6CA6AD2} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp2_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

Task: {8936FA70-2D15-4D08-B70D-514777D204FF} - System32\Tasks\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0} => pcalua.exe -a "C:\Users\Chris\AppData\Local\Temp\Temp1_Treiber - DA2 Hybrid.zip\driver\yInstallTools.exe" <==== ACHTUNG

Task: {93F317F6-81A7-40BC-B552-BEDDE69C2C73} - System32\Tasks\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0} => pcalua.exe -a C:\Users\Chris\AppData\Local\Temp\Temp1_MDLChime26SP7.zip\MDLChime26SP7.exe <==== ACHTUNG

AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]

AlternateDataStreams: C:\ProgramData\TEMP:B6AC352B [127]

CMD: dir "%ProgramFiles%"

CMD: dir "%ProgramFiles(x86)%"

CMD: dir "%ProgramData%"

CMD: dir "%Appdata%"

CMD: dir "%LocalAppdata%"

RemoveProxy:

CMD: ipconfig /flushdns

CMD: netsh winsock reset

EmptyTemp:

end

*****************
 

Prozess erfolgreich geschlossen.

"C:\Program Files (x86)\Winload" => nicht gefunden.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert nicht gefunden.

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel nicht gefunden. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FED724C-9CDF-458C-8B90-F268EA033E74} => Schlüssel nicht gefunden. 

C:\Windows\System32\Tasks\{69CE9557-BA97-4474-A45E-0968A6CA6AD2} => nicht gefunden.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{69CE9557-BA97-4474-A45E-0968A6CA6AD2} => Schlüssel nicht gefunden. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8936FA70-2D15-4D08-B70D-514777D204FF} => Schlüssel nicht gefunden. 

C:\Windows\System32\Tasks\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0} => nicht gefunden.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B7F8DD47-1AF0-4331-99C5-99A57978CDC0} => Schlüssel nicht gefunden. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93F317F6-81A7-40BC-B552-BEDDE69C2C73} => Schlüssel nicht gefunden. 

C:\Windows\System32\Tasks\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0} => nicht gefunden.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D337A8EA-BAE2-4B71-8DC6-8F42326160B0} => Schlüssel nicht gefunden. 

"C:\ProgramData\sdpsenv.dat" => ":naughtypirates" ADS nicht gefunden.

"C:\ProgramData\TEMP" => ":B6AC352B" ADS nicht gefunden.
 

========= dir "%ProgramFiles%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Program Files
 

26.09.2016  21:58    <DIR>          .

26.09.2016  21:58    <DIR>          ..

23.04.2011  13:09    <DIR>          7-Zip

24.01.2010  05:26    <DIR>          Apoint2K

24.01.2010  05:31    <DIR>          ATI

02.06.2014  17:34    <DIR>          Canon

13.09.2015  19:25    <DIR>          Common Files

24.01.2010  05:31    <DIR>          CONEXANT

24.01.2010  15:21    <DIR>          DIFX

04.12.2013  21:07    <DIR>          DivX

21.06.2011  12:02    <DIR>          DVD Maker

16.10.2013  13:35    <DIR>          GIMP 2

22.06.2015  21:30    <DIR>          Internet Explorer

20.12.2014  18:31    <DIR>          Java

01.02.2013  14:02    <DIR>          Logitech

04.06.2011  00:21    <DIR>          maxdome

24.01.2010  05:31    <DIR>          Microsoft Games

19.03.2015  12:12    <DIR>          Microsoft Mouse and Keyboard Center

25.01.2010  23:41    <DIR>          Microsoft Office

27.06.2016  08:16    <DIR>          Microsoft Silverlight

14.07.2009  07:32    <DIR>          MSBuild

07.09.2016  19:05    <DIR>          Paragon Software

04.09.2011  13:48    <DIR>          PlayReady

14.07.2009  07:32    <DIR>          Reference Assemblies

24.01.2010  15:28    <DIR>          Toshiba

24.01.2010  05:31    <DIR>          Windows Calendar

24.01.2010  05:31    <DIR>          Windows Collaboration

18.03.2015  15:55    <DIR>          Windows Defender

22.06.2015  21:30    <DIR>          Windows Journal

21.06.2011  12:02    <DIR>          Windows Mail

22.06.2015  21:30    <DIR>          Windows Media Player

24.01.2010  06:27    <DIR>          Windows NT

24.01.2010  05:31    <DIR>          Windows Photo Gallery

21.06.2011  12:02    <DIR>          Windows Photo Viewer

21.06.2011  12:02    <DIR>          Windows Portable Devices

21.06.2011  12:02    <DIR>          Windows Sidebar

24.04.2010  15:24    <DIR>          WinRAR

15.10.2015  09:51    <DIR>          {08182E2D-B449-4D76-A8B3-A36FF9A8CE4E}

03.07.2016  16:37    <DIR>          {0BA15EA7-137E-47DE-9952-536F0754F5C6}

26.09.2016  21:58    <DIR>          {16916AFE-57EE-48FB-AD4A-6A0BA8760DBD}

16.01.2016  18:20    <DIR>          {2E581B0F-78F6-46EC-963C-74734453F68B}

24.09.2016  20:34    <DIR>          {59DC0B16-6721-47A2-8A18-638F86DE577B}

15.03.2016  12:13    <DIR>          {5DE52103-CB18-4C18-9731-CA12C6608B4E}

27.06.2016  08:45    <DIR>          {6898554C-783C-4ABE-BB8A-0D19E0BBD00E}

24.06.2016  17:18    <DIR>          {7F691B94-EC20-4AB1-B359-65F7E779A79A}

18.04.2016  17:31    <DIR>          {846F4C8A-F6AD-4D76-803E-FA53E52E7B77}

01.04.2016  10:48    <DIR>          {A8AB7588-B27F-4596-8EBA-B7BCEF12A0C1}

22.06.2016  18:34    <DIR>          {C424C90C-BE90-4C5A-B85C-A058A6CFD745}

10.09.2016  16:25    <DIR>          {CACC03DD-9A08-4DDD-835C-48048033E61E}

28.10.2015  22:25    <DIR>          {D7139FD5-6BBD-4CBF-8C21-770ED5ECB337}

15.08.2016  09:17    <DIR>          {ECA3C7D6-410D-4C8C-97D0-99041876CB1E}

12.11.2015  09:26    <DIR>          {F1F8D207-809B-4951-821A-9AFC3E8EF560}

19.08.2016  20:08    <DIR>          {F7F09E8D-C722-4D76-8582-F88D0B42ADCE}

               0 Datei(en),              0 Bytes

              53 Verzeichnis(se),  6.227.324.928 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%ProgramFiles(x86)%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Program Files (x86)
 

27.09.2016  22:25    <DIR>          .

27.09.2016  22:25    <DIR>          ..

24.01.2010  05:31    <DIR>          Activation Assistant for the 2007 Microsoft Office suites

07.11.2015  09:53    <DIR>          Adobe

31.03.2013  02:15    <DIR>          AKVIS

29.09.2010  00:08    <DIR>          Amazon

24.01.2010  15:20    <DIR>          ATI Technologies

27.05.2013  20:41    <DIR>          Audials

24.09.2016  19:41    <DIR>          Auktionatrix

05.08.2011  21:57    <DIR>          Avery

26.07.2015  19:41    <DIR>          AVG

03.12.2012  21:58    <DIR>          Brother

17.11.2011  02:12    <DIR>          Buhl

23.11.2011  22:51    <DIR>          Business Objects

24.01.2010  15:21    <DIR>          Camera Assistant Software for Toshiba

02.06.2014  17:41    <DIR>          Canon

09.08.2016  00:07    <DIR>          Chip Digital GmbH

04.09.2014  14:45    <DIR>          Cisco

28.05.2016  16:54    <DIR>          Common Files

08.05.2011  14:03    <DIR>          COMPELSON Labs

09.05.2011  14:40    <DIR>          Compiled Driver Disc (Full)

08.05.2011  15:42    <DIR>          Compiled Driver Disk (Samsung)

04.12.2013  21:08    <DIR>          DivX

18.12.2015  19:31    <DIR>          DVDVideoSoft

14.02.2011  16:49    <DIR>          Elaborate Bytes

26.07.2010  23:46    <DIR>          EpsonNet

09.01.2012  18:30    <DIR>          Equip

09.01.2012  17:51    <DIR>          EQUIP CAPI

30.07.2010  19:58    <DIR>          FileZilla FTP Client

24.09.2016  19:57    <DIR>          fotokasten comfort

18.12.2015  19:30    <DIR>          FreeCodecPack

02.02.2010  20:05    <DIR>          FreeCommander

17.06.2010  11:05    <DIR>          FTD.de

03.06.2015  21:20    <DIR>          Google

18.05.2011  21:23    <DIR>          grafstat4

25.11.2013  21:50    <DIR>          HP

20.06.2014  02:37    <DIR>          HTC

27.11.2013  13:29    <DIR>          Inforall

24.01.2010  05:32    <DIR>          Intel

22.06.2015  21:30    <DIR>          Internet Explorer

24.01.2010  05:32    <DIR>          InterVideo

14.01.2012  19:46    <DIR>          IrfanView

01.05.2016  15:46    <DIR>          Java

06.02.2013  20:49    <DIR>          JDownloader

28.05.2016  16:54    <DIR>          Kaspersky Lab

13.06.2013  20:25    <DIR>          kleiner_brauhelfer

29.10.2012  10:23    <DIR>          Kodak

29.10.2012  18:20    <DIR>          Kroll Ontrack

02.12.2011  01:46    <DIR>          Lexware

02.02.2010  22:49    <DIR>          Lottoschein-Check

17.05.2013  23:31    <DIR>          MAGIX

26.09.2016  22:33    <DIR>          Malwarebytes Anti-Malware

24.01.2010  15:25    <DIR>          Marvell

18.03.2015  20:21    <DIR>          Microsoft

18.03.2015  13:06    <DIR>          Microsoft Office

24.01.2010  05:33    <DIR>          Microsoft Office Communicator

27.06.2016  08:16    <DIR>          Microsoft Silverlight

25.01.2010  23:47    <DIR>          Microsoft Visual Studio

25.01.2010  23:41    <DIR>          Microsoft Visual Studio 8

18.03.2015  12:37    <DIR>          Microsoft Works

16.11.2010  09:49    <DIR>          Microsoft.NET

27.06.2015  15:17    <DIR>          Mighty Uninstaller

12.07.2015  14:55    <DIR>          MiniTool Partition Wizard Free 9.0

30.01.2010  14:20    <DIR>          MirandaFusion

09.04.2011  19:38    <DIR>          Mobile Master

09.05.2011  14:31    <DIR>          MOBILedit!

24.04.2011  14:46    <DIR>          MOBILedit! PhoneCopier

24.09.2016  19:57    <DIR>          moneyplex

18.01.2015  12:44    <DIR>          MozBackup

12.07.2015  11:39    <DIR>          Mozilla Firefox

11.07.2015  17:57    <DIR>          Mozilla Maintenance Service

25.01.2010  23:47    <DIR>          MSBuild

11.04.2013  13:21    <DIR>          MSECache

30.05.2011  23:15    <DIR>          MSXML 4.0

04.06.2012  14:00    <DIR>          NAVIGON

24.01.2010  05:33    <DIR>          NetWaiting

09.07.2012  20:12    <DIR>          Nitro PDF

09.08.2016  00:08    <DIR>          Notepad++

04.05.2010  00:11    <DIR>          Numus Auto Disk Builder and Burner

24.01.2010  15:26    <DIR>          O2Micro Flash Memory Card Driver

07.10.2013  20:32    <DIR>          OCSetup

20.11.2015  17:17    <DIR>          PDF24

12.12.2012  22:59    <DIR>          Pinnacle

28.05.2011  18:59    <DIR>          PSPP

13.03.2011  18:25    <DIR>          QuickTime Alternative

03.04.2014  18:45    <DIR>          RasWin

14.07.2009  07:32    <DIR>          Reference Assemblies

10.06.2014  15:31    <DIR>          RG eBook

09.05.2010  13:51    <DIR>          SAMSUNG

14.07.2015  17:41    <DIR>          SecuBrowser

16.12.2010  18:46    <DIR>          simfy VZ edition

06.04.2015  20:13    <DIR>          Skype

19.06.2014  22:39    <DIR>          Spirent Communications

13.04.2014  10:37    <DIR>          StarMoney Business 5.0

18.03.2010  20:51    <DIR>          StarPrint Limited

30.05.2011  16:48    <DIR>          StatSoft

25.08.2011  22:59    <DIR>          Stellar Phoenix PowerPoint Recovery

20.10.2013  22:44    <DIR>          StreamTransport

15.11.2012  14:17    <DIR>          Stundenplan

24.09.2016  20:38    <DIR>          Surf & E-Mail-Stick

08.10.2011  13:14    <DIR>          Switcher

12.02.2014  10:19    <DIR>          Synology

16.08.2016  11:12    <DIR>          TeamViewer

27.03.2010  21:25    <DIR>          TerraTec

31.12.2015  17:22    <DIR>          Tinypic

24.01.2010  15:11    <DIR>          Toshiba

26.03.2011  22:09    <DIR>          Toshiba TEMPRO

24.01.2010  05:34    <DIR>          Ulead Systems

04.05.2011  12:41    <DIR>          Universal Document Converter

30.07.2010  13:47    <DIR>          UPS Widget

09.05.2011  11:06    <DIR>          Verbindungsassistent

15.05.2010  15:20    <DIR>          VideoLAN

23.03.2012  11:28    <DIR>          Vodafone

10.08.2012  19:32    <DIR>          WatchTVPro Essential

02.12.2011  01:45    <DIR>          Wertpapieranalyse 2012

16.10.2013  12:56    <DIR>          Winamp

24.01.2010  05:34    <DIR>          Windows Calendar

21.01.2008  05:09    <DIR>          Windows Collaboration

18.03.2015  15:55    <DIR>          Windows Defender

21.06.2011  12:02    <DIR>          Windows Mail

24.01.2010  05:34    <DIR>          Windows Media Components

22.06.2015  21:30    <DIR>          Windows Media Player

14.07.2009  07:32    <DIR>          Windows NT

24.01.2010  05:34    <DIR>          Windows Photo Gallery

21.06.2011  12:02    <DIR>          Windows Photo Viewer

21.06.2011  12:02    <DIR>          Windows Portable Devices

21.06.2011  12:02    <DIR>          Windows Sidebar

27.11.2013  13:59    <DIR>          WinSCP

02.02.2010  00:46    <DIR>          WinTimeKill

04.05.2010  00:10    <DIR>          Xenocode

28.10.2015  22:25    <DIR>          {01615F43-3647-4928-8CB4-0B7F4F940DEA}

16.08.2015  14:20    <DIR>          {0F4AA5F5-B1C3-4A4E-B8BB-814F3FAAA4CA}

23.06.2016  05:07    <DIR>          {21FFFEFC-5DD2-4991-9B43-509D22668380}

29.06.2016  11:05    <DIR>          {34200A20-0B27-4742-B4A2-009E0EC4DA7E}

24.06.2016  17:18    <DIR>          {71834002-D354-430D-8859-FA657575900E}

28.11.2015  15:27    <DIR>          {7DD2579A-B226-4D61-BAA6-01947EBECE7D}

               0 Datei(en),              0 Bytes

             136 Verzeichnis(se),  6.227.316.736 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%ProgramData%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\ProgramData
 

09.06.2014  22:29    <DIR>          1&1 Sync

07.11.2015  09:53    <DIR>          Adobe

13.03.2011  17:53    <DIR>          Apple Computer

24.01.2010  15:21    <DIR>          ATI

26.07.2015  19:41    <DIR>          AVG

04.06.2012  14:06    <DIR>          boost_interprocess

27.10.2011  12:30    <DIR>          Brother

24.01.2010  05:34    <DIR>          Buhl Data Service GmbH

02.06.2014  17:41    <DIR>          Canon IJ Network Tool

10.08.2016  23:19    <DIR>          CanonIJPLM

02.06.2014  17:38    <DIR>          CanonIJWSpt

04.09.2014  14:45    <DIR>          Cisco

09.07.2010  12:36           159.464 DeviceManager.xml.rc4

04.12.2013  21:08    <DIR>          DivX

04.06.2015  09:52    <DIR>          Dropbox

24.01.2010  05:34    <DIR>          FLEXnet

15.12.2011  03:00    <DIR>          fotokasten comfort

03.06.2010  15:00    <DIR>          FREEDB

25.11.2013  21:51    <DIR>          HP

25.11.2013  21:51    <DIR>          HP Product Assistant

25.11.2013  22:05             3.493 hpzinstall.log

20.06.2014  02:37    <DIR>          HTC

26.03.2011  22:12    <DIR>          IsolatedStorage

27.09.2016  22:25    <DIR>          Kaspersky Lab

28.05.2016  16:56    <DIR>          Kaspersky Lab Setup Files

29.10.2012  10:24    <DIR>          Kodak

07.09.2016  20:14    <DIR>          launcher

24.08.2011  22:18                 0 LauncherAccess.dt

05.05.2016  19:40    <DIR>          Lexware

26.01.2010  18:02    <DIR>          Macrovision

17.05.2013  23:33    <DIR>          MAGIX

26.09.2016  22:33    <DIR>          Malwarebytes

23.06.2016  22:38    <DIR>          Malwarebytes' Anti-Malware (portable)

01.11.2011  01:31    <DIR>          maxdome

18.07.2010  19:07    <DIR>          McAfee

01.06.2016  21:50    <DIR>          Microsoft Help

09.04.2011  19:46    <DIR>          Mobile Master

22.07.2012  22:41    <DIR>          Mozilla

09.07.2012  20:12    <DIR>          Nitro PDF

01.04.2011  08:10    <DIR>          Norton

01.04.2011  08:08    <DIR>          NortonInstaller

19.05.2014  13:46           262.144 ntuser.dat

01.05.2016  16:45    <DIR>          Oracle

03.05.2010  22:18    <DIR>          PC Suite

12.12.2012  23:04    <DIR>          Pinnacle

27.05.2013  20:41    <DIR>          RapidSolution

24.01.2010  05:35    <DIR>          SiteAdvisor

16.09.2015  13:17    <DIR>          Skype

23.11.2011  22:54    <DIR>          StarMoney Business 5.0

30.05.2011  16:48    <DIR>          StatSoft

05.04.2010  01:57    <DIR>          Sun

01.04.2011  08:08    <DIR>          Symantec

12.02.2014  10:19    <DIR>          Synology

18.04.2013  09:30    <DIR>          TEMP

27.03.2010  21:25    <DIR>          TerraTec

24.01.2010  15:06    <DIR>          Toshiba

26.03.2011  22:12    <DIR>          TOSHIBA Tempro

24.01.2010  05:35    <DIR>          ToshibaEurope

16.10.2013  12:59    <DIR>          TuneUp Software

24.01.2010  05:35    <DIR>          Ulead Systems

20.05.2011  20:22    <DIR>          Vodafone

05.04.2010  13:59    <DIR>          WEBREG

26.01.2010  00:04    <DIR>          WISO B”rse 2009

02.12.2011  01:45    <DIR>          World Money

24.01.2010  05:35    <DIR>          {174892B1-CBE7-44F5-86FF-AB555EFD73A3}

               4 Datei(en),        425.101 Bytes

              61 Verzeichnis(se),  6.227.312.640 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%Appdata%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Users\Chris\AppData\Roaming
 

26.09.2016  21:58    <DIR>          .

26.09.2016  21:58    <DIR>          ..

21.06.2011  13:27    <DIR>          Adobe

29.09.2010  00:10    <DIR>          Amazon

19.06.2014  22:41    <DIR>          Apple Computer

24.01.2010  05:44    <DIR>          ATI

05.08.2011  22:01    <DIR>          Avery

26.07.2015  19:41    <DIR>          AVG

20.03.2010  10:44    <DIR>          Brother

25.01.2010  23:59    <DIR>          Buhl Data Service

18.11.2011  17:46    <DIR>          Buhl Data Service GmbH

27.07.2014  11:18    <DIR>          Canon

30.07.2010  13:47    <DIR>          com.polythink.ups.wda.03EBA0C726630DF115D9764F9B83F5185396D811.1

10.06.2014  15:32    <DIR>          com.radeberger-gruppe.ebook

25.11.2013  22:05               697 ConvAPIPlugin.log

07.05.2016  17:09    <DIR>          DataDesign

11.03.2015  16:52    <DIR>          DivX

12.07.2015  11:09    <DIR>          dlg

09.07.2012  20:09    <DIR>          Downloaded Installations

25.09.2016  15:22    <DIR>          Dropbox

10.11.2013  22:41    <DIR>          dvdcss

18.12.2015  19:38    <DIR>          DVDVideoSoft

30.07.2010  14:58    <DIR>          EurekaLog

31.07.2010  00:48    <DIR>          FileZilla

25.01.2010  23:15    <DIR>          FLEXnet

02.02.2010  20:05    <DIR>          FreeCommander

17.06.2010  13:12    <DIR>          FTD

13.06.2013  20:26    <DIR>          Gremmelsoft

15.06.2011  21:15    <DIR>          gtk-2.0

27.07.2010  21:03    <DIR>          HP

27.10.2015  09:29    <DIR>          HpUpdate

20.06.2014  02:37    <DIR>          HTC

28.01.2010  00:09    <DIR>          Identities

27.10.2011  12:30    <DIR>          InstallShield

14.01.2012  19:46    <DIR>          IrfanView

09.04.2011  19:37    <DIR>          Jumping Bytes

01.02.2010  23:19    <DIR>          LetsTrade

02.12.2011  19:52    <DIR>          Lexware

24.01.2010  05:44    <DIR>          Macromedia

27.01.2010  18:31    <DIR>          Macrovision

27.05.2013  20:24    <DIR>          MAGIX

09.10.2014  17:15    <DIR>          Marmiko IT-Solutions GmbH

14.07.2009  20:18    <DIR>          Media Center Programs

30.01.2010  16:24    <DIR>          Miranda Fusion

23.04.2011  18:10    <DIR>          Mobile Master

09.05.2011  14:24    <DIR>          MOBILedit

03.04.2011  14:32    <DIR>          MOBILedit! PhoneCopier

18.01.2015  11:21    <DIR>          Mozilla

26.01.2010  00:11    <DIR>          myphotobook

09.08.2016  23:24    <DIR>          Nitro PDF

09.08.2016  00:13    <DIR>          Notepad++

04.05.2010  00:10    <DIR>          NumusAutoDiskBuilder

21.05.2013  00:03    <DIR>          Opera

20.12.2014  18:28    <DIR>          Oracle

03.05.2010  22:18    <DIR>          PC Suite

15.07.2011  14:35               106 psppirerc

14.04.2014  19:31    <DIR>          RasWin

09.05.2010  13:59    <DIR>          Samsung

16.09.2015  13:17    <DIR>          Skype

02.02.2010  21:06    <DIR>          skypePM

30.05.2011  16:49    <DIR>          Softland

30.05.2011  16:51    <DIR>          StatSoft

30.07.2010  14:47    <DIR>          Stephan Muller

01.05.2016  15:48    <DIR>          Sun

20.08.2015  22:01    <DIR>          TeamViewer

16.10.2012  08:21    <DIR>          Temp

31.03.2010  17:45    <DIR>          TerraTec

13.07.2011  11:50    <DIR>          TOSHIBA

16.10.2013  12:55    <DIR>          TuneUp Software

01.11.2012  15:56    <DIR>          U3

04.05.2011  12:41    <DIR>          UDC Profiles

14.02.2011  11:32    <DIR>          Ulead Systems

12.07.2015  11:14               275 uninstall.bat

01.06.2016  17:42    <DIR>          vlc

24.01.2010  05:44    <DIR>          Vodafone

11.12.2011  04:03    <DIR>          Winamp

24.04.2010  15:24    <DIR>          WinRAR

16.12.2013  12:54               600 winscp.rnd

26.01.2010  00:19                 0 wklnhst.dat

               5 Datei(en),          1.678 Bytes

              74 Verzeichnis(se),  6.227.308.544 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%LocalAppdata%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Users\Chris\AppData\Local
 

27.09.2016  22:19    <DIR>          .

27.09.2016  22:19    <DIR>          ..

20.11.2015  17:36    <DIR>          Adobe

19.06.2014  22:41    <DIR>          Apple Computer

22.03.2010  00:37    <DIR>          Apps

30.07.2010  14:48    <DIR>          assembly

24.01.2010  05:44    <DIR>          ATI

26.07.2015  19:41    <DIR>          Avg

16.10.2013  13:01    <DIR>          Avg2014

25.01.2010  23:59    <DIR>          Buhl Data Service

20.11.2015  17:36    <DIR>          CEF

06.03.2013  18:06    <DIR>          Cisco

24.02.2014  19:33             6.656 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

02.10.2013  12:40    <DIR>          DDMSettings

27.09.2016  22:26    <DIR>          Deployment

31.05.2011  11:18    <DIR>          Diagnostics

07.09.2016  18:45    <DIR>          Downloaded Installations

16.04.2016  11:08    <DIR>          Dropbox

16.11.2010  23:37                79 DVDPATH.TXT

16.10.2012  08:28    <DIR>          Eastman Kodak Company

29.10.2012  10:20    <DIR>          Eastman_Kodak_Company

02.02.2015  20:52    <DIR>          ElevatedDiagnostics

18.12.2015  20:05    <DIR>          fotokasten comfort

15.12.2011  02:26    <DIR>          fotokasten_GmbH

12.02.2016  11:34           138.936 GDIPFONTCACHEV1.DAT

11.06.2014  00:01    <DIR>          gegl-0.2

28.10.2011  23:49    <DIR>          Google

04.09.2014  21:59    <DIR>          gtk-2.0

28.06.2015  20:45    <DIR>          GWX

05.04.2010  13:55    <DIR>          HP

25.05.2011  21:19    <DIR>          ISI

13.12.2012  00:37    <DIR>          IsolatedStorage

16.10.2012  08:32               236 LaunchHomeCenter.log

02.12.2011  01:49    <DIR>          Lexware

01.02.2013  14:03    <DIR>          Logitech

17.01.2013  10:00    <DIR>          Macromedia

15.05.2010  15:08    <DIR>          MAGIX

09.10.2014  17:15    <DIR>          Marmiko IT-Solutions GmbH

27.06.2015  14:27    <DIR>          Microsoft

12.07.2010  22:04    <DIR>          Microsoft Help

16.11.2011  18:36             1.516 MiniAssist.ini

21.06.2011  13:36             1.516 MiniAssist.ini.bak

16.11.2011  19:06            71.452 MiniAssist.log

07.05.2011  16:55    <DIR>          Mobile Master

02.10.2013  12:49    <DIR>          Mozilla

01.12.2012  14:46    <DIR>          Nexway

20.07.2011  11:54    <DIR>          PDF24

13.12.2012  00:37    <DIR>          Pinnacle

13.12.2012  00:37    <DIR>          Pinnacle Systems GmbH

26.01.2010  18:03    <DIR>          Programs

27.05.2013  20:37    <DIR>          RapidSolution

04.09.2014  21:59            10.170 recently-used.xbel

18.03.2015  15:02             7.601 resmon.resmoncfg

06.04.2015  20:14    <DIR>          Skype

18.03.2010  20:53    <DIR>          StarPrint Limited

31.01.2016  12:29    <DIR>          TeamViewer

27.09.2016  22:31    <DIR>          Temp

02.05.2010  15:28    <DIR>          Toshiba

03.05.2011  22:13    <DIR>          VirtualStore

28.05.2016  15:44    <DIR>          WEB.DE Application {sync-000021}

04.05.2010  00:10    <DIR>          Xenocode

27.11.2013  22:31         2.529.622 [j0019]-[p04].bmp

24.01.2010  05:44    <DIR>          {488CA21E-322E-4720-8CF4-9B475A5D5676}

20.05.2011  20:17    <DIR>          {51118E21-1324-4510-AB66-D6360E215EF3}

              10 Datei(en),      2.767.784 Bytes

              54 Verzeichnis(se),  6.227.304.448 Bytes frei
 

========= Ende von CMD: =========
 
 

========= RemoveProxy: =========
 

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
 
 

========= Ende von RemoveProxy: =========
 
 

========= ipconfig /flushdns =========
 
 

Windows-IP-Konfiguration
 

Der DNS-Aufl”sungscache wurde geleert.
 

========= Ende von CMD: =========
 
 

========= netsh winsock reset =========
 
 

Der Winsock-Katalog wurde zurckgesetzt.

Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
 
 

========= Ende von CMD: =========
 
 

=========== EmptyTemp: ==========
 

BITS transfer queue => 8388608 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3460868 B

Java, Flash, Steam htmlcache => 492 B

Windows/system/drivers => 6193 B

Edge => 0 B

Chrome => 0 B

Firefox => 150379025 B

Opera => 0 B
 

Temp, IE cache, history, cookies, recent:

Default => 66228 B

Public => 0 B

ProgramData => 0 B

systemprofile => 118282 B

systemprofile32 => 66520 B

LocalService => 132244 B

NetworkService => 1571052 B

Chris => 3271198915 B

Admin => 69729870 B

Gast => 51396188 B
 

RecycleBin => 9628684180 B

EmptyTemp: => 12.3 GB temporäre Dateien entfernt.
 

================================
 
 

Das System musste neu gestartet werden.
 

==== Ende von Fixlog 22:35:08 ====

Fortsetzung folgt...

SystemLook.txt

Code:



SystemLook 30.07.11 by jpshortstuff

Log created at 22:46 on 27/09/2016 by Chris

Administrator - Elevation successful
 

========== folderfind ==========
 

Searching for "DnsBlock"

No folders found.
 

Searching for "Conduit"

No folders found.
 

Searching for "OpenCandy"

No folders found.
 

Searching for "DownloadProtect"

No folders found.
 

Searching for "DPBHO"

No folders found.
 

Searching for "Yontoo"

No folders found.
 

Searching for "Softonic"

No folders found.
 

Searching for "YahooPartnerToolbar"

No folders found.
 

Searching for "winload"

C:\FRST\Quarantine\C\Program Files (x86)\Winload        d------        [21:47 28/10/2011]

C:\Users\Chris\AppData\LocalLow\Winload        d------        [21:48 28/10/2011]
 

========== regfind ==========
 

Searching for "DnsBlock"

No data found.
 

Searching for "Conduit"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}]

@="Conduit Engine API Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}\InprocServer32]

@="C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}\ProgID]

@="Conduit.Engine"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}\VersionIndependentProgID]

@="Conduit.Engine"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94447F21-6011-415C-AF5D-9190AB751056}]

"AppPath"="C:\Program Files (x86)\ConduitEngine"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94447F21-6011-415C-AF5D-9190AB751056}]

"AppName"="ConduitEngineHelper.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}]

@="Conduit Engine API Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}\InprocServer32]

@="C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}\ProgID]

@="Conduit.Engine"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}\VersionIndependentProgID]

@="Conduit.Engine"
 

Searching for "OpenCandy"

No data found.
 

Searching for "DownloadProtect"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}]

@="IDownloadProtect"
 

Searching for "DPBHO"

No data found.
 

Searching for "Yontoo"

No data found.
 

Searching for "Softonic"

No data found.
 

Searching for "YahooPartnerToolbar"

No data found.
 

Searching for "winload"

[HKEY_LOCAL_MACHINE\BCD00000000\Objects\{572bcd56-ffa7-11d9-aae0-0007e994107d}\Elements\12000002]

"Element"="\windows\system32\boot\winload.exe"

[HKEY_LOCAL_MACHINE\BCD00000000\Objects\{c5c9ee4a-2289-11de-988f-001e688889ea}\Elements\12000002]

"Element"="\Windows\system32\winload.exe"

[HKEY_LOCAL_MACHINE\BCD00000000\Objects\{c92c7dda-08a0-11df-a739-00238bbbddba}\Elements\12000002]

"Element"="\windows\system32\winload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D2C7A351-949D-4378-A172-163979F1F621}]

@="Winload API Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D2C7A351-949D-4378-A172-163979F1F621}\InprocServer32]

@="C:\Program Files (x86)\Winload\prxtbWinl.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF722F44-BC22-436B-8B36-D7B4872A5FD7}]

"AppPath"="C:\Program Files (x86)\Winload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF722F44-BC22-436B-8B36-D7B4872A5FD7}]

"AppName"="WinloadToolbarHelper.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar]

"DisplayName"="Winload Toolbar"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar]

"UninstallString"="C:\PROGRA~2\Winload\UNINST~1.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar]

"HelpLink"="hxxp://Winload.OurToolbar.com/help"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar]

"Publisher"="Winload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar]

"URLInfoAbout"="hxxp://Winload.OurToolbar.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{D2C7A351-949D-4378-A172-163979F1F621}]

@="Winload API Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{D2C7A351-949D-4378-A172-163979F1F621}\InprocServer32]

@="C:\Program Files (x86)\Winload\prxtbWinl.dll"
 

-= EOF =-

CChris

28.09.2016 05:22

FRST.txt

FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016

durchgeführt von Chris (Administrator) auf CHRIS-PC (28-09-2016 06:07:11)

Gestartet von C:\Users\Chris\Desktop

Geladene Profile: Chris (Verfügbare Profile: Chris & Gast)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(AMD) C:\Windows\System32\atieclxx.exe

(brother Industries Ltd) C:\Windows\SysWOW64\brsvc01a.exe

(brother Industries Ltd) C:\Windows\SysWOW64\brss01a.exe

(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

(O2Micro International) C:\Windows\System32\drivers\o2flash.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

(market maker Software AG) C:\Program Files (x86)\Buhl\WISO Börse 2009\bin\watchdog.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Toshiba) C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\SmoothView\SmoothView.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

(TOSHIBA Corporation.) C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe

(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe

(Logitech Inc.) C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(TOSHIBA) C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe

(TOSHIBA) C:\Program Files (x86)\Toshiba\Toshiba Online Product Information\TOPI.exe

(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe

(Elgato Systems) C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe

(Logitech Inc.) C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe

(Taiwan) C:\Program Files (x86)\Switcher\FAD_4027\SwitchUSB.exe

(1&1 Mail & Media GmbH) C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe

(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

(Avid Development GmbH) C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

(Chicony) C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

() C:\Windows\Samsung\PanelMgr\SSMMgr.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe

(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe

(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe

(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 5.0\offlagent7\offlagent.exe

() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE

(Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [237056 2007-12-15] (Alps Electric Co., Ltd.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [492600 2008-11-06] (Conexant Systems, Inc.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)

HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)

HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)

HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.)

HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-10-26] (Toshiba Europe GmbH)

HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe [777728 2006-07-19] (Logitech Inc.)

HKLM\...\Run: [Launch LGDCore] => "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE

HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-29] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Camera Assistant Software] => C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe [417792 2009-04-10] (Chicony)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [520192 2006-12-01] ()

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)

HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)

HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2499584 2010-07-09] (Vodafone)

HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [SMB50StarMoneyRunEntry] => C:\Program Files (x86)\StarMoney Business 5.0\app\oflagent.exe [56976 2014-02-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)

HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)

HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)

HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()

HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [TOSCDSPD] => TOSCDSPD.EXE

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6158240 2009-03-16] (TOSHIBA)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [Remote Control Editor] => C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe [1689088 2010-06-09] (Elgato Systems)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [AVMUSBFernanschluss] => C:\Users\Chris\AppData\Local\Apps\2.0\RPDH7O7A.KJ7\8VE1QDO5.TOE\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2016-07-02] (AVM Berlin)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [FAD_4027] => C:\Program Files (x86)\Switcher\FAD_4027\SwitchUSB.exe [1572864 2011-05-06] (Taiwan)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [PMCLoader] => C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe [644368 2008-08-12] (Pinnacle Systems GmbH)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [WEB.DE Application {sync-000021}] => C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [792064 2016-04-21] (1&1 Mail & Media GmbH)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [Dropbox Update] => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-04] (Dropbox, Inc.)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: E - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: H - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: K - K:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {038e06f0-fa97-11e0-8958-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {038e0701-fa97-11e0-8958-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae71-abb2-11df-97d8-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae83-abb2-11df-97d8-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae89-abb2-11df-97d8-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae9b-abb2-11df-97d8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae9d-abb2-11df-97d8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733aea0-abb2-11df-97d8-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {082f7345-82df-11e0-8094-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {082f7352-82df-11e0-8094-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0a375e63-7d71-11e0-9562-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0d5245e5-a91f-11df-8e2c-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {1829e236-11ce-11e0-aba4-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {1829e238-11ce-11e0-aba4-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {1829e243-11ce-11e0-aba4-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {280017ec-a6e0-11df-b3b1-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {280017fd-a6e0-11df-b3b1-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {280017ff-a6e0-11df-b3b1-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {2e0891ee-76af-11df-aaec-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {2e0891fc-76af-11df-aaec-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {47657fbc-76d2-11df-8f4f-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {47657fc0-76d2-11df-8f4f-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {51f0eb5d-09da-11df-9141-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {54f8e4d2-9d8a-11e0-806c-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa897-0df4-11e0-883b-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa899-0df4-11e0-883b-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa8a6-0df4-11e0-883b-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa8ab-0df4-11e0-883b-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {59eeb5b4-7a1c-11e0-a47e-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {59eeb5b6-7a1c-11e0-a47e-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {59eeb5b8-7a1c-11e0-a47e-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {62de1d1f-f194-11e0-8ed9-00238bbbddba} - H:\Setup.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7ad4b769-0a92-11df-8968-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7bd73ea4-74c0-11e1-be50-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7bd73eba-74c0-11e1-be50-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7f843874-e21c-11e0-a098-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {829be880-a6f8-11df-bab8-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {829be88c-a6f8-11df-bab8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {829be88e-a6f8-11df-bab8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {88c07d4b-afb2-11df-9fab-806e6f6e6963} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {8ee591ad-7d78-11e0-ac5d-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {90805008-92a8-11e0-8e79-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {9080500a-92a8-11e0-8e79-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {9080500d-92a8-11e0-8e79-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc17-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc1f-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc21-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc24-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc27-a302-11df-a842-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {9e17bd9a-7960-11e0-95b0-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f38-885a-11e0-b570-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f3a-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f3c-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f5a-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f65-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f71-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f8d-885a-11e0-b570-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d1ff-11b3-11e0-801f-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d219-11b3-11e0-801f-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d21b-11b3-11e0-801f-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d21d-11b3-11e0-801f-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd40ac59-16ec-11e2-9b9e-00238bbbddba} - H:\LaunchU3.exe -a

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd821c4e-a3cd-11df-a8b3-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd821c52-a3cd-11df-a8b3-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd821caa-a3cd-11df-a8b3-00238bbbddba} - I:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bf4bbd5f-e222-11e0-90a7-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {cbb02f6b-f9bc-11e0-95a3-806e6f6e6963} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {cd95a5ca-3e71-11e4-b596-d923af0aeae4} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ce49b37a-f8f4-11e0-89e2-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ce49b37d-f8f4-11e0-89e2-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ce49b384-f8f4-11e0-89e2-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {cfbcd11f-0939-11df-9106-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d3bb6547-0d91-11e2-bac9-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d3bb6558-0d91-11e2-bac9-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d4f7ab93-f7e4-11e3-8c74-f18faab755e8} - H:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d4f7add3-f7e4-11e3-8c74-f18faab755e8} - H:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {db008455-7796-11df-bab8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {dbf6f75b-a492-11df-ad9f-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {dcfd3d4f-08ec-11df-a486-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {e8a82fea-af13-11df-8863-806e6f6e6963} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {e8a83017-af13-11df-8863-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ed0363e7-0d05-11df-a601-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ed0363e9-0d05-11df-a601-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f0d2606e-a1be-11e0-bc48-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f2f23acd-78a6-11e0-9ce8-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f2f23acf-78a6-11e0-9ce8-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f608f4a4-0df7-11e0-bbed-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f608f4af-0df7-11e0-bbed-00238bbbddba} - J:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {fc8e8b49-8374-11e0-8a5b-806e6f6e6963} - H:\StartVMCLite.exe

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-01-25]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2010-08-01]

ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-11-25]

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Pinnacle Streaming Server.lnk [2012-12-12]

ShortcutTarget: Pinnacle Streaming Server.lnk -> C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe (Avid Development GmbH)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Jubiläumsversion Zahlungserinnerung.lnk [2013-01-03]

ShortcutTarget: Quicken Jubiläumsversion Zahlungserinnerung.lnk -> C:\Windows\Installer\{A907A713-DA24-4352-8786-96C7A6944646}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)

Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-25]

ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2010-05-27]

ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-04-06]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-04-06]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-12-30]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{599541DB-9000-473F-AA32-19C82244BA5C}: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{FED48F3B-BAB7-40A0-B64D-F146BE4A6402}: [DhcpNameServer] 192.168.42.129
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 

SearchScopes: HKLM -> DefaultScope {D0718CFD-76E4-4DFA-919C-A32398055F4B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKLM -> {D0718CFD-76E4-4DFA-919C-A32398055F4B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)

BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)

BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)

BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)

Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)

Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)

Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll [2010-04-15] (TerraTec Electronic GmbH)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)

Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
 

FireFox:

========

FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default

FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF SelectedSearchEngine: google

FF Homepage: hxxp://www.google.de?hl=de&gl=de

FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF NetworkProxy: "socks_remote_dns", true

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-15] ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2013-10-02] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-15] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)

FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-10-28] (DivX, LLC)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)

FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll [2012-06-25] ( )

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ChimeShim.dll [2007-07-26] (MDL Information Systems, Inc. (Elsevier MDL))

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npchime.dll [2007-07-26] (MDL Information Systems, Inc (Elsevier MDL))

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-04-16] (Apple Inc.)

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\englische-ergebnisse.xml [2013-05-21]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\gmx-suche.xml [2013-05-21]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\lastminute.xml [2013-05-21]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\onvista.xml [2015-03-13]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\webde-suche.xml [2013-05-21]

FF Extension: (FoxyProxy Standard) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\extensions\foxyproxy@eric.h.jung [2015-06-01]

FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox [2016-05-28]

FF Extension: (Skype extension for Firefox) - C:\Program Files (x86)\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2015-07-04] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-24] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-05-18] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa => nicht gefunden

FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox

FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - C:\Program Files (x86)\Mobile Master\ext\1

FF Extension: (Mobile Master Add-In) - C:\Program Files (x86)\Mobile Master\ext\1 [2011-04-09] [ist nicht signiert]

FF HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

CHR HKLM-x32\...\Chrome\Extension: [obdlfebkcikbbhhnpmabhadfhgfjcemn] - C:\Users\Chris\Webgears\Chrome\Gutscheinsammler\gutscheinsammler-finder-2.0-chrome.crx [2011-10-28]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2015-12-08] (Kaspersky Lab ZAO)

R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)

S2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [84992 2016-06-24] (Chip Digital GmbH) [Datei ist nicht signiert]

R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]

R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]

R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [216080 2012-06-25] (Nitro PDF Software)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]

R3 SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [89600 2008-08-25] (Toshiba) [Datei ist nicht signiert]

R2 StarMoney Business 5.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)

R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)

R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [Datei ist nicht signiert]

S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG) [Datei ist nicht signiert]

R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2013-11-14] () [Datei ist nicht signiert]

R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2010-07-09] (Vodafone) [Datei ist nicht signiert]

S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)

R2 WBWatchDog; C:\Program Files (x86)\Buhl\WISO Börse 2009\bin\watchdog.exe [481408 2008-10-16] (market maker Software AG)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S3 androidusb; C:\Windows\System32\Drivers\fxxandroidusb.sys [31744 2011-05-06] (Google Inc)

S3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2010-03-22] (AVM Berlin)

R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-24] (AVM Berlin)

S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [114176 2013-07-22] (ASIX Electronics Corp.)

R0 B50EA66D; C:\Windows\System32\drivers\B50EA66D.sys [478392 2016-04-16] (Kaspersky Lab ZAO)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)

R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [684544 2009-06-23] (Conexant Systems Inc.)

R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)

R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)

S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)

R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)

R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)

R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-05-28] (AO Kaspersky Lab)

R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-12-08] (AO Kaspersky Lab)

R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237480 2016-05-28] (AO Kaspersky Lab)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [943536 2016-05-28] (AO Kaspersky Lab)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49240 2016-05-28] (AO Kaspersky Lab)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-08] (AO Kaspersky Lab)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)

R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-28] (Malwarebytes)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)

S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [1077840 2010-11-19] (DiBcom SA)

S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [24272 2010-11-19] (DiBcom S.A.)

R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [64160 2009-07-13] (O2Micro )

R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()

S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-05-24] (RapidSolution Software AG)

R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-05-24] (RapidSolution Software AG)

S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [Datei ist nicht signiert]

R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-09-18] ()

R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-09-18] ()

R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-09-18] ()

S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)

S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [X]

S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-09-27 22:18 - 2016-09-27 22:18 - 00165376 _____ C:\Users\Chris\Desktop\SystemLook_x64.exe

2016-09-27 11:02 - 2016-09-27 11:04 - 00091769 _____ C:\Users\Chris\Desktop\Addition.txt

2016-09-27 11:01 - 2016-09-28 06:07 - 00055689 _____ C:\Users\Chris\Desktop\FRST.txt

2016-09-27 11:00 - 2016-09-27 11:00 - 02403328 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe

2016-09-27 07:32 - 2016-09-27 07:32 - 00010797 _____ C:\Users\Chris\Desktop\JRT.txt

2016-09-26 22:33 - 2016-09-26 22:33 - 00001074 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2016-09-26 22:33 - 2016-09-26 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-09-26 22:33 - 2016-09-26 22:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2016-09-26 22:33 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2016-09-26 22:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2016-09-26 22:30 - 2016-09-26 22:30 - 01615456 _____ (Malwarebytes) C:\Users\Chris\Desktop\JRT.exe

2016-09-26 22:27 - 2016-09-26 22:28 - 22851472 _____ (Malwarebytes ) C:\Users\Chris\Desktop\mbam-setup-2.2.1.1043.exe

2016-09-26 21:52 - 2016-09-26 22:00 - 00000000 ____D C:\AdwCleaner

2016-09-26 21:51 - 2016-09-26 21:51 - 03861056 _____ C:\Users\Chris\Desktop\AdwCleaner_6.020.exe

2016-09-25 19:06 - 2016-09-27 22:43 - 00000000 ____D C:\Users\Chris\Documents\Viren Trojaner Erfassung

2016-09-25 15:22 - 2016-09-27 11:00 - 00000000 ____D C:\Users\Chris\Downloads\FRST-OlderVersion

2016-09-25 15:22 - 2016-09-25 15:22 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2016-09-15 16:38 - 2016-09-26 21:58 - 00000000 ____D C:\Program Files\{16916AFE-57EE-48FB-AD4A-6A0BA8760DBD}

2016-09-14 15:31 - 2016-09-14 15:31 - 00000048 _____ C:\Users\Chris\Downloads\.directory

2016-09-14 15:28 - 2016-09-14 15:28 - 00052633 _____ C:\Users\Chris\Downloads\8642_kaspersky.html

2016-09-14 15:23 - 2016-09-27 11:00 - 02403328 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe

2016-09-14 14:41 - 2016-09-14 14:45 - 00104287 _____ C:\Users\Chris\Downloads\Addition.txt

2016-09-14 14:38 - 2016-09-25 16:52 - 00071172 _____ C:\Users\Chris\Downloads\FRST.txt

2016-09-14 14:36 - 2016-09-28 06:07 - 00000000 ____D C:\FRST

2016-09-07 20:14 - 2016-09-07 20:14 - 00000000 ____D C:\ProgramData\launcher

2016-09-07 19:07 - 2016-09-07 19:07 - 00002421 _____ C:\Users\Public\Desktop\Paragon Festplatten Manager™ 15 Professional.lnk

2016-09-07 19:07 - 2016-09-07 19:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_blockmounter_01_09_00.Wdf

2016-09-07 19:07 - 2016-09-07 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Festplatten Manager™ 15 Professional

2016-09-07 19:05 - 2016-09-07 19:05 - 00000000 ____D C:\Program Files\Paragon Software

2016-09-07 18:47 - 2016-09-10 16:25 - 00000000 ____D C:\Program Files\{CACC03DD-9A08-4DDD-835C-48048033E61E}
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-09-28 06:04 - 2015-06-04 09:52 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000UA.job

2016-09-28 05:45 - 2011-06-18 14:48 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-09-28 05:34 - 2013-01-16 09:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-09-28 05:05 - 2016-06-22 18:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2016-09-28 04:11 - 2010-01-24 05:27 - 00019680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2016-09-28 04:11 - 2010-01-24 05:27 - 00019680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2016-09-27 22:42 - 2011-01-09 22:50 - 00000000 ___RD C:\Users\Chris\Dropbox

2016-09-27 22:39 - 2012-12-12 22:58 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI

2016-09-27 22:39 - 2010-03-22 00:37 - 00000000 ____D C:\Users\Chris\AppData\Local\Deployment

2016-09-27 22:38 - 2011-06-18 14:48 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-09-27 22:37 - 2010-01-25 22:06 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2016-09-27 22:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-09-27 22:33 - 2010-03-18 20:39 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\Temp

2016-09-27 16:36 - 2010-01-25 00:03 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C40BD253-3E22-4A50-B277-3698584BFC1A}

2016-09-27 11:04 - 2015-06-04 09:52 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000Core.job

2016-09-27 07:00 - 2010-03-22 00:37 - 00000000 ____D C:\Users\Chris\AppData\Local\Apps\2.0

2016-09-27 06:43 - 2014-05-19 13:46 - 00000000 ____D C:\Windows\ELAMBKUP

2016-09-26 22:33 - 2016-06-22 18:12 - 00000000 ____D C:\ProgramData\Malwarebytes

2016-09-26 22:00 - 2015-07-12 10:54 - 00000008 __RSH C:\ProgramData\ntuser.pol

2016-09-26 09:36 - 2010-02-04 23:42 - 00039424 ___SH C:\Users\Chris\Documents\Thumbs.db

2016-09-25 15:22 - 2011-01-09 22:36 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox

2016-09-24 20:38 - 2010-08-16 17:46 - 00000000 ____D C:\Program Files (x86)\Surf & E-Mail-Stick

2016-09-24 20:34 - 2016-06-25 13:49 - 00000000 ____D C:\Program Files\{59DC0B16-6721-47A2-8A18-638F86DE577B}

2016-09-24 20:28 - 2014-06-20 00:46 - 00000000 ____D C:\android

2016-09-24 19:57 - 2011-12-15 03:00 - 00000000 ____D C:\Program Files (x86)\fotokasten comfort

2016-09-24 19:57 - 2011-11-24 19:00 - 00000000 ____D C:\Program Files (x86)\moneyplex

2016-09-24 19:41 - 2010-07-31 23:42 - 00000000 ____D C:\Program Files (x86)\Auktionatrix

2016-09-21 22:09 - 2009-07-14 19:58 - 00662748 _____ C:\Windows\system32\perfh007.dat

2016-09-21 22:09 - 2009-07-14 19:58 - 00133786 _____ C:\Windows\system32\perfc007.dat

2016-09-21 22:09 - 2009-07-14 07:13 - 01521082 _____ C:\Windows\system32\PerfStringBackup.INI

2016-09-21 22:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf

2016-09-15 16:37 - 2013-01-16 09:40 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2016-09-15 16:37 - 2013-01-16 09:40 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2016-09-15 16:37 - 2012-03-15 20:25 - 00000000 ____D C:\Windows\system32\Macromed

2016-09-15 16:37 - 2011-07-18 09:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2016-09-15 16:37 - 2009-04-06 14:22 - 00000000 ____D C:\Windows\SysWOW64\Macromed

2016-09-14 14:23 - 2016-04-16 19:20 - 01847697 ____H C:\Users\Chris\AppData\Local\IconCache.db.backup

2016-09-14 13:57 - 2014-12-30 16:06 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2016-09-11 03:02 - 2010-05-14 06:57 - 00000000 ____D C:\Users\Gast

2016-09-11 03:01 - 2010-01-24 05:28 - 00000000 ____D C:\Users\Admin

2016-09-07 18:45 - 2010-08-09 21:08 - 00000000 ____D C:\Users\Chris\AppData\Local\Downloaded Installations
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2013-11-25 22:05 - 2013-11-25 22:05 - 0000697 _____ () C:\Users\Chris\AppData\Roaming\ConvAPIPlugin.log

2011-07-15 14:35 - 2011-07-15 14:35 - 0000106 _____ () C:\Users\Chris\AppData\Roaming\psppirerc

2015-07-12 11:14 - 2015-07-12 11:14 - 0000275 _____ () C:\Users\Chris\AppData\Roaming\uninstall.bat

2013-11-27 21:35 - 2013-12-16 12:54 - 0000600 _____ () C:\Users\Chris\AppData\Roaming\winscp.rnd

2010-01-26 00:19 - 2010-01-26 00:19 - 0000000 _____ () C:\Users\Chris\AppData\Roaming\wklnhst.dat

2010-08-04 14:13 - 2014-02-24 19:33 - 0006656 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2010-11-16 23:36 - 2010-11-16 23:37 - 0000079 _____ () C:\Users\Chris\AppData\Local\DVDPATH.TXT

2013-08-06 16:58 - 2013-08-13 22:06 - 0004096 ____H () C:\Users\Chris\AppData\Local\keyfile3.drm

2012-10-16 08:32 - 2012-10-16 08:32 - 0000236 _____ () C:\Users\Chris\AppData\Local\LaunchHomeCenter.log

2011-06-21 13:36 - 2011-11-16 18:36 - 0001516 _____ () C:\Users\Chris\AppData\Local\MiniAssist.ini

2011-06-21 13:36 - 2011-06-21 13:36 - 0001516 _____ () C:\Users\Chris\AppData\Local\MiniAssist.ini.bak

2011-06-21 13:36 - 2011-11-16 19:06 - 0071452 _____ () C:\Users\Chris\AppData\Local\MiniAssist.log

2014-09-04 21:59 - 2014-09-04 21:59 - 0010170 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel

2012-12-03 18:11 - 2015-03-18 15:02 - 0007601 _____ () C:\Users\Chris\AppData\Local\resmon.resmoncfg

2013-11-27 22:31 - 2013-11-27 22:31 - 2529622 _____ () C:\Users\Chris\AppData\Local\[j0019]-[p04].bmp

2010-07-09 12:36 - 2010-07-09 12:36 - 0159464 ____R () C:\ProgramData\DeviceManager.xml.rc4

2010-01-31 00:46 - 2010-01-31 00:46 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

2010-04-05 13:30 - 2013-11-25 22:05 - 0003493 _____ () C:\ProgramData\hpzinstall.log

2010-05-02 14:50 - 2011-08-24 22:18 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt

2003-10-06 10:21 - 2003-10-06 10:21 - 0000000 ____H () C:\ProgramData\sdpsenv.dat
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\ProgramData\sdpsenv.dat
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\Windows\system32\winlogon.exe => Datei ist digital signiert

C:\Windows\system32\wininit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert

C:\Windows\explorer.exe => Datei ist digital signiert

C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert

C:\Windows\system32\svchost.exe => Datei ist digital signiert

C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert

C:\Windows\system32\services.exe => Datei ist digital signiert

C:\Windows\system32\User32.dll => Datei ist digital signiert

C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert

C:\Windows\system32\userinit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert

C:\Windows\system32\rpcss.dll => Datei ist digital signiert

C:\Windows\system32\dnsapi.dll => Datei ist digital signiert

C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2016-09-26 10:55
 

==================== Ende von FRST.txt ============================

--- --- ---

[/CODE]

CChris

28.09.2016 05:23

Addition.txt

Code:



Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2016

durchgeführt von Chris (28-09-2016 06:08:11)

Gestartet von C:\Users\Chris\Desktop

Windows 7 Home Premium Service Pack 1 (X64) (2010-01-24 04:27:32)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-3975404785-3629955362-1126565087-500 - Administrator - Disabled)

Chris (S-1-5-21-3975404785-3629955362-1126565087-1000 - Administrator - Enabled) => C:\Users\Chris

Gast (S-1-5-21-3975404785-3629955362-1126565087-501 - Limited - Enabled) => C:\Users\Gast

HomeGroupUser$ (S-1-5-21-3975404785-3629955362-1126565087-1006 - Limited - Enabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Kaspersky Total Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}

AS: Kaspersky Total Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Total Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

6500_E709a (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

8500A909_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

8500A909_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

8500A909a (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)

Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)

Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)

Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)

AKVIS Retoucher (HKLM-x32\...\{3096C412-7636-45FD-9074-F596F4417076}) (Version: 5.5.869.8634 - AKVIS)

ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )

Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )

ATI Catalyst Install Manager (HKLM\...\{0FB2E75A-1024-331F-77EF-D45F71505D58}) (Version: 3.0.732.0 - ATI Technologies, Inc.)

Audials (HKLM-x32\...\{FFA5E466-D1D3-44AE-BB20-8D56CF061877}) (Version: 10.2.22605.500 - Audials AG)

Auktionatrix - der schnelle Weg zu eBay (HKLM-x32\...\{02E8DF80-DFB9-4C56-8CB9-AFA1CE97AF9C}) (Version: 4.10.4.0 - Z-Dev)

Avery Wizard 4.0 (HKLM-x32\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)

Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)

Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.10(T) - TOSHIBA CORPORATION)

BPD_DSWizards (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden

BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

Brew Recipe Developer (HKLM-x32\...\{B203CBE3-7CF4-40E7-A6F4-761C87AA945F}) (Version: 2.0.0 - Oli Weiss)

Brother MFL-Pro Suite DCP-115C (HKLM-x32\...\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}) (Version: 1.0.1.0 - Brother Industries, Ltd.)

Brother MFL-Pro Suite DCP-357C (HKLM-x32\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.0.2.0 - Brother Industries, Ltd.)

BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

Camera Assistant Software for Toshiba (HKLM-x32\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.260.0526L - Chicony Electronics Co.,Ltd.)

Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)

Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)

Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)

Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)

Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - *Canon Inc.)

Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)

Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)

Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)

Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)

Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)

ccc-core-static (x32 Version: 2009.0729.2238.38827 - Ihr Firmenname) Hidden

CD/DVD Drive Acoustic Silencer (HKLM-x32\...\{4C3F3228-13BE-41D0-A782-3DDE7CB2479A}) (Version: 3.01.05 - TOSHIBA)

chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 2.2.1.0 - Chip Digital GmbH)

Cinergy HTC USB XS V5.09.1202.00 (HKLM-x32\...\Cinergy HTC USB XS) (Version: 5.09.1202.00 - )

Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{0F9639CB-D661-4FA0-A4B1-0441E515E0B7}) (Version: 3.1.04072 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden

Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Compiled Driver Disc (Full) 0.99 (HKLM-x32\...\{3DCF00F5-04A5-4543-A088-70548081120E}_is1) (Version: 0.99.0.1 - COMPELSON Labs)

Compiled Driver Disk (Samsung) 0.99 (HKLM-x32\...\{3DCF00F5-04A5-4543-A088-705480811206}_is1) (Version: 0.99.0.1 - COMPELSON Labs)

Conexant Audio Driver For AMD HDMI Codec (HKLM\...\CNXT_AUDIO_HDA_HDMI) (Version: 4.98.6.0 - Conexant)

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.6.61 - Conexant)

DDBAC (HKLM-x32\...\{7CF93713-EB2A-475C-93CA-D1C9DA388EF4}) (Version: 5.3.50.0 - DataDesign)

Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)

DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden

DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden

Dropbox (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.)

DVD MovieFactory for TOSHIBA (HKLM-x32\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.51 - Ulead Systems, Inc.)

EpsonNet SetupManager (HKLM-x32\...\InstallShield_{BB828C7B-44A6-4A83-A96E-EF80B8680B8D}) (Version: 1.7.2 - SEIKO EPSON CORPORATION)

EpsonNet SetupManager (x32 Version: 1.7.2 - SEIKO EPSON CORPORATION) Hidden

EQUIP (HKLM-x32\...\{3BE64D7E-367A-EB54-9BE0-4D3E2A62EF17}) (Version: 3.3.0 - ISI GmbH)

EQUIP CAPI (HKLM-x32\...\{7B7618C6-0CF3-B1F4-496C-5E147D73AEA7}) (Version: 3.3.0 - )

Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

FileZilla Client 3.3.3 (HKLM-x32\...\FileZilla Client) (Version: 3.3.3 - )

Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)

fotokasten comfort 4.2 (HKLM-x32\...\fotokasten comfort_is1) (Version:  - )

Free Image Convert and Resize version 2.1 (HKLM-x32\...\Free Image Convert and Resize_is1) (Version:  - DVDVideoSoft Limited.)

Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.)

Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)

FreeCommander 2009.02a (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)

FRITZ!Box USB-Fernanschluss - 1  (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)

FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\f018cf21c0452c64) (Version: 2.3.0.2 - AVM Berlin)

GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)

Gini! (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\93edd1682ad811a0) (Version: 1.0.73.0 - FRITZ! Mini)

Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden

GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

grafstat4 (HKLM-x32\...\{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1) (Version: 4.249 - DrSoft)

HDMI Control Manager (HKLM-x32\...\InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA)

HDMI Control Manager (Version: 2.0 - TOSHIBA) Hidden

HDMI Control Manager (x32 Version: 2.0 - TOSHIBA) Hidden

HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)

HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP)

HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)

HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden

HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)

Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)

JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

Kalenderdruck-Assistent für Microsoft Office Outlook 2007 (HKLM-x32\...\{90120000-00A7-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)

Kaspersky Total Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden

kleiner-brauhelfer version 1.1.4.0 (HKLM-x32\...\kleiner-brauhelfer_is1) (Version:  - )

Lexware Abschreibungsrechner (HKLM-x32\...\{204294E8-371C-4DFB-8162-EF5BB4FEBFE1}) (Version: 11.00.04.0001 - Haufe-Lexware GmbH & Co.KG)

Lexware Elster (HKLM-x32\...\{AFB25971-2545-4EFF-922C-938915ACE6A8}) (Version: 11.01.00.0006 - Haufe-Lexware GmbH & Co.KG)

Lexware Info Service (HKLM-x32\...\{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}) (Version: 2.80.00.0007 - Haufe-Lexware GmbH & Co.KG)

Lexware online banking (HKLM-x32\...\{2C41394E-E15B-47DC-B33C-54D33EA85B68}) (Version: 15.00.00.0005 - Haufe-Lexware GmbH & Co.KG)

Logitech Z-series Software 1.03 (HKLM\...\{A8BE7A89-11DE-49B3-A4FC-6CDCB0C32B51}) (Version: 1.03.000 - Logitech)

Lottoschein-Check (HKLM-x32\...\Lottoschein-Check) (Version:  - )

MAGIX Foto Manager 9 (HKLM-x32\...\MAGIX Foto Manager 9 D) (Version: 7.0.0.91 - MAGIX AG)

MAGIX MP3 deluxe MX Download-Version (HKLM-x32\...\MAGIX_MSI_mp3_deluxe_mx) (Version: 18.0.0.109 - MAGIX AG)

MAGIX MP3 deluxe MX Download-Version (x32 Version: 18.0.0.109 - MAGIX AG) Hidden

MAGIX MP3 Maker 16 11.0.0.78 (D) (HKLM-x32\...\MAGIX MP3 Maker 16 D) (Version: 11.0.0.78 - MAGIX AG)

MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)

MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)

MAGIX Screenshare (HKLM-x32\...\MAGIX_MSI_PCVisit) (Version: 4.3.6.1987 - MAGIX AG)

MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden

MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.2.7 - MAGIX AG)

MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_MSI_Speed3_burnR_mxcdr_MSI) (Version: 7.0.2.6 - MAGIX AG)

MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden

Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden

Markets-Börsenticker (HKLM-x32\...\Markets-Börsenticker) (Version: 2 - Financial Times Deutschland)

Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.10.5.3 - Marvell)

maxdome - Online Videothek Version 3.1.0 (HKLM\...\maxdome - Online Videothek_is1) (Version:  - maxdome)

MDL Chime/Chime Pro for Internet Explorer (HKLM-x32\...\{46761278-BF32-4008-833B-93487FF0A06E}) (Version: 2.6 SP7 - MDL Information Systems, Inc.)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office Communicator 2007 (HKLM-x32\...\{0FCA0973-24C0-48EA-8CF6-71B53C135C09}) (Version: 2.0.6362.0 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)

Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)

MightyUninstaller (HKLM-x32\...\{91A02C6C-1FAA-49FA-957F-6ACF30D6B47D}_is1) (Version: 2.5.0.0 - MightyUninstaller.com)

MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)

Miranda Fusion 2.0.15 (HKLM-x32\...\MirandaFusion) (Version: 2.0.15 - Miranda Fusion Team)

Mobile Master (x32 Version: 7.8.3 - Jumping Bytes) Hidden

Mobile Master 7.8.3 (HKLM-x32\...\Mobile Master) (Version: 7.8.3 - Jumping Bytes)

MOBILedit! Support Libraries (HKLM-x32\...\{1A834332-A9EE-440C-9505-2D07F445F05A}) (Version: 4.0.0 - COMPELSON Labs)

MOBILedit! ver. 5.0.2.1015 (HKLM-x32\...\{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1) (Version: 5.0.2.1015 - COMPELSON Labs)

moneyplex 2011 (HKLM-x32\...\{B3946E24-EF59-4CEE-930F-7465D9C19A85}_is1) (Version: moneyplex 2011 - matrica GmbH)

MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)

Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)

MP3 deluxe MX Update (Version: 18.0.3.115 - MAGIX AG) Hidden

MPM (HKLM-x32\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)

MSXML 4.0 SP2 (KB941833) (HKLM-x32\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)

NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)

NetWaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.55 - BVRP Software, Inc)

Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden

Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden

Nitro Reader 2 (HKLM\...\{0723532B-AD75-4D04-B88A-8CCEC6624E6D}) (Version: 2.4.1.15 - Nitro PDF Software)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)

O2Micro Flash Memory Card Reader Driver (HKLM\...\{729F014A-9E91-49A6-B5F2-E8AA941452AE}) (Version: 3.31.03.A - O2Micro)

OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)

Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)

Ontrack EasyRecovery Home (HKLM-x32\...\{B8686BCF-5181-477F-9CBE-786391011B9C}_is1) (Version: 10.0.2.3 - Kroll Ontrack Inc.)

Paragon Festplatten Manager™ 15 Professional (HKLM\...\{1E104AF0-EA49-11DE-AC07-005056C00008}) (Version: 90.00.0003 - Paragon Software)

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Pinnacle DistanTV Server (HKLM-x32\...\{7C7AC2D4-1077-45C8-826A-16445B5E0DB7}) (Version: 1.0.0.095 - Pinnacle Systems)

Pinnacle TVCenter Pro (HKLM-x32\...\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}) (Version: 5.1.0.2722 - Pinnacle Systems)

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden

ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

PSPP (HKLM-x32\...\B426B849-6071-5684-6429-7BE6B77DAB5B) (Version: 20100611 - GNU)

Quicken HOME & BUSINESS Jubiläumsversion (HKLM-x32\...\{A907A713-DA24-4352-8786-96C7A6944646}) (Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG)

Quicken Import Export Server Jubiläumsversion (HKLM-x32\...\{7FE9F5F5-8C9B-49F2-989C-BD885BD79B8D}) (Version: 20.30.00.0099 - Haufe-Lexware GmbH & Co.KG)

QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )

RasWin (remove only) (HKLM-x32\...\RasWin) (Version:  - )

RG eBook (HKLM-x32\...\com.radeberger-gruppe.ebook) (Version: 1.1.7 - Radeberger Gruppe KG)

RG eBook (x32 Version: 1.1.7 - Radeberger Gruppe KG) Hidden

Samsung ML-2010 Series (HKLM-x32\...\Samsung ML-2010 Series) (Version:  - )

Samsung ML-2010 Series SmartPanel (HKLM-x32\...\Samsung ML-2010 Series SmartPanel) (Version:  - )

SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )

Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )

SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )

Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )

Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )

SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )

SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )

Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.3.90702 - Samsung Electronics Co., Ltd.)

Samsung PC Studio 3 (x32 Version: 3.0.0.90702 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )

SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)

Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden

SecuBrowser (HKLM-x32\...\{A7287C0E-C94F-4009-B438-485E38286EB9}) (Version: 1.0.7.0 - Frank Eschenbacher)

ShaDown! (HKLM-x32\...\{909F4A33-D068-4D61-BBF1-B3135DD19C18}) (Version: 1.3.0.0 - Inforall.net)

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)

simfy VZ edition (HKLM-x32\...\simfy-VZ-edition) (Version: 1.2.0 - simfy GmbH)

simfy VZ edition (x32 Version: 1.2.0 - simfy GmbH) Hidden

Skype web features (HKLM-x32\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)

Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)

SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden

SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden

Spelling Dictionaries Support For Adobe Reader 8 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)

StarMoney (x32 Version: 3.0.2.50 - StarFinanz) Hidden

StarMoney Business 5.0  (HKLM-x32\...\{96CA5ACD-1A36-417E-AC15-707E93AB895C}) (Version: 5.0 - Star Finanz GmbH)

STATISTICA TRIAL DE 10 (HKLM-x32\...\{E492A541-96C6-4D38-B698-805A745C5EBC}) (Version: 10.0.228.8 - StatSoft (Europe) GmbH)

STATNOVAPDF (novaPDF 7.1 printer) (HKLM\...\STATNOVAPDF_is1) (Version:  - Softland)

Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden

Stellar Phoenix PowerPoint Recovery (HKLM-x32\...\Stellar Phoenix PowerPoint Recovery_is1) (Version: 1.0.0.0 - Stellar Information Systems Ltd.)

StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )

Stundenplan v1.0 (HKLM-x32\...\Stundenplan_is1) (Version:  - Bastian Dornauf)

Surf & E-Mail-Stick (HKLM-x32\...\Surf & E-Mail-Stick) (Version: 16.001.06.02.35 - Huawei Technologies Co.,Ltd)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)

TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.15.11 - )

Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)

Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden

Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.07 - TOSHIBA)

TOSHIBA Benutzerhandbücher (HKLM-x32\...\{1C971EE3-B4C4-4367-9676-57549919C6CE}) (Version: 7.40 - TOSHIBA)

TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.23 - TOSHIBA Corporation)

TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 for x64 - TOSHIBA Corporation)

TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 2.50.0.11-AU - TOSHIBA Corporation)

TOSHIBA Extended Tiles for Windows Mobility Center (HKLM-x32\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version:  - )

TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 2.0.17.64 - TOSHIBA)

TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{E8B39B08-7FAB-48CC-89E9-37C5589E130C}) (Version:  - )

Toshiba Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.06.0000 - TOSHIBA)

TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.2 for x64 - TOSHIBA)

TOSHIBA Recovery Disk Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0017 - TOSHIBA)

TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{DF0853CA-A1D0-4169-8472-F2822C8FA1EB}) (Version:  - )

TOSHIBA TEMPRO (HKLM-x32\...\{3A9B3B6D-3C08-4283-AF50-FD82C49DD71E}) (Version: 3.34 - Toshiba Europe GmbH)

TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.2.28.64 - TOSHIBA Corporation)

TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

TRORDCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.6 - TOSHIBA)

TRORDCLauncher (x32 Version: 1.0.0.6 - TOSHIBA) Hidden

Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )

Universal Document Converter (Demo) (HKLM-x32\...\Universal Document Converter_is1) (Version: 5.2 - fCoder Group, Inc.)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

UPS Widget 2 (HKLM-x32\...\com.polythink.ups.wda.03EBA0C726630DF115D9764F9B83F5185396D811.1) (Version: 2.1.81 - ThinkDesktop LLC)

UPS Widget 2 (x32 Version: 2.1.81 - ThinkDesktop LLC) Hidden

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)

VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)

Vodafone Mobile Connect (HKLM-x32\...\{91252C0A-59F9-42F9-9181-B9CC74F592C0}) (Version: 9.4.10.24647 - Vodafone)

Vodafone Mobile Connect Lite (HKLM-x32\...\{B5761811-28F3-4257-B537-815C5EEF472C}) (Version: 3.1.2.104 - Vodafone)

Währungsumrechner (HKLM-x32\...\{5B0A0143-7ED2-4B68-A60B-9D92987DE5BD}) (Version: 1.0.1 - Stephan Muller)

WatchTVPro Essential Version 1.00 (HKLM-x32\...\WatchTVPro Essential_is1) (Version: 3.11 - Michael Hepp)

WEB.DE Online-Speicher 1.32.1.0 (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\WEB.DE Application {sync-000021}) (Version: 1.32.1.0 - 1&1 Mail & Media GmbH)

WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden

Wertpapieranalyse 2012 (HKLM-x32\...\{A7166A02-9745-4F19-BB16-A0CC1F3ABDB1}) (Version: 1.01.0006 - Haufe-Lexware GmbH & Co. KG)

Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

Windows-Treiberpaket - Chicony (usbvideo) Image  (05/12/2009 6.3.251.0512) (HKLM\...\4D0A78D60CE7E81C31D46CB92DBA41CCF993C9BD) (Version: 05/12/2009 6.3.251.0512 - Chicony)

Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.3.3.3 - Winload)

WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

WinSCP 5.1.7 (HKLM-x32\...\winscp3_is1) (Version: 5.1.7 - Martin Prikryl)

WinTimeKill 3.2 (HKLM-x32\...\{8667C09D-CD26-40BB-95F6-423272ACAA0A}_is1) (Version:  - Patrik Abend)

WISO Börse 2009 (HKLM-x32\...\{8596363E-8F5F-4693-BAA4-CC32973455D6}) (Version: 9.0.0.0 - Buhl Data Service GmbH)

WISO Mein Geld 2009 Professional (HKLM-x32\...\{44061C54-0775-4AE1-B433-79BCC6431817}) (Version: 10.01.0082 - Buhl Data Service GmbH)

WISO Mein Geld 2012 Professional (HKLM-x32\...\WISO Mein Geld 2012 Professional) (Version:  - Buhl Data Service GmbH)

WISO Mein Geld 2012 Professional (x32 Version: 14.0.1.18 - Buhl Data Service GmbH) Hidden
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{009EDA42-71E4-4C16-BB2E-578DC33BA491}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0274CF59-F6B1-474B-A138-51A810564926}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{063E01DE-C9E1-4809-A15F-B84F52E578D2}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0E5E5B83-A16D-4D15-AB45-7A0F8EECB0A5}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0F8B006E-892B-4863-982B-29FBE45536F9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{1D2BA6AE-3D89-4187-85CB-E5AF407887FF}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{1E78821A-BA30-4AA0-B7A6-670DC23459DA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{32B32854-7FEC-4816-B0BD-D053DE2B2918}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{43B3E546-36B7-48C9-9796-2C7574787A1C}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{4E285563-1863-4D93-805F-2D2FFCD4814F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{511B6700-19AE-4143-812F-1543B5E1C985}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{54614417-8AA4-4B1B-AA98-559FC054636D}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{5F67A6B4-1A03-4371-A8A1-BD3263A2C2EC}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{6DB72514-5DA2-4791-9B68-310FDEB85CC9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{6FBE247C-3300-4F44-B5E6-1AC33BF03995}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{7C3F44C4-07D3-418D-A3BA-C7F1A5EF1235}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{7FE2C97A-562F-4791-ABB1-7C02D18EEC59}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8790471D-FE4E-4FF5-A91F-0808F923BEB9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8951CFDD-B3F7-4F2D-AF61-FE2228347429}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8EB50499-42D6-456A-A1A7-4DC4BB4B0F5B}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{90E6DB72-4FBB-4F7A-9D36-3B56F3C4A517}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{90FC7BE4-DBEB-4CF4-828B-9AA72AE8FF74}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9221816B-AC34-4E7B-AE2F-4032653ECDDB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9962A902-9E84-45FA-B2E9-FC6CDD02674E}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9BDE95FF-99CA-413F-A4B4-2D1B21FC9EE8}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9D40216B-B7B9-4402-BF6A-D21FD70A6000}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{A607C93C-A6EF-4B55-B8F9-6CA2C10690E4}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{A83FBE75-11CB-49F5-B9D7-802782B81CCB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{AE86BB6A-EB9A-4A4A-B0A9-FBAE38CFFBC9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{B037D8DB-0736-46A4-AF2B-E902E59DDD54}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{B716B7B7-443C-4E2D-A4B1-29BEB5987FC1}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{BB1B99DE-B2EB-4561-880E-BFCD4438E657}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C1E8B9C9-A293-4813-B730-54F5972AEE5A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C28602FF-7932-4EE2-9315-B47E2C6E1ED3}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C8F19C62-21CD-428E-AA37-773DAA8917E5}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{CAADC8E8-5514-495E-9DAC-C53C3A8D503F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D04F500B-185A-4E3E-B82A-76509373F9AC}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D2B3ACC4-B475-4435-8AA7-DA83C7D86C7E}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D8CAEBA4-584C-43DF-8C0F-2F764E2B1BCB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{DDF489D3-8A13-4761-ABD7-FAF62A428252}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{DE119701-E35B-49BD-BB71-A51B2EE8B251}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E00AF38E-7813-4623-BBB2-9DB8323648DF}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E41726A5-6A44-4112-8C22-9658E343B903}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E6CED06A-26B6-455B-90C4-0EAFC522BC71}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E8FE3CF4-FDC0-41DD-9B2E-3E7750CA3990}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{EE4A1121-C3D3-464E-B86B-CE0AA5D6D948}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{F6D701F8-799E-432F-BF81-C90B53D73AFD}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{F911124F-7BE5-4977-9B72-DEB00CE30D04}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FAE7A96A-56C3-4ABF-A6C2-D5D78089A7D8}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {00A50F64-49EA-4E90-B353-DD359493C931} - System32\Tasks\{AA37AD7A-A892-46C2-B416-734ACEC8F226} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe

Task: {0B51DC78-6AB9-40B1-B476-1C87752223F8} - System32\Tasks\{D4789B5A-6DB4-44E9-A9ED-5AC6AF432DF7} => pcalua.exe -a "C:\Users\Chris\Downloads\Treiber - DA2 Hybrid\driver\yInstallTools.exe" -d "C:\Users\Chris\Downloads\Treiber - DA2 Hybrid\driver"

Task: {16F46E11-86F0-4CA1-ABFD-14FF70BAC4F9} - System32\Tasks\{FB826B21-F920-416A-8815-52AC2A56170B} => pcalua.exe -a C:\Users\Chris\Downloads\iview436_setup.exe -d C:\Users\Chris\Downloads

Task: {1AD9F8B0-5360-453D-9AD1-F251165E341D} - System32\Tasks\{7C18FACC-B665-4062-86F3-56F5668D95C8} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.)

Task: {2308EF6C-BB71-4AE7-92B9-64093BAA4F8D} - System32\Tasks\{B8A6E478-3AF8-46BD-8261-CB722F6903D3} => pcalua.exe -a C:\Users\Chris\Downloads\LiveUSBHelper.exe -d "C:\Program Files (x86)\Mozilla Firefox"

Task: {29BA79AF-3117-4068-B736-6ECF72F7BF56} - System32\Tasks\{BD8A5EF9-D2C1-4FCB-93A7-808176143B30} => pcalua.exe -a H:\Setup.exe -d H:\

Task: {35449C4F-B1E9-470D-8E2D-6826A9E9FBAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-15] (Adobe Systems Incorporated)

Task: {35ECE4F3-BC11-4315-933F-C18A85205DF1} - System32\Tasks\{6B21BEC5-D3AE-4354-80D2-764432510387} => pcalua.exe -a H:\Setup.exe -d H:\

Task: {43AD022A-2BB9-4FE2-818B-39D95CFE1827} - System32\Tasks\{68B17966-2F73-40C4-8B36-89087A972312} => pcalua.exe -a "C:\Program Files (x86)\MAGIX\MP3_Maker_16\unwise.exe"

Task: {52313735-3929-43EC-91CD-77FB0BD62FBE} - System32\Tasks\{3AF93069-6DC9-46EE-97A3-A591F702CA35} => pcalua.exe -a I:\boot\Porteus-installer-for-Windows.exe -d I:\boot

Task: {543369A4-C969-4838-B92D-2A7DC84EA3CA} - System32\Tasks\{0C1C7759-13FA-458D-8090-A6078AC5C98C} => pcalua.exe -a C:\Users\Chris\Downloads\Officejet6500E709a_ES_MJP1FN0935AR_GER.exe -d C:\Users\Chris\Downloads

Task: {5B7EFF43-D7BF-477E-8772-8D7C5C1BFBFA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000Core => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-04] (Dropbox, Inc.)

Task: {5C728041-8EC9-49D1-A954-327E77027CEE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {5DA7E1B4-84E0-4C01-BF11-964D2216F958} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {64FB3D25-1327-4F5A-BAFC-38156858BB45} - System32\Tasks\{DEBE6408-024E-4819-8D61-8410057B6AC2} => Firefox.exe hxxp://ui.skype.com/ui/0/7.8.0.102/de/abandoninstall?page=tsProgressBar

Task: {652A2DBE-83F4-423A-8EEC-5501B5B5DF19} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)

Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs

Task: {818E3FB0-85F8-4E77-8493-4817184891DF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {8601B210-24FA-4436-A263-15A5673BE8E9} - System32\Tasks\{BDB07A78-03B3-49A5-BD37-5175E8D7F861} => pcalua.exe -a "C:\Program Files (x86)\Universal Phonebook Editor\uninstall.exe" -d "C:\Program Files (x86)\Universal Phonebook Editor"

Task: {8827FA34-3070-421D-BB2F-572653596B85} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {93067070-B8A9-4C20-AAC0-11C374778F84} - System32\Tasks\{716937DF-D5A3-4046-8594-CCDA873196E5} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\2\SSM_Uninstall.exe

Task: {9B543991-FD98-4728-83CD-468052D2F1C9} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-09-03] (TOSHIBA CORPORATION)

Task: {9F9D8614-30C7-4873-AB4A-4D47282142FD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"]

Task: {A4E44E72-EF5C-41A1-B3C3-A60EDD61A7D9} - System32\Tasks\{8B7373D6-C48D-492C-8734-AF5087D2E2D5} => pcalua.exe -a C:\Users\Chris\Downloads\Samsung_PC_Studio_322_HK4.exe -d C:\Users\Chris\Downloads

Task: {A71F18D1-2CB9-4682-A5D8-BEEDEB44A63A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {A74E11CE-2F3E-4EF4-90C0-A21FEA0E5316} - System32\Tasks\{99CAA6B9-ACBA-4021-90BB-18A369274190} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\1\SS_Uninstall.exe

Task: {A90215A6-803C-40C1-9D04-2CBA3E518C80} - System32\Tasks\{4908698E-00E3-4059-B956-2F876C3A0468} => pcalua.exe -a "C:\Program Files (x86)\MAGIX\MP3_Maker_16\InstallLauncher.exe" -d "C:\Program Files (x86)\MAGIX\MP3_Maker_16"

Task: {AC11D051-7009-45E9-AB9A-AF149069458D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {BE35B1E0-8578-45C7-B0EE-EE6B4F3B86F4} - System32\Tasks\{9B33248F-F8DF-4A45-ABBB-8F53BBD07115} => pcalua.exe -a H:\VMCLiteSetup.exe -d H:\

Task: {C368FF83-A215-47DB-AAB8-4C2E43EDAB49} - System32\Tasks\{FAE26A1A-8FCC-41F2-A570-2FCF7D9A1C24} => pcalua.exe -a C:\Users\Chris\Downloads\AVM_FRITZ!_Mini_Assistent.exe -d "C:\Program Files (x86)\Mozilla Firefox"

Task: {C54E3770-6F3B-462A-AB96-EDBA234D8901} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000UA => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-04] (Dropbox, Inc.)

Task: {DBBDBC63-5585-4360-B96F-9FF11A80721E} - System32\Tasks\{F333CAB0-1196-4AE6-9CC5-5790870CA562} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\7\SSECUninstall.exe

Task: {E5B85FED-B082-42A8-80D8-0A448C829E79} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs

Task: {F3BB91A4-A792-4C1C-96B9-AEC4E69D4AD7} - System32\Tasks\{046C2D50-3619-4E16-9AB7-8FAAC3CB7CE3} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\6\SSBCUninstall.exe

Task: {FB973E15-0B31-4011-8CC5-4DF7055CB3A9} - System32\Tasks\{F16B9B92-3000-4D0A-A6C0-2897B7481825} => pcalua.exe -a C:\Users\Chris\Downloads\Statistikprogs\SPSS_Stats_trial_19_Language_win64.exe -d C:\Users\Chris\Downloads\Statistikprogs
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000Core.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000UA.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2014-09-21 15:01 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll

2006-12-04 02:26 - 2006-12-04 02:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll

2014-09-21 15:01 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll

2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2013-11-14 15:28 - 2013-11-14 15:28 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 00135680 _____ () C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 07553024 _____ () C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 01032704 _____ () C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll

2010-04-24 15:23 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll

2016-05-18 00:42 - 2016-05-18 00:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll

2009-07-16 16:27 - 2009-07-16 16:27 - 07244600 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll

2009-07-16 16:27 - 2009-07-16 16:27 - 00051512 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll

2009-04-06 14:17 - 2007-04-23 09:09 - 00016896 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll

2009-03-12 20:08 - 2009-03-12 20:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll

2009-07-25 18:38 - 2009-07-25 18:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00056832 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Utilities.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00009728 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Utilities.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00025088 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Common.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00009216 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientScan.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00021504 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerScan.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00010240 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerAccess.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00007168 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientAccess.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00007680 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.ShellExtension.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00013824 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.ShellExtension.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00014336 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Core.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00034304 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Common.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00017408 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.CrossCutting.DependenciesConfiguration.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00006144 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.CrossCutting.DependenciesConfiguration.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00029696 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerScan.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00082944 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Core.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00026112 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerAccess.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00025088 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientScan.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00020480 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientAccess.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00014336 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Migration.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00005120 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Migration.Contracts.dll

2010-03-14 23:17 - 2006-12-01 21:13 - 00520192 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe

2009-05-04 11:45 - 2009-05-04 11:45 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2010-01-24 15:21 - 2010-01-24 15:21 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2013-08-29 02:23 - 2013-08-29 02:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

2013-10-10 23:48 - 2013-10-10 23:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll

2013-02-18 19:52 - 2011-01-13 12:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney Business 5.0\ouservice\PATCHW32.dll

2008-03-25 15:45 - 2008-03-25 15:45 - 00111888 _____ () C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\UPnPStreamingDevice.dll

2016-08-25 18:23 - 2016-08-24 06:43 - 00035792 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd

2016-09-25 15:22 - 2016-08-24 06:43 - 00145864 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\pyexpat.pyd

2016-09-25 15:22 - 2016-08-24 06:43 - 00019408 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\faulthandler.pyd

2016-09-25 15:22 - 2016-08-24 06:43 - 00116688 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\pywintypes27.dll

2016-08-25 18:23 - 2016-08-24 06:43 - 00100296 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_ctypes.pyd

2016-08-25 18:23 - 2016-08-24 06:43 - 00018888 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\select.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00019760 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd

2016-08-25 18:23 - 2016-08-24 06:43 - 00694224 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\unicodedata.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00020816 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd

2016-08-25 18:23 - 2016-08-24 06:43 - 00123856 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 01682760 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00020808 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00105928 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32api.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00021312 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00052024 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00038696 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\fastpath.pyd

2016-09-25 15:22 - 2016-08-24 06:43 - 00392144 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\pythoncom27.dll

2016-09-25 15:22 - 2016-08-24 06:45 - 00020936 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\mmapfile.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00024528 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32event.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00116176 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32security.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00381752 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00124880 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32file.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00025424 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00024016 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32clipboard.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00175560 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32gui.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00030160 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32pipe.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00043472 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32process.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00048592 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32service.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00057808 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32evtlog.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00024016 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32profile.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00246592 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00026456 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00028616 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32ts.pyd

2016-08-25 18:23 - 2016-08-24 06:43 - 00144848 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_elementtree.pyd

2016-08-25 18:23 - 2016-08-24 06:44 - 00241104 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_jpegtran.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00023376 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00020800 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00019776 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00020800 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00020280 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00350152 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winxpgui.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00022352 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00024392 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd

2016-09-25 15:22 - 2016-08-24 06:41 - 00036296 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\librsync.dll

2016-09-25 15:22 - 2016-09-20 03:15 - 00084280 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL

2016-09-25 15:22 - 2016-09-20 03:15 - 01826096 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd

2016-08-25 18:23 - 2016-08-24 06:43 - 00083912 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\sip.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00531248 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 03928880 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 01972528 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00133424 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00224056 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00207672 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00020288 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00060880 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32print.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00024904 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00546096 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00357680 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00042808 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00168760 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd

2011-10-27 12:32 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

2013-08-29 02:25 - 2013-08-29 02:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27644631.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\58058682.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\B50EA66D.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27644631.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\58058682.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\B50EA66D.sys => ""="Driver"
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
 

127.0.0.1       localhost

::1             localhost
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.178.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{3B498F82-E6B1-4079-92C5-B809AAC1D572}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe

FirewallRules: [{94B915EA-362B-4182-B20B-23100E9775B0}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe

FirewallRules: [{CAC92C89-3768-4335-9C6B-A7D295780EFC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [TCP Query User{5862B42F-63CC-4FCE-87DE-6D182CADA2DB}C:\program files (x86)\mirandafusion\miranda32.exe] => (Allow) C:\program files (x86)\mirandafusion\miranda32.exe

FirewallRules: [UDP Query User{675CC335-508C-42F0-BD63-FC3E09F4CBC6}C:\program files (x86)\mirandafusion\miranda32.exe] => (Allow) C:\program files (x86)\mirandafusion\miranda32.exe

FirewallRules: [{08F2CAA4-9983-4293-AE11-2689ED92A48F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe

FirewallRules: [{F27EBA1D-F7BE-40D3-BB69-D39A17022BC5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe

FirewallRules: [{1BF0AC42-126D-423F-963E-93EFE7C661D1}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{6AEB7994-DF92-4248-A124-EB261430D800}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{3B65A749-CD90-4B76-9FD8-E1A470D71D4B}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{136DA2BF-1E6E-445F-97D2-9CB5B2840D1A}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{2910747F-5B2E-460F-9F34-BA3246D949C9}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe

FirewallRules: [{5363A111-4EDE-4891-AC7E-0D015D28895D}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe

FirewallRules: [TCP Query User{7F6BA431-5258-41BF-8D63-DF80F3260424}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe] => (Allow) C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe

FirewallRules: [UDP Query User{690E7D39-CF3D-429E-B10A-BF4076E8EDA9}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe] => (Allow) C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe

FirewallRules: [{48E308A4-4A33-4B4D-B409-9A750BA2AE3D}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe

FirewallRules: [{B1CB65F8-53D0-4332-85D7-C18030C1E031}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe

FirewallRules: [{1E598ADB-4672-464D-8CFF-7E03DA9F13DC}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{22A011A9-7A10-48D6-A8E9-8BE89975CB07}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{1D89CAFF-3E75-41D3-ACB8-D45FB8027E9E}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS7EB5\OJP8500vA909_Full_13\setup\hpznui40.exe

FirewallRules: [{1A649C83-F9BE-4E5A-9450-A4A4A0E8F71F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

FirewallRules: [{B45D410B-B5B8-4963-8D87-6703C9BA22F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe

FirewallRules: [{2576125D-A259-479F-9F1F-B51C18BA8CA1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe

FirewallRules: [{96BD5F29-C91E-433D-8402-8F0BE853EE2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe

FirewallRules: [{77F823DB-06D6-4B46-8796-01543187F1DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe

FirewallRules: [{E47379FC-AB92-45FF-A81B-3870E308C8ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe

FirewallRules: [{42415531-0267-4DE3-9880-B99D0335759C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe

FirewallRules: [{16CE3075-C5EC-4D6E-9EAA-321375004F53}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe

FirewallRules: [{9A851529-AB13-49B9-B55F-2B0B20E50608}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe

FirewallRules: [{E71B519F-8461-4139-A91D-0BB078DA1AEB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe

FirewallRules: [{A5261F2F-8A51-4EBA-B831-90C2497D104E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe

FirewallRules: [{79B3A7E0-DB58-4911-9A1B-EF427DBBBA07}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe

FirewallRules: [{4ABA3AED-1E9A-411F-BDA1-6E1D26094A28}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe

FirewallRules: [{EDFF2F88-E0E2-4ACC-A8AC-D78DEE47B9A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

FirewallRules: [{F6F3DB79-15B7-412A-A5E0-FEF89F62A25E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe

FirewallRules: [{AC4DD1C0-1F9C-426E-BE09-87F5FDB7BE32}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe

FirewallRules: [{1C46CD2B-6920-470A-B552-4D4FB64AD6B4}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe

FirewallRules: [{C52F9996-E769-46DE-B291-A571F2EED59D}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe

FirewallRules: [{18A64633-A0FD-4FEE-8048-23479432530E}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsasvr.exe

FirewallRules: [{F13DDCF2-D87A-4270-BC40-DF39B9737F92}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsasvr.exe

FirewallRules: [{E2F78DD6-0416-4462-952C-6525BD64E0D3}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsvsvr.exe

FirewallRules: [{897B6510-A049-4ADA-9A34-FCA7570CA349}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsvsvr.exe

FirewallRules: [TCP Query User{C0957462-D874-4CFE-B9FF-939A23E0895F}C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe] => (Allow) C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe

FirewallRules: [UDP Query User{84832C12-5F67-4DA1-96A6-E7271C9E86EA}C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe] => (Allow) C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe

FirewallRules: [{317F6EAF-DAE6-48CC-9459-66F5D064AEC9}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{CE59ED56-BACB-4E32-B1EC-86B10893995C}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{8DE56995-CF43-4A7C-B7EC-4A58E48CAA03}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{7A67C93A-579D-4291-A98F-FFDE9451746D}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{2251F733-A846-44F1-977A-F04290671BC0}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{53FFB021-B571-4665-A546-52FC18732C28}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{4AEB8EE4-30E1-419E-9580-43354951D894}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{FC856EBE-64D6-47C1-9DB3-8D7EBA294F87}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [TCP Query User{19FB4C61-3944-4D22-933E-250244D86492}C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [UDP Query User{518FC4E6-062A-4AD6-9B1A-EF8059953E1C}C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [{DBD7C753-EDFB-45CF-BC77-A1351EC61170}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{B1293262-7D44-4EF1-AB31-8B52CB544CDC}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [TCP Query User{F767CC0C-C7D0-4791-850F-A3356A56B7E2}C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [UDP Query User{2B084990-3ACF-458F-B0DB-1932EC24BF7D}C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [TCP Query User{5D60EF0A-EE93-4B63-81D6-4DCEFE77A9F7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [UDP Query User{30C1C709-5B78-4534-BEC6-D4EBC1CCD898}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [{D1DA0B4D-2339-4058-A8C3-10D0C45460F1}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\7JHG7237.HRK\NHAGXY99.J3W\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{DD573B4A-6D13-4B4E-9DBB-021537E258F7}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\7JHG7237.HRK\NHAGXY99.J3W\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C82B9940-5E0A-4A27-8137-6BD8A83091C9}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe

FirewallRules: [{5F49AD72-F25B-4513-85BB-7CF599F7A0EA}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe

FirewallRules: [{C6B96FDB-AE10-47B6-AE7D-72583B19B607}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{AE91007B-71DE-41C4-9273-574D43CF2AE0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{4B252877-FE68-453A-8B8F-23A46DB79183}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{32EBA946-2164-4AF6-B085-D6FF08F0A0B4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{42CC78F1-7688-4430-9DBC-2374EFA11063}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe

FirewallRules: [{F62742BB-A37E-45EE-B97A-6DB714E8D432}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe

FirewallRules: [{0A61605A-E08C-4522-A69C-8FAF391ADA13}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\app\StarMoney.exe

FirewallRules: [{0CCBFC81-E02D-40C7-87E3-3F7C68EFAADF}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\app\StarMoney.exe

FirewallRules: [{5515B9C1-9D15-43A9-B705-2E5A261ED0CE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{A17D7959-38F5-41E3-9A8A-76D68EEDD966}] => (Allow) LPort=9322

FirewallRules: [{FEED730F-E300-4876-9C09-E54E8CE36959}] => (Allow) LPort=5353

FirewallRules: [{3ED5535E-EEA6-4939-B2D6-AAE000594A84}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe

FirewallRules: [{AD0288E7-E19B-4BD6-B947-73650A4A8FB9}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe

FirewallRules: [{F3A50888-4C82-4041-8099-3BD96A501F01}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe

FirewallRules: [{AF045C17-1DED-4729-ABBF-EDADCE241E94}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe

FirewallRules: [{9AEDB208-87F5-475F-850E-F4DA21533FB5}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe

FirewallRules: [{CB055D33-611C-4211-B9D2-6F7BA5F11CFB}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe

FirewallRules: [{CFB76798-0A7B-4F6C-81A3-DD52CCFE2361}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe

FirewallRules: [{49B3388D-C506-4D9F-A83E-C8A887736E08}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe

FirewallRules: [{A01F5991-4282-4B5A-98F4-2D20C4DE1F09}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe

FirewallRules: [{699C2634-F7F9-4E0C-83B1-F310D8902114}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe

FirewallRules: [{EBBDF23B-A64B-4F29-8D46-DFB5E21D0D2B}] => (Allow) LPort=5353

FirewallRules: [{A291B612-7DC2-4053-A674-A3C3B4ED8EC0}] => (Allow) C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

FirewallRules: [{D2AA0C76-6289-47D6-BA0F-A80B8D9EA215}] => (Allow) C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

FirewallRules: [{17EF27AB-E32C-4F70-AD4A-BC86A4E3D948}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{A7838210-48DF-4EBA-816F-43623E865A61}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{3454E41E-FFEC-44F5-B2FD-93C9607D9857}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C7292A3B-75E5-4854-8710-A395D0C260FC}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C2266FDF-BB49-414C-BBB8-6E27A8494D25}] => (Allow) C:\Program Files (x86)\Audials\Audials 10\Audials.exe

FirewallRules: [{75669AE8-CF83-47CF-82A8-9B206B5AC6F2}] => (Allow) LPort=12972

FirewallRules: [{FF82941F-52CE-45B6-BAD9-C02906E318B0}] => (Allow) LPort=14714

FirewallRules: [{CFFA7C30-FFF6-41FD-B249-9D179FF3B52C}] => (Allow) LPort=31931

FirewallRules: [{FFD223BE-B88B-4DCF-99DE-A43294048B04}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{0914084C-55E9-49FA-BD8F-0821C6C913B9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{07EF2CD4-31E2-414D-B616-9D8F7920C6AC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{62B0B672-A97D-4A89-AE52-DE6A26A3CCDD}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS2647\HPDiagnosticCoreUI.exe

FirewallRules: [{8541EF87-6686-4D86-93D2-04DDC211080A}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS2647\HPDiagnosticCoreUI.exe

FirewallRules: [{7F0C0A55-4C81-402C-9C9E-0B56B431C240}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{FBECAA93-E1E4-424E-BDF2-E909FB0D3B2F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{73D50136-5336-4933-A9BC-776C6395BDE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{C4198AC7-1D25-4D37-AF12-89EEC95A2A85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{0F61DA1D-2D6E-4506-B7FC-2D2EF44DA553}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe] => (Block) C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe

FirewallRules: [UDP Query User{981DCC8F-5141-4750-8FA2-97A4C2CA5503}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe] => (Block) C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe

FirewallRules: [{C4EFDD36-4653-4823-924C-7D543C1398C4}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\ZW8JXE9N.63C\CC9667DP.LKQ\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{81C8BA49-2EA4-45EE-8A42-A080466925A8}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\ZW8JXE9N.63C\CC9667DP.LKQ\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{F6FD3182-F891-403C-920D-F65074490C6B}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\RPDH7O7A.KJ7\8VE1QDO5.TOE\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{F8F9E99D-1954-4ED4-86C4-9A1E73D36D9C}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\RPDH7O7A.KJ7\8VE1QDO5.TOE\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{63401765-166F-4BE5-B875-1C72F47F7B79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{14083FD7-70C5-43FA-94D0-2A337FFF2246}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{05F36E34-621A-4058-ABCD-CD0D046D953D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{F7D4BA75-E4C5-41D6-B709-550207B17F62}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 

==================== Wiederherstellungspunkte =========================
 
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: FRITZ!WLAN Repeater N/G  (192.168.178.32)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: FRITZ!WLAN Repeater N/G  (192.168.178.2)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: SN  (192.168.178.1)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: FRITZ!Box Fon WLAN 7320  (169.254.1.1)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (09/27/2016 10:38:17 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/27/2016 10:33:19 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/27/2016 10:22:17 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/27/2016 10:19:16 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm FRST64.exe, Version 25.9.2016.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 2bd0
 

Startzeit: 01d218fc51e1a9c6
 

Endzeit: 0
 

Anwendungspfad: C:\Users\Chris\Desktop\FRST64.exe
 

Berichts-ID: a813415a-84ef-11e6-be22-f71efed1b2bf
 

Error: (09/27/2016 10:13:15 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm FRST64.exe, Version 25.9.2016.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 2ac0
 

Startzeit: 01d218d562cee15a
 

Endzeit: 265
 

Anwendungspfad: C:\Users\Chris\Desktop\FRST64.exe
 

Berichts-ID:
 

Error: (09/27/2016 06:45:41 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/26/2016 10:17:26 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/26/2016 09:33:15 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/25/2016 11:15:25 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/14/2016 02:26:19 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 
 

Systemfehler:

=============

Error: (09/28/2016 02:41:31 AM) (Source: volsnap) (EventID: 36) (User: )

Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 

Error: (09/27/2016 10:42:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
 

Error: (09/27/2016 10:37:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 

{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}

 und APPID 

{344ED43D-D086-4961-86A6-1106F4ACAD9B}

 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
 

Error: (09/27/2016 10:37:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

StarOpen
 

Error: (09/27/2016 10:36:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 

Das System kann das angegebene Gerät nicht finden.
 

Error: (09/27/2016 10:36:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "chip 1-click download service" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
 

Error: (09/27/2016 10:36:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst chip 1-click download service erreicht.
 

Error: (09/27/2016 10:36:38 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (09/27/2016 10:36:38 PM) (Source: atikmdag) (EventID: 19468) (User: )

Description: CPLIB :: General - Invalid Parameter
 

Error: (09/27/2016 10:36:37 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 
 

CodeIntegrity:

===================================

  Date: 2015-07-12 11:10:18.113

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.856

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.713

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.515

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-05-09 11:12:09.232

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.216

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.185

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.138

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2010-01-23 20:37:58.912

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\KLIFX64\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2010-01-23 20:37:58.897

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\KLIFX64\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM)2 Duo CPU T9550 @ 2.66GHz

Prozentuale Nutzung des RAM: 52%

Installierter physikalischer RAM: 4060.85 MB

Verfügbarer physikalischer RAM: 1912.66 MB

Summe virtueller Speicher: 8119.91 MB

Verfügbarer virtueller Speicher: 5198.93 MB
 

==================== Laufwerke ================================
 

Drive c: (Windows7) (Fixed) (Total:232.42 GB) (Free:18.07 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

Drive d: () (Fixed) (Total:465.76 GB) (Free:0.46 GB) NTFS

Drive f: (Data) (Fixed) (Total:231.87 GB) (Free:1.81 GB) NTFS

Drive h: (desinfDATA) (Removable) (Total:1.59 GB) (Free:1.5 GB) FAT32
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BA938E8E)

Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)

Partition 2: (Active) - (Size=232.4 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (Size: 465.8 GB) (Disk ID: 553AFC2C)

Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (Size: 7.7 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

M-K-D-B

28.09.2016 14:48

Servus,

Zitat:

Zitat von CChris (Beitrag 1612609)

FRST.exe scheint beim ersten Schritt abgeschmiert zu sein. Und zwar beim Löschen der temporären Dateien in \Firefox\Profiles.

Nein, FRST ist nicht abgeschmiert. Du hattest nur dermaßen viele temporäre Dateien in Firefox, dass FRST da einfach länger braucht, hab ich schon zig mal auf verschiedenen Rechnern gesehen.
Du hättest halt ein wenig Geduld mitbringen müssen... :zunge: So ein Entfernungsprozess kann schon mal einige Minuten dauern. :D

wir entfernen die letzten Reste und kontrollieren nochmal alles. :)

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

start

CloseProcesses:

C:\Users\Chris\AppData\LocalLow\Winload

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94447F21-6011-415C-AF5D-9190AB751056}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D2C7A351-949D-4378-A172-163979F1F621}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF722F44-BC22-436B-8B36-D7B4872A5FD7}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{D2C7A351-949D-4378-A172-163979F1F621}

CMD: FOR /D %a IN ("%PROGRAMFILES%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\{????????-????-????-????-????????????}.bin" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%PROGRAMFILES%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\def.bin" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%ProgramW6432%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\{????????-????-????-????-????????????}.bin" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%ProgramW6432%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\def.bin" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\{????????-????-????-????-????????????}.xpi" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\c????????????????????????????????rx" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\x????????????????????????????????ml" rd /s/q "%a" >nul 2>&1 )

CMD: dir "%ProgramFiles%"

CMD: dir "%ProgramFiles(x86)%"

RemoveProxy:

CMD: ipconfig /flushdns

CMD: netsh winsock reset

EmptyTemp:

end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

CChris

28.09.2016 21:17

Hallo Matthias,

da hast Du Recht, mich hatte die Datenmenge von den temporären Dateien auch erschreckt. Endlich mal wieder Platz auf der Festplatte. Im Fenster stand aber auch "(ohne Rückmeldung)" und es war eher im Stunden- als im Minutenbereich. ;-)

Mal vorweg schon ein, zwei Fragen:

Kann ich die übrig gebliebenen in .VIRUS umbenannten Dateien (von Desinfec't) wieder umbenennen? An der Outlook.pst hänge ich besonders.
Würde gerne abschließend Kaspersky Total Security nochmal sauber neu installieren. Da sind sicherlich noch Reste von Pure und Testversionen drauf. Hast Du da noch Tipps? Ggf. auch für ne Kaspersky-Alternative nach Lizenzablauf. Hat ja leider doch Einiges durchgelassen und den Firehooker auch nicht in den Griff bekommen.
Was könnte der Trojaner angerichtet haben? Spionage? Gibts noch offene Tore oder Dateien gelöscht/unbrauchbar gemacht?...
Was wurde jetzt eigentlich so alles gelöscht im Rahmen der Bereinigung? Muss ich da was vermissen oder können Probleme auftreten? Z.B. diese oben erwähnte Proxy-Meldung vom FF?

Windows Update hatte zuletzt nicht mehr ordentlich funktioniert. Hatte versucht ein über Chip.de aktualisiertes Update-Paket zu installieren, um mal wieder auf aktuellem Stand zu sein. Leider ohne Erfolg. Tipps?

Nachfolgend schon mal den ersten Log: Kaspersky deaktiviert, MBAM aktiv.

Fixlog.txt

Code:



Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-09-2016

durchgeführt von Chris (28-09-2016 16:54:35) Run:4

Gestartet von C:\Users\Chris\Desktop

Geladene Profile: Chris (Verfügbare Profile: Chris & Gast)

Start-Modus: Normal

==============================================
 

fixlist Inhalt:

*****************

start

CloseProcesses:

C:\Users\Chris\AppData\LocalLow\Winload

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94447F21-6011-415C-AF5D-9190AB751056}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D2C7A351-949D-4378-A172-163979F1F621}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF722F44-BC22-436B-8B36-D7B4872A5FD7}

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar

DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{D2C7A351-949D-4378-A172-163979F1F621}

CMD: FOR /D %a IN ("%PROGRAMFILES%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\{????????-????-????-????-????????????}.bin" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%PROGRAMFILES%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\def.bin" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%ProgramW6432%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\{????????-????-????-????-????????????}.bin" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%ProgramW6432%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\def.bin" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\{????????-????-????-????-????????????}.xpi" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\c????????????????????????????????rx" rd /s/q "%a" >nul 2>&1 )

CMD: FOR /D %a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\x????????????????????????????????ml" rd /s/q "%a" >nul 2>&1 )

CMD: dir "%ProgramFiles%"

CMD: dir "%ProgramFiles(x86)%"

RemoveProxy:

CMD: ipconfig /flushdns

CMD: netsh winsock reset

EmptyTemp:

end

         

*****************
 

Prozess erfolgreich geschlossen.

C:\Users\Chris\AppData\LocalLow\Winload => erfolgreich verschoben

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C} => Schlüssel erfolgreich entfernt

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94447F21-6011-415C-AF5D-9190AB751056} => Schlüssel erfolgreich entfernt

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{CD5AF0CD-2C12-4EA0-9A82-94B88F0A028C} => Schlüssel nicht gefunden. 

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7} => Schlüssel erfolgreich entfernt

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D2C7A351-949D-4378-A172-163979F1F621} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D2C7A351-949D-4378-A172-163979F1F621} => Schlüssel erfolgreich entfernt

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF722F44-BC22-436B-8B36-D7B4872A5FD7} => Schlüssel erfolgreich entfernt

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar => Schlüssel erfolgreich entfernt

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{D2C7A351-949D-4378-A172-163979F1F621} => Schlüssel nicht gefunden. 
 

========= FOR /D %a IN ("%PROGRAMFILES%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\{????????-????-????-????-????????????}.bin" rd /s/q "%a" >nul 2>&1 ) =========
 
 

========= Ende von CMD: =========
 
 

========= FOR /D %a IN ("%PROGRAMFILES%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\def.bin" rd /s/q "%a" >nul 2>&1 ) =========
 
 

========= Ende von CMD: =========
 
 

========= FOR /D %a IN ("%ProgramW6432%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\{????????-????-????-????-????????????}.bin" rd /s/q "%a" >nul 2>&1 ) =========
 
 

========= Ende von CMD: =========
 
 

========= FOR /D %a IN ("%ProgramW6432%\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\def.bin" rd /s/q "%a" >nul 2>&1 ) =========
 
 

========= Ende von CMD: =========
 
 

========= FOR /D %a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\{????????-????-????-????-????????????}.xpi" rd /s/q "%a" >nul 2>&1 ) =========
 
 

========= Ende von CMD: =========
 
 

========= FOR /D %a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\c????????????????????????????????rx" rd /s/q "%a" >nul 2>&1 ) =========
 
 

========= Ende von CMD: =========
 
 

========= FOR /D %a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%a\x????????????????????????????????ml" rd /s/q "%a" >nul 2>&1 ) =========
 
 

========= Ende von CMD: =========
 
 

========= dir "%ProgramFiles%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Program Files
 

26.09.2016  21:58    <DIR>          .

26.09.2016  21:58    <DIR>          ..

23.04.2011  13:09    <DIR>          7-Zip

24.01.2010  05:26    <DIR>          Apoint2K

24.01.2010  05:31    <DIR>          ATI

02.06.2014  17:34    <DIR>          Canon

13.09.2015  19:25    <DIR>          Common Files

24.01.2010  05:31    <DIR>          CONEXANT

24.01.2010  15:21    <DIR>          DIFX

04.12.2013  21:07    <DIR>          DivX

21.06.2011  12:02    <DIR>          DVD Maker

16.10.2013  13:35    <DIR>          GIMP 2

22.06.2015  21:30    <DIR>          Internet Explorer

20.12.2014  18:31    <DIR>          Java

01.02.2013  14:02    <DIR>          Logitech

04.06.2011  00:21    <DIR>          maxdome

24.01.2010  05:31    <DIR>          Microsoft Games

19.03.2015  12:12    <DIR>          Microsoft Mouse and Keyboard Center

25.01.2010  23:41    <DIR>          Microsoft Office

27.06.2016  08:16    <DIR>          Microsoft Silverlight

14.07.2009  07:32    <DIR>          MSBuild

07.09.2016  19:05    <DIR>          Paragon Software

04.09.2011  13:48    <DIR>          PlayReady

14.07.2009  07:32    <DIR>          Reference Assemblies

24.01.2010  15:28    <DIR>          Toshiba

24.01.2010  05:31    <DIR>          Windows Calendar

24.01.2010  05:31    <DIR>          Windows Collaboration

18.03.2015  15:55    <DIR>          Windows Defender

22.06.2015  21:30    <DIR>          Windows Journal

21.06.2011  12:02    <DIR>          Windows Mail

22.06.2015  21:30    <DIR>          Windows Media Player

24.01.2010  06:27    <DIR>          Windows NT

24.01.2010  05:31    <DIR>          Windows Photo Gallery

21.06.2011  12:02    <DIR>          Windows Photo Viewer

21.06.2011  12:02    <DIR>          Windows Portable Devices

21.06.2011  12:02    <DIR>          Windows Sidebar

24.04.2010  15:24    <DIR>          WinRAR

15.10.2015  09:51    <DIR>          {08182E2D-B449-4D76-A8B3-A36FF9A8CE4E}

03.07.2016  16:37    <DIR>          {0BA15EA7-137E-47DE-9952-536F0754F5C6}

26.09.2016  21:58    <DIR>          {16916AFE-57EE-48FB-AD4A-6A0BA8760DBD}

16.01.2016  18:20    <DIR>          {2E581B0F-78F6-46EC-963C-74734453F68B}

24.09.2016  20:34    <DIR>          {59DC0B16-6721-47A2-8A18-638F86DE577B}

15.03.2016  12:13    <DIR>          {5DE52103-CB18-4C18-9731-CA12C6608B4E}

27.06.2016  08:45    <DIR>          {6898554C-783C-4ABE-BB8A-0D19E0BBD00E}

24.06.2016  17:18    <DIR>          {7F691B94-EC20-4AB1-B359-65F7E779A79A}

18.04.2016  17:31    <DIR>          {846F4C8A-F6AD-4D76-803E-FA53E52E7B77}

01.04.2016  10:48    <DIR>          {A8AB7588-B27F-4596-8EBA-B7BCEF12A0C1}

22.06.2016  18:34    <DIR>          {C424C90C-BE90-4C5A-B85C-A058A6CFD745}

10.09.2016  16:25    <DIR>          {CACC03DD-9A08-4DDD-835C-48048033E61E}

28.10.2015  22:25    <DIR>          {D7139FD5-6BBD-4CBF-8C21-770ED5ECB337}

15.08.2016  09:17    <DIR>          {ECA3C7D6-410D-4C8C-97D0-99041876CB1E}

12.11.2015  09:26    <DIR>          {F1F8D207-809B-4951-821A-9AFC3E8EF560}

19.08.2016  20:08    <DIR>          {F7F09E8D-C722-4D76-8582-F88D0B42ADCE}

               0 Datei(en),              0 Bytes

              53 Verzeichnis(se), 19.151.687.680 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%ProgramFiles(x86)%" =========
 

 Datentr„ger in Laufwerk C: ist Windows7

 Volumeseriennummer: 3C2E-2A99
 

 Verzeichnis von C:\Program Files (x86)
 

28.09.2016  16:50    <DIR>          .

28.09.2016  16:50    <DIR>          ..

24.01.2010  05:31    <DIR>          Activation Assistant for the 2007 Microsoft Office suites

07.11.2015  09:53    <DIR>          Adobe

31.03.2013  02:15    <DIR>          AKVIS

29.09.2010  00:08    <DIR>          Amazon

24.01.2010  15:20    <DIR>          ATI Technologies

27.05.2013  20:41    <DIR>          Audials

24.09.2016  19:41    <DIR>          Auktionatrix

05.08.2011  21:57    <DIR>          Avery

26.07.2015  19:41    <DIR>          AVG

03.12.2012  21:58    <DIR>          Brother

17.11.2011  02:12    <DIR>          Buhl

23.11.2011  22:51    <DIR>          Business Objects

24.01.2010  15:21    <DIR>          Camera Assistant Software for Toshiba

02.06.2014  17:41    <DIR>          Canon

09.08.2016  00:07    <DIR>          Chip Digital GmbH

04.09.2014  14:45    <DIR>          Cisco

28.05.2016  16:54    <DIR>          Common Files

08.05.2011  14:03    <DIR>          COMPELSON Labs

09.05.2011  14:40    <DIR>          Compiled Driver Disc (Full)

08.05.2011  15:42    <DIR>          Compiled Driver Disk (Samsung)

04.12.2013  21:08    <DIR>          DivX

18.12.2015  19:31    <DIR>          DVDVideoSoft

14.02.2011  16:49    <DIR>          Elaborate Bytes

26.07.2010  23:46    <DIR>          EpsonNet

09.01.2012  18:30    <DIR>          Equip

09.01.2012  17:51    <DIR>          EQUIP CAPI

30.07.2010  19:58    <DIR>          FileZilla FTP Client

24.09.2016  19:57    <DIR>          fotokasten comfort

18.12.2015  19:30    <DIR>          FreeCodecPack

02.02.2010  20:05    <DIR>          FreeCommander

17.06.2010  11:05    <DIR>          FTD.de

03.06.2015  21:20    <DIR>          Google

18.05.2011  21:23    <DIR>          grafstat4

25.11.2013  21:50    <DIR>          HP

20.06.2014  02:37    <DIR>          HTC

27.11.2013  13:29    <DIR>          Inforall

24.01.2010  05:32    <DIR>          Intel

22.06.2015  21:30    <DIR>          Internet Explorer

24.01.2010  05:32    <DIR>          InterVideo

14.01.2012  19:46    <DIR>          IrfanView

01.05.2016  15:46    <DIR>          Java

06.02.2013  20:49    <DIR>          JDownloader

28.05.2016  16:54    <DIR>          Kaspersky Lab

13.06.2013  20:25    <DIR>          kleiner_brauhelfer

29.10.2012  10:23    <DIR>          Kodak

29.10.2012  18:20    <DIR>          Kroll Ontrack

02.12.2011  01:46    <DIR>          Lexware

02.02.2010  22:49    <DIR>          Lottoschein-Check

17.05.2013  23:31    <DIR>          MAGIX

26.09.2016  22:33    <DIR>          Malwarebytes Anti-Malware

24.01.2010  15:25    <DIR>          Marvell

18.03.2015  20:21    <DIR>          Microsoft

18.03.2015  13:06    <DIR>          Microsoft Office

24.01.2010  05:33    <DIR>          Microsoft Office Communicator

27.06.2016  08:16    <DIR>          Microsoft Silverlight

25.01.2010  23:47    <DIR>          Microsoft Visual Studio

25.01.2010  23:41    <DIR>          Microsoft Visual Studio 8

18.03.2015  12:37    <DIR>          Microsoft Works

16.11.2010  09:49    <DIR>          Microsoft.NET

27.06.2015  15:17    <DIR>          Mighty Uninstaller

12.07.2015  14:55    <DIR>          MiniTool Partition Wizard Free 9.0

30.01.2010  14:20    <DIR>          MirandaFusion

09.04.2011  19:38    <DIR>          Mobile Master

09.05.2011  14:31    <DIR>          MOBILedit!

24.04.2011  14:46    <DIR>          MOBILedit! PhoneCopier

24.09.2016  19:57    <DIR>          moneyplex

18.01.2015  12:44    <DIR>          MozBackup

12.07.2015  11:39    <DIR>          Mozilla Firefox

11.07.2015  17:57    <DIR>          Mozilla Maintenance Service

25.01.2010  23:47    <DIR>          MSBuild

11.04.2013  13:21    <DIR>          MSECache

30.05.2011  23:15    <DIR>          MSXML 4.0

04.06.2012  14:00    <DIR>          NAVIGON

24.01.2010  05:33    <DIR>          NetWaiting

09.07.2012  20:12    <DIR>          Nitro PDF

09.08.2016  00:08    <DIR>          Notepad++

04.05.2010  00:11    <DIR>          Numus Auto Disk Builder and Burner

24.01.2010  15:26    <DIR>          O2Micro Flash Memory Card Driver

07.10.2013  20:32    <DIR>          OCSetup

20.11.2015  17:17    <DIR>          PDF24

12.12.2012  22:59    <DIR>          Pinnacle

28.05.2011  18:59    <DIR>          PSPP

13.03.2011  18:25    <DIR>          QuickTime Alternative

03.04.2014  18:45    <DIR>          RasWin

14.07.2009  07:32    <DIR>          Reference Assemblies

10.06.2014  15:31    <DIR>          RG eBook

09.05.2010  13:51    <DIR>          SAMSUNG

14.07.2015  17:41    <DIR>          SecuBrowser

16.12.2010  18:46    <DIR>          simfy VZ edition

06.04.2015  20:13    <DIR>          Skype

19.06.2014  22:39    <DIR>          Spirent Communications

13.04.2014  10:37    <DIR>          StarMoney Business 5.0

18.03.2010  20:51    <DIR>          StarPrint Limited

30.05.2011  16:48    <DIR>          StatSoft

25.08.2011  22:59    <DIR>          Stellar Phoenix PowerPoint Recovery

20.10.2013  22:44    <DIR>          StreamTransport

15.11.2012  14:17    <DIR>          Stundenplan

24.09.2016  20:38    <DIR>          Surf & E-Mail-Stick

08.10.2011  13:14    <DIR>          Switcher

12.02.2014  10:19    <DIR>          Synology

16.08.2016  11:12    <DIR>          TeamViewer

27.03.2010  21:25    <DIR>          TerraTec

31.12.2015  17:22    <DIR>          Tinypic

24.01.2010  15:11    <DIR>          Toshiba

26.03.2011  22:09    <DIR>          Toshiba TEMPRO

24.01.2010  05:34    <DIR>          Ulead Systems

04.05.2011  12:41    <DIR>          Universal Document Converter

30.07.2010  13:47    <DIR>          UPS Widget

09.05.2011  11:06    <DIR>          Verbindungsassistent

15.05.2010  15:20    <DIR>          VideoLAN

23.03.2012  11:28    <DIR>          Vodafone

10.08.2012  19:32    <DIR>          WatchTVPro Essential

02.12.2011  01:45    <DIR>          Wertpapieranalyse 2012

16.10.2013  12:56    <DIR>          Winamp

24.01.2010  05:34    <DIR>          Windows Calendar

21.01.2008  05:09    <DIR>          Windows Collaboration

18.03.2015  15:55    <DIR>          Windows Defender

21.06.2011  12:02    <DIR>          Windows Mail

24.01.2010  05:34    <DIR>          Windows Media Components

22.06.2015  21:30    <DIR>          Windows Media Player

14.07.2009  07:32    <DIR>          Windows NT

24.01.2010  05:34    <DIR>          Windows Photo Gallery

21.06.2011  12:02    <DIR>          Windows Photo Viewer

21.06.2011  12:02    <DIR>          Windows Portable Devices

21.06.2011  12:02    <DIR>          Windows Sidebar

27.11.2013  13:59    <DIR>          WinSCP

02.02.2010  00:46    <DIR>          WinTimeKill

04.05.2010  00:10    <DIR>          Xenocode

28.10.2015  22:25    <DIR>          {01615F43-3647-4928-8CB4-0B7F4F940DEA}

16.08.2015  14:20    <DIR>          {0F4AA5F5-B1C3-4A4E-B8BB-814F3FAAA4CA}

23.06.2016  05:07    <DIR>          {21FFFEFC-5DD2-4991-9B43-509D22668380}

29.06.2016  11:05    <DIR>          {34200A20-0B27-4742-B4A2-009E0EC4DA7E}

24.06.2016  17:18    <DIR>          {71834002-D354-430D-8859-FA657575900E}

28.11.2015  15:27    <DIR>          {7DD2579A-B226-4D61-BAA6-01947EBECE7D}

               0 Datei(en),              0 Bytes

             136 Verzeichnis(se), 19.151.679.488 Bytes frei
 

========= Ende von CMD: =========
 
 

========= RemoveProxy: =========
 

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
 
 

========= Ende von RemoveProxy: =========
 
 

========= ipconfig /flushdns =========
 
 

Windows-IP-Konfiguration
 

Der DNS-Aufl”sungscache wurde geleert.
 

========= Ende von CMD: =========
 
 

========= netsh winsock reset =========
 
 

Der Winsock-Katalog wurde zurckgesetzt.

Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
 
 

========= Ende von CMD: =========
 
 

=========== EmptyTemp: ==========
 

BITS transfer queue => 8388608 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4509996 B

Java, Flash, Steam htmlcache => 1837 B

Windows/system/drivers => 7335554 B

Edge => 0 B

Chrome => 0 B

Firefox => 198958161 B

Opera => 0 B
 

Temp, IE cache, history, cookies, recent:

Default => 0 B

Public => 0 B

ProgramData => 0 B

systemprofile => 128 B

systemprofile32 => 128 B

LocalService => 0 B

NetworkService => 1886 B

Chris => 3193111 B

Admin => 0 B

Gast => 0 B
 

RecycleBin => 0 B

EmptyTemp: => 212.1 MB temporäre Dateien entfernt.
 

================================
 
 

Das System musste neu gestartet werden.
 

==== Ende von Fixlog 16:56:41 ====

Eset läuft schon, melde mich wieder. Vielen Dank soweit schon mal! :daumenhoc

Eset log

Code:



ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=8650c8cc6b09da4f96692f8a3dfe1c74

# end=init

# utc_time=2016-09-28 03:12:34

# local_time=2016-09-28 05:12:34 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.1.7601 NT Service Pack 1

Update Init

Update Download

Update Finalize

Updated modules version: 30899

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=8650c8cc6b09da4f96692f8a3dfe1c74

# end=updated

# utc_time=2016-09-28 03:19:08

# local_time=2016-09-28 05:19:08 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.1.7601 NT Service Pack 1

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=8650c8cc6b09da4f96692f8a3dfe1c74

# engine=30899

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2016-09-28 07:49:16

# local_time=2016-09-28 09:49:16 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1='Kaspersky Total Security'

# compatibility_mode=1304 16777213 100 100 17416 39314408 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 0 226722006 0 0

# scanned=520941

# found=14

# cleaned=0

# scan_time=16208

sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\cuvzfkqdkzggfatypckpkxifwkwebebw\ConduitEngine.dll"

sh=5CA319EBA10412E2FF4A47FD20624385C11A0C2A ft=1 fh=8ad6e907be4811df vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kpbhldxnsugcosehekxyufggbdsraudi\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.VIRUS"

sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\tkzxhyjfrecpvylopaetnzcomammasvv\ConduitEngine.dll"

sh=4CBEA1ADF328E3DAF17DE451C4DEDB9FF17DEA43 ft=1 fh=0527b0215a5e6faa vn="Variante von Win32/Toolbar.Conduit.AR evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\tkzxhyjfrecpvylopaetnzcomammasvv\ConduitEngineUninstall.exe"

sh=685D65CCD52FD9D90C402CF9026344267E8B6FD9 ft=1 fh=532da5564656d18c vn="Variante von Win32/Toolbar.Conduit.AQ evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\tkzxhyjfrecpvylopaetnzcomammasvv\prxConduitEngine.dll"

sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Chris\AppData\LocalLow\Winload\tbWinl.dll"

sh=7513AB7A813C4F3DB55BEE384C086C7723BB8004 ft=1 fh=516f82df92e2c0cb vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Chris\AppData\Roaming\Mozilla\Backup Firefox Jan 2015\Profiles\464scs16.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ctypes\FirefoxCtype.dll"

sh=78DD7AEAAF8482BE982DBB8DB602779CDDC9306D ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Chris\Documents\Firefox 35.0 (x86 de) - 2015-01-18.pcv"

sh=600CA83100183228A3D9D31EA35531E7D5900B57 ft=1 fh=434d5ca1cbd53efa vn="Win32/Toolbar.Conduit.S evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Chris\Downloads\FreeStudio.exe.VIRUS"

sh=72EAFCCC9560913E74953DBD6DA6D8BBC3D5A77B ft=0 fh=0000000000000000 vn="Win32/Packed.Autoit.E.Gen verdÃ¤chtige Datei" ac=I fn="C:\Users\Chris\Downloads\FritzRePass1.20-U3.zip"

sh=0529D30F5BD103C9EB211BB2D1B2EF6DE0801495 ft=1 fh=d4e1299eb20e536d vn="Win32/RegistryBooster evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Chris\Downloads\registrybooster.exe.VIRUS"

sh=BB58078BCE84628C521DDB8193C8329CEA63C807 ft=1 fh=c8a81f66132630fa vn="Win32/Packed.Autoit.E.Gen verdÃ¤chtige Datei" ac=I fn="C:\Users\Chris\Downloads\FritzRePass1.20-U3\FritzRePass+U3\Portable\FritzRePass.exe"

sh=98C4AD085AB31A08A196D51B9A9A2F7196F08898 ft=1 fh=bcd07129a3d89530 vn="Win32/Packed.Autoit.E.Gen verdÃ¤chtige Datei" ac=I fn="C:\Users\Chris\Downloads\FritzRePass1.20-U3\FritzRePass+U3\U3\FritzRePassU3.exe"

sh=7513AB7A813C4F3DB55BEE384C086C7723BB8004 ft=1 fh=516f82df92e2c0cb vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\Backup firefox jan 2015\Profiles\464scs16.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ctypes\FirefoxCtype.dll"

M-K-D-B

28.09.2016 21:34

Servus,

fehlen noch HitmanPro und FRST bevor wir weitermachen können... :) :daumenhoc

CChris

29.09.2016 00:12

Hitman Log

Code:


 

        Code:


        
HitmanPro 3.7.14.280

www.hitmanpro.com
 

   Computer name . . . . : CHRIS-PC

   Windows . . . . . . . : 6.1.1.7601.X64/2

   User name . . . . . . : Chris-PC\Chris

   UAC . . . . . . . . . : Disabled

   License . . . . . . . : Free
 

   Scan date . . . . . . : 2016-09-28 22:15:32

   Scan mode . . . . . . : Normal

   Scan duration . . . . : 18m 12s

   Disk access mode  . . : Direct disk access (SRB)

   Cloud . . . . . . . . : Internet

   Reboot  . . . . . . . : No
 

   Threats . . . . . . . : 1

   Traces  . . . . . . . : 10
 

   Objects scanned . . . : 2.661.947

   Files scanned . . . . : 107.694

   Remnants scanned  . . : 724.116 files / 1.830.137 keys
 

Malware _____________________________________________________________________
 

   C:\Users\Chris\Downloads\MAGIX-MP3-Maker-Setup.exe

      Size . . . . . . . : 1.284.617 bytes

      Age  . . . . . . . : 1796.9 days (2011-10-28 23:27:05)

      Entropy  . . . . . : 7.9

      SHA-256  . . . . . : 28EBB094295706426B77EA176A185FE98454D13556DC432BCBA490E7A7985769

    > HitmanPro  . . . . : Mal/Behav-016

      Fuzzy  . . . . . . : 114.0
 
 

Suspicious files ____________________________________________________________
 

   C:\Users\Chris\Desktop\FRST-OlderVersion\FRST64.exe

      Size . . . . . . . : 2.403.328 bytes

      Age  . . . . . . . : 1.5 days (2016-09-27 11:00:50)

      Entropy  . . . . . : 7.6

      SHA-256  . . . . . : 914417D6B5AF30F6B3E538834D80DB5F48F6E630AC16B39BD87CC65BD8663990

      Needs elevation  . : Yes

      Fuzzy  . . . . . . : 24.0

         Program has no publisher information but prompts the user for permission elevation.

         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

         Authors name is missing in version info. This is not common to most programs.

         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

         Time indicates that the file appeared recently on this computer.
 

   C:\Users\Chris\Desktop\FRST64.exe

      Size . . . . . . . : 2.404.352 bytes

      Age  . . . . . . . : 0.2 days (2016-09-28 16:54:20)

      Entropy  . . . . . : 7.6

      SHA-256  . . . . . : 003671152E9C80D316767EC62EFA9A34F8F282CC80E338F13246262E5F9C529C

      Needs elevation  . : Yes

      Fuzzy  . . . . . . : 24.0

         Program has no publisher information but prompts the user for permission elevation.

         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

         Authors name is missing in version info. This is not common to most programs.

         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

         Time indicates that the file appeared recently on this computer.

      References

         HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Chris\Desktop\FRST64.exe

      Forensic Cluster

          0.0s C:\Users\Chris\Desktop\FRST64.exe

          3.6s C:\Users\Chris\Desktop\FRST-OlderVersion\
 

   C:\Users\Chris\Downloads\FRST-OlderVersion\FRST64.exe

      Size . . . . . . . : 2.402.816 bytes

      Age  . . . . . . . : 14.3 days (2016-09-14 15:23:42)

      Entropy  . . . . . : 7.6

      SHA-256  . . . . . : EDE8A29D9DECB62C4DDC853B9584C74AAD20E3FFCA13CAAAF1908A0ABE623224

      Needs elevation  . : Yes

      Fuzzy  . . . . . . : 23.0

         Program has no publisher information but prompts the user for permission elevation.

         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

         Authors name is missing in version info. This is not common to most programs.

         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

         Time indicates that the file appeared recently on this computer.
 

   C:\Users\Chris\Downloads\FRST64.exe

      Size . . . . . . . : 2.403.328 bytes

      Age  . . . . . . . : 1.5 days (2016-09-27 11:00:29)

      Entropy  . . . . . : 7.6

      SHA-256  . . . . . : 914417D6B5AF30F6B3E538834D80DB5F48F6E630AC16B39BD87CC65BD8663990

      Needs elevation  . : Yes

      Fuzzy  . . . . . . : 24.0

         Program has no publisher information but prompts the user for permission elevation.

         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

         Authors name is missing in version info. This is not common to most programs.

         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

         Time indicates that the file appeared recently on this computer.

      Forensic Cluster

          0.0s C:\Users\Chris\Downloads\FRST64.exe

          2.2s C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf

          6.8s C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf
 
 

Potential Unwanted Programs _________________________________________________
 

   HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo)

   HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ (Yontoo)

   HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}\ (PCSpeedUp)

   HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}\ (PCSpeedUp)

FRST.txt

FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-09-2016

durchgeführt von Chris (Administrator) auf CHRIS-PC (29-09-2016 01:00:58)

Gestartet von C:\Users\Chris\Desktop

Geladene Profile: Chris & Gast (Verfügbare Profile: Chris & Gast)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(AMD) C:\Windows\System32\atieclxx.exe

(brother Industries Ltd) C:\Windows\SysWOW64\brsvc01a.exe

(brother Industries Ltd) C:\Windows\SysWOW64\brss01a.exe

(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

(O2Micro International) C:\Windows\System32\drivers\o2flash.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

(market maker Software AG) C:\Program Files (x86)\Buhl\WISO Börse 2009\bin\watchdog.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Toshiba) C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\SmoothView\SmoothView.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

(TOSHIBA Corporation.) C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe

(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe

(Logitech Inc.) C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(TOSHIBA) C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe

(TOSHIBA) C:\Program Files (x86)\Toshiba\Toshiba Online Product Information\TOPI.exe

(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe

(Elgato Systems) C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe

(Logitech Inc.) C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe

(Taiwan) C:\Program Files (x86)\Switcher\FAD_4027\SwitchUSB.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(1&1 Mail & Media GmbH) C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe

(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

(Avid Development GmbH) C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

(Chicony) C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

() C:\Windows\Samsung\PanelMgr\SSMMgr.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe

(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe

(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe

(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 5.0\offlagent7\offlagent.exe

() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE

(Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [237056 2007-12-15] (Alps Electric Co., Ltd.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [492600 2008-11-06] (Conexant Systems, Inc.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)

HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)

HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)

HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.)

HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-10-26] (Toshiba Europe GmbH)

HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe [777728 2006-07-19] (Logitech Inc.)

HKLM\...\Run: [Launch LGDCore] => "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE

HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-29] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Camera Assistant Software] => C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe [417792 2009-04-10] (Chicony)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [520192 2006-12-01] ()

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)

HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)

HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2499584 2010-07-09] (Vodafone)

HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [SMB50StarMoneyRunEntry] => C:\Program Files (x86)\StarMoney Business 5.0\app\oflagent.exe [56976 2014-02-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)

HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)

HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)

HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()

HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [TOSCDSPD] => TOSCDSPD.EXE

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6158240 2009-03-16] (TOSHIBA)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [Remote Control Editor] => C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe [1689088 2010-06-09] (Elgato Systems)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [AVMUSBFernanschluss] => C:\Users\Chris\AppData\Local\Apps\2.0\RPDH7O7A.KJ7\8VE1QDO5.TOE\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2016-07-02] (AVM Berlin)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [FAD_4027] => C:\Program Files (x86)\Switcher\FAD_4027\SwitchUSB.exe [1572864 2011-05-06] (Taiwan)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [PMCLoader] => C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe [644368 2008-08-12] (Pinnacle Systems GmbH)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [WEB.DE Application {sync-000021}] => C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [792064 2016-04-21] (1&1 Mail & Media GmbH)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Run: [Dropbox Update] => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-04] (Dropbox, Inc.)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: E - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: H - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: K - K:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {038e06f0-fa97-11e0-8958-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {038e0701-fa97-11e0-8958-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae71-abb2-11df-97d8-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae83-abb2-11df-97d8-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae89-abb2-11df-97d8-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae9b-abb2-11df-97d8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733ae9d-abb2-11df-97d8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0733aea0-abb2-11df-97d8-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {082f7345-82df-11e0-8094-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {082f7352-82df-11e0-8094-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0a375e63-7d71-11e0-9562-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {0d5245e5-a91f-11df-8e2c-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {1829e236-11ce-11e0-aba4-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {1829e238-11ce-11e0-aba4-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {1829e243-11ce-11e0-aba4-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {280017ec-a6e0-11df-b3b1-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {280017fd-a6e0-11df-b3b1-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {280017ff-a6e0-11df-b3b1-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {2e0891ee-76af-11df-aaec-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {2e0891fc-76af-11df-aaec-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {47657fbc-76d2-11df-8f4f-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {47657fc0-76d2-11df-8f4f-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {51f0eb5d-09da-11df-9141-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {54f8e4d2-9d8a-11e0-806c-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa897-0df4-11e0-883b-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa899-0df4-11e0-883b-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa8a6-0df4-11e0-883b-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {599aa8ab-0df4-11e0-883b-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {59eeb5b4-7a1c-11e0-a47e-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {59eeb5b6-7a1c-11e0-a47e-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {59eeb5b8-7a1c-11e0-a47e-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {62de1d1f-f194-11e0-8ed9-00238bbbddba} - H:\Setup.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7ad4b769-0a92-11df-8968-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7bd73ea4-74c0-11e1-be50-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7bd73eba-74c0-11e1-be50-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {7f843874-e21c-11e0-a098-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {829be880-a6f8-11df-bab8-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {829be88c-a6f8-11df-bab8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {829be88e-a6f8-11df-bab8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {88c07d4b-afb2-11df-9fab-806e6f6e6963} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {8ee591ad-7d78-11e0-ac5d-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {90805008-92a8-11e0-8e79-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {9080500a-92a8-11e0-8e79-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {9080500d-92a8-11e0-8e79-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc17-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc1f-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc21-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc24-a302-11df-a842-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {94d9fc27-a302-11df-a842-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {9e17bd9a-7960-11e0-95b0-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f38-885a-11e0-b570-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f3a-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f3c-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f5a-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f65-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f71-885a-11e0-b570-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {b3e63f8d-885a-11e0-b570-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d1ff-11b3-11e0-801f-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d219-11b3-11e0-801f-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d21b-11b3-11e0-801f-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bce3d21d-11b3-11e0-801f-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd40ac59-16ec-11e2-9b9e-00238bbbddba} - H:\LaunchU3.exe -a

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd821c4e-a3cd-11df-a8b3-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd821c52-a3cd-11df-a8b3-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bd821caa-a3cd-11df-a8b3-00238bbbddba} - I:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {bf4bbd5f-e222-11e0-90a7-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {cbb02f6b-f9bc-11e0-95a3-806e6f6e6963} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {cd95a5ca-3e71-11e4-b596-d923af0aeae4} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ce49b37a-f8f4-11e0-89e2-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ce49b37d-f8f4-11e0-89e2-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ce49b384-f8f4-11e0-89e2-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {cfbcd11f-0939-11df-9106-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d3bb6547-0d91-11e2-bac9-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d3bb6558-0d91-11e2-bac9-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d4f7ab93-f7e4-11e3-8c74-f18faab755e8} - H:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {d4f7add3-f7e4-11e3-8c74-f18faab755e8} - H:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {db008455-7796-11df-bab8-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {dbf6f75b-a492-11df-ad9f-00238bbbddba} - I:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {dcfd3d4f-08ec-11df-a486-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {e8a82fea-af13-11df-8863-806e6f6e6963} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {e8a83017-af13-11df-8863-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ed0363e7-0d05-11df-a601-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {ed0363e9-0d05-11df-a601-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f0d2606e-a1be-11e0-bc48-00238bbbddba} - H:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f2f23acd-78a6-11e0-9ce8-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f2f23acf-78a6-11e0-9ce8-00238bbbddba} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f608f4a4-0df7-11e0-bbed-00238bbbddba} - E:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {f608f4af-0df7-11e0-bbed-00238bbbddba} - J:\AutoRun.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\MountPoints2: {fc8e8b49-8374-11e0-8a5b-806e6f6e6963} - H:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1003\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [438584 2008-12-10] (TOSHIBA)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1003\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6158240 2009-03-16] (TOSHIBA)

HKU\S-1-5-21-3975404785-3629955362-1126565087-1003\...\MountPoints2: E - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1003\...\MountPoints2: {51f0eb5d-09da-11df-9141-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1003\...\MountPoints2: {cfbcd11c-0939-11df-9106-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1003\...\MountPoints2: {cfbcd11f-0939-11df-9106-00238bbbddba} - E:\StartVMCLite.exe

HKU\S-1-5-21-3975404785-3629955362-1126565087-1003\...\MountPoints2: {dcfd3d4f-08ec-11df-a486-00238bbbddba} - E:\StartVMCLite.exe

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150711173037845.dll [2015-06-25] (1&1 Mail & Media GmbH)

ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)

Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-01-25]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2010-08-01]

ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-11-25]

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Pinnacle Streaming Server.lnk [2012-12-12]

ShortcutTarget: Pinnacle Streaming Server.lnk -> C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe (Avid Development GmbH)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Jubiläumsversion Zahlungserinnerung.lnk [2013-01-03]

ShortcutTarget: Quicken Jubiläumsversion Zahlungserinnerung.lnk -> C:\Windows\Installer\{A907A713-DA24-4352-8786-96C7A6944646}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)

Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-25]

ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2010-05-27]

ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-04-06]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-04-06]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013-12-30]

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{599541DB-9000-473F-AA32-19C82244BA5C}: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{FED48F3B-BAB7-40A0-B64D-F146BE4A6402}: [DhcpNameServer] 192.168.42.129
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 

HKU\S-1-5-21-3975404785-3629955362-1126565087-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de

HKU\S-1-5-21-3975404785-3629955362-1126565087-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de

SearchScopes: HKLM -> DefaultScope {D0718CFD-76E4-4DFA-919C-A32398055F4B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKLM -> {D0718CFD-76E4-4DFA-919C-A32398055F4B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-3975404785-3629955362-1126565087-1003 -> DefaultScope {D0718CFD-76E4-4DFA-919C-A32398055F4B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-3975404785-3629955362-1126565087-1003 -> {D0718CFD-76E4-4DFA-919C-A32398055F4B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-3975404785-3629955362-1126565087-501 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-3975404785-3629955362-1126565087-501 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)

BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)

BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)

BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)

Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)

Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)

Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll [2010-04-15] (TerraTec Electronic GmbH)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)

Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab)
 

FireFox:

========

FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default

FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF SelectedSearchEngine: google

FF Homepage: hxxp://www.google.de?hl=de&gl=de

FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-15] ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2013-10-02] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-15] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)

FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-10-28] (DivX, LLC)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)

FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll [2012-06-25] ( )

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ChimeShim.dll [2007-07-26] (MDL Information Systems, Inc. (Elsevier MDL))

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npchime.dll [2007-07-26] (MDL Information Systems, Inc (Elsevier MDL))

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-04-16] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-04-16] (Apple Inc.)

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\englische-ergebnisse.xml [2013-05-21]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\gmx-suche.xml [2013-05-21]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\lastminute.xml [2013-05-21]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\onvista.xml [2015-03-13]

FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\searchplugins\webde-suche.xml [2013-05-21]

FF Extension: (FoxyProxy Standard) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\464scs16.default\extensions\foxyproxy@eric.h.jung [2015-06-01]

FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox [2016-05-28]

FF Extension: (Skype extension for Firefox) - C:\Program Files (x86)\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2015-07-04] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-24] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-05-18] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa => nicht gefunden

FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox

FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - C:\Program Files (x86)\Mobile Master\ext\1

FF Extension: (Mobile Master Add-In) - C:\Program Files (x86)\Mobile Master\ext\1 [2011-04-09] [ist nicht signiert]

FF HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

CHR HKLM-x32\...\Chrome\Extension: [obdlfebkcikbbhhnpmabhadfhgfjcemn] - C:\Users\Chris\Webgears\Chrome\Gutscheinsammler\gutscheinsammler-finder-2.0-chrome.crx [2011-10-28]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2015-12-08] (Kaspersky Lab ZAO)

R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)

S2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [84992 2016-06-24] (Chip Digital GmbH) [Datei ist nicht signiert]

R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]

R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]

R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [216080 2012-06-25] (Nitro PDF Software)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]

R3 SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [89600 2008-08-25] (Toshiba) [Datei ist nicht signiert]

R2 StarMoney Business 5.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)

R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)

R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [Datei ist nicht signiert]

S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG) [Datei ist nicht signiert]

R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2013-11-14] () [Datei ist nicht signiert]

R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2010-07-09] (Vodafone) [Datei ist nicht signiert]

S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)

R2 WBWatchDog; C:\Program Files (x86)\Buhl\WISO Börse 2009\bin\watchdog.exe [481408 2008-10-16] (market maker Software AG)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S3 androidusb; C:\Windows\System32\Drivers\fxxandroidusb.sys [31744 2011-05-06] (Google Inc)

S3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2010-03-22] (AVM Berlin)

R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-24] (AVM Berlin)

S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [114176 2013-07-22] (ASIX Electronics Corp.)

R0 B50EA66D; C:\Windows\System32\drivers\B50EA66D.sys [478392 2016-04-16] (Kaspersky Lab ZAO)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)

R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [684544 2009-06-23] (Conexant Systems Inc.)

R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)

R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)

S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)

R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)

R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)

R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-05-28] (AO Kaspersky Lab)

R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-12-08] (AO Kaspersky Lab)

R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237480 2016-05-28] (AO Kaspersky Lab)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [943536 2016-05-28] (AO Kaspersky Lab)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49240 2016-05-28] (AO Kaspersky Lab)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-08] (AO Kaspersky Lab)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)

R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-28] (Malwarebytes)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)

S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [1077840 2010-11-19] (DiBcom SA)

S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [24272 2010-11-19] (DiBcom S.A.)

R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [64160 2009-07-13] (O2Micro )

R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()

S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-05-24] (RapidSolution Software AG)

R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-05-24] (RapidSolution Software AG)

S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [Datei ist nicht signiert]

R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-09-18] ()

R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-09-18] ()

R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-09-18] ()

S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)

S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [X]

S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-09-28 22:13 - 2016-09-29 00:57 - 00000000 ____D C:\ProgramData\HitmanPro

2016-09-28 22:13 - 2016-09-28 22:13 - 11579432 _____ (SurfRight B.V.) C:\Users\Chris\Desktop\HitmanPro_x64.exe

2016-09-28 17:11 - 2016-09-28 17:11 - 02870984 _____ (ESET) C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe

2016-09-28 16:54 - 2016-09-28 16:54 - 00000000 ____D C:\Users\Chris\Desktop\FRST-OlderVersion

2016-09-27 22:18 - 2016-09-27 22:18 - 00165376 _____ C:\Users\Chris\Desktop\SystemLook_x64.exe

2016-09-27 11:02 - 2016-09-28 06:09 - 00102495 _____ C:\Users\Chris\Desktop\Addition.txt

2016-09-27 11:01 - 2016-09-29 01:01 - 00058007 _____ C:\Users\Chris\Desktop\FRST.txt

2016-09-27 11:00 - 2016-09-28 16:54 - 02404352 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe

2016-09-27 07:32 - 2016-09-27 07:32 - 00010797 _____ C:\Users\Chris\Desktop\JRT.txt

2016-09-26 22:33 - 2016-09-26 22:33 - 00001074 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2016-09-26 22:33 - 2016-09-26 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-09-26 22:33 - 2016-09-26 22:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2016-09-26 22:33 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2016-09-26 22:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2016-09-26 22:30 - 2016-09-26 22:30 - 01615456 _____ (Malwarebytes) C:\Users\Chris\Desktop\JRT.exe

2016-09-26 22:27 - 2016-09-26 22:28 - 22851472 _____ (Malwarebytes ) C:\Users\Chris\Desktop\mbam-setup-2.2.1.1043.exe

2016-09-26 21:52 - 2016-09-26 22:00 - 00000000 ____D C:\AdwCleaner

2016-09-26 21:51 - 2016-09-26 21:51 - 03861056 _____ C:\Users\Chris\Desktop\AdwCleaner_6.020.exe

2016-09-25 19:06 - 2016-09-28 17:10 - 00000000 ____D C:\Users\Chris\Documents\Viren Trojaner Erfassung

2016-09-25 15:22 - 2016-09-27 11:00 - 00000000 ____D C:\Users\Chris\Downloads\FRST-OlderVersion

2016-09-25 15:22 - 2016-09-25 15:22 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2016-09-15 16:38 - 2016-09-26 21:58 - 00000000 ____D C:\Program Files\{16916AFE-57EE-48FB-AD4A-6A0BA8760DBD}

2016-09-14 15:31 - 2016-09-14 15:31 - 00000048 _____ C:\Users\Chris\Downloads\.directory

2016-09-14 15:28 - 2016-09-14 15:28 - 00052633 _____ C:\Users\Chris\Downloads\8642_kaspersky.html

2016-09-14 15:23 - 2016-09-27 11:00 - 02403328 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe

2016-09-14 14:41 - 2016-09-14 14:45 - 00104287 _____ C:\Users\Chris\Downloads\Addition.txt

2016-09-14 14:38 - 2016-09-25 16:52 - 00071172 _____ C:\Users\Chris\Downloads\FRST.txt

2016-09-14 14:36 - 2016-09-29 01:00 - 00000000 ____D C:\FRST

2016-09-07 20:14 - 2016-09-07 20:14 - 00000000 ____D C:\ProgramData\launcher

2016-09-07 19:07 - 2016-09-07 19:07 - 00002421 _____ C:\Users\Public\Desktop\Paragon Festplatten Manager™ 15 Professional.lnk

2016-09-07 19:07 - 2016-09-07 19:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_blockmounter_01_09_00.Wdf

2016-09-07 19:07 - 2016-09-07 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Festplatten Manager™ 15 Professional

2016-09-07 19:05 - 2016-09-07 19:05 - 00000000 ____D C:\Program Files\Paragon Software

2016-09-07 18:47 - 2016-09-10 16:25 - 00000000 ____D C:\Program Files\{CACC03DD-9A08-4DDD-835C-48048033E61E}
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-09-29 00:45 - 2011-06-18 14:48 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-09-29 00:34 - 2013-01-16 09:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-09-29 00:14 - 2010-01-24 05:27 - 00019680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2016-09-29 00:14 - 2010-01-24 05:27 - 00019680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2016-09-29 00:04 - 2015-06-04 09:52 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000UA.job

2016-09-28 23:58 - 2016-06-22 18:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2016-09-28 19:12 - 2010-01-25 00:03 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C40BD253-3E22-4A50-B277-3698584BFC1A}

2016-09-28 17:06 - 2011-01-09 22:50 - 00000000 ___RD C:\Users\Chris\Dropbox

2016-09-28 17:05 - 2012-12-12 22:58 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI

2016-09-28 17:05 - 2011-06-18 14:48 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-09-28 17:05 - 2010-03-22 00:37 - 00000000 ____D C:\Users\Chris\AppData\Local\Deployment

2016-09-28 17:05 - 2010-01-25 22:06 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2016-09-28 16:58 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-09-28 12:51 - 2014-12-30 16:06 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2016-09-28 11:04 - 2015-06-04 09:52 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000Core.job

2016-09-27 22:33 - 2010-03-18 20:39 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\Temp

2016-09-27 07:00 - 2010-03-22 00:37 - 00000000 ____D C:\Users\Chris\AppData\Local\Apps\2.0

2016-09-27 06:43 - 2014-05-19 13:46 - 00000000 ____D C:\Windows\ELAMBKUP

2016-09-26 22:33 - 2016-06-22 18:12 - 00000000 ____D C:\ProgramData\Malwarebytes

2016-09-26 22:00 - 2015-07-12 10:54 - 00000008 __RSH C:\ProgramData\ntuser.pol

2016-09-26 09:36 - 2010-02-04 23:42 - 00039424 ___SH C:\Users\Chris\Documents\Thumbs.db

2016-09-25 15:22 - 2011-01-09 22:36 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox

2016-09-24 20:38 - 2010-08-16 17:46 - 00000000 ____D C:\Program Files (x86)\Surf & E-Mail-Stick

2016-09-24 20:34 - 2016-06-25 13:49 - 00000000 ____D C:\Program Files\{59DC0B16-6721-47A2-8A18-638F86DE577B}

2016-09-24 20:28 - 2014-06-20 00:46 - 00000000 ____D C:\android

2016-09-24 19:57 - 2011-12-15 03:00 - 00000000 ____D C:\Program Files (x86)\fotokasten comfort

2016-09-24 19:57 - 2011-11-24 19:00 - 00000000 ____D C:\Program Files (x86)\moneyplex

2016-09-24 19:41 - 2010-07-31 23:42 - 00000000 ____D C:\Program Files (x86)\Auktionatrix

2016-09-21 22:09 - 2009-07-14 19:58 - 00662748 _____ C:\Windows\system32\perfh007.dat

2016-09-21 22:09 - 2009-07-14 19:58 - 00133786 _____ C:\Windows\system32\perfc007.dat

2016-09-21 22:09 - 2009-07-14 07:13 - 01521082 _____ C:\Windows\system32\PerfStringBackup.INI

2016-09-21 22:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf

2016-09-15 16:37 - 2013-01-16 09:40 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2016-09-15 16:37 - 2013-01-16 09:40 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2016-09-15 16:37 - 2012-03-15 20:25 - 00000000 ____D C:\Windows\system32\Macromed

2016-09-15 16:37 - 2011-07-18 09:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2016-09-15 16:37 - 2009-04-06 14:22 - 00000000 ____D C:\Windows\SysWOW64\Macromed

2016-09-14 14:23 - 2016-04-16 19:20 - 01847697 ____H C:\Users\Chris\AppData\Local\IconCache.db.backup

2016-09-11 03:02 - 2010-05-14 06:57 - 00000000 ____D C:\Users\Gast

2016-09-11 03:01 - 2010-01-24 05:28 - 00000000 ____D C:\Users\Admin

2016-09-07 18:45 - 2010-08-09 21:08 - 00000000 ____D C:\Users\Chris\AppData\Local\Downloaded Installations
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2013-11-25 22:05 - 2013-11-25 22:05 - 0000697 _____ () C:\Users\Chris\AppData\Roaming\ConvAPIPlugin.log

2011-07-15 14:35 - 2011-07-15 14:35 - 0000106 _____ () C:\Users\Chris\AppData\Roaming\psppirerc

2015-07-12 11:14 - 2015-07-12 11:14 - 0000275 _____ () C:\Users\Chris\AppData\Roaming\uninstall.bat

2013-11-27 21:35 - 2013-12-16 12:54 - 0000600 _____ () C:\Users\Chris\AppData\Roaming\winscp.rnd

2010-01-26 00:19 - 2010-01-26 00:19 - 0000000 _____ () C:\Users\Chris\AppData\Roaming\wklnhst.dat

2010-08-04 14:13 - 2014-02-24 19:33 - 0006656 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2010-11-16 23:36 - 2010-11-16 23:37 - 0000079 _____ () C:\Users\Chris\AppData\Local\DVDPATH.TXT

2013-08-06 16:58 - 2013-08-13 22:06 - 0004096 ____H () C:\Users\Chris\AppData\Local\keyfile3.drm

2012-10-16 08:32 - 2012-10-16 08:32 - 0000236 _____ () C:\Users\Chris\AppData\Local\LaunchHomeCenter.log

2011-06-21 13:36 - 2011-11-16 18:36 - 0001516 _____ () C:\Users\Chris\AppData\Local\MiniAssist.ini

2011-06-21 13:36 - 2011-06-21 13:36 - 0001516 _____ () C:\Users\Chris\AppData\Local\MiniAssist.ini.bak

2011-06-21 13:36 - 2011-11-16 19:06 - 0071452 _____ () C:\Users\Chris\AppData\Local\MiniAssist.log

2014-09-04 21:59 - 2014-09-04 21:59 - 0010170 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel

2012-12-03 18:11 - 2015-03-18 15:02 - 0007601 _____ () C:\Users\Chris\AppData\Local\resmon.resmoncfg

2013-11-27 22:31 - 2013-11-27 22:31 - 2529622 _____ () C:\Users\Chris\AppData\Local\[j0019]-[p04].bmp

2010-07-09 12:36 - 2010-07-09 12:36 - 0159464 ____R () C:\ProgramData\DeviceManager.xml.rc4

2010-01-31 00:46 - 2010-01-31 00:46 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

2010-04-05 13:30 - 2013-11-25 22:05 - 0003493 _____ () C:\ProgramData\hpzinstall.log

2010-05-02 14:50 - 2011-08-24 22:18 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt

2003-10-06 10:21 - 2003-10-06 10:21 - 0000000 ____H () C:\ProgramData\sdpsenv.dat
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\ProgramData\sdpsenv.dat
 
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\Windows\system32\winlogon.exe => Datei ist digital signiert

C:\Windows\system32\wininit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert

C:\Windows\explorer.exe => Datei ist digital signiert

C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert

C:\Windows\system32\svchost.exe => Datei ist digital signiert

C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert

C:\Windows\system32\services.exe => Datei ist digital signiert

C:\Windows\system32\User32.dll => Datei ist digital signiert

C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert

C:\Windows\system32\userinit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert

C:\Windows\system32\rpcss.dll => Datei ist digital signiert

C:\Windows\system32\dnsapi.dll => Datei ist digital signiert

C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2016-09-26 10:55
 

==================== Ende von FRST.txt ============================

--- --- ---

[/CODE]

CChris

29.09.2016 00:13

Addition.txt

Code:



Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-09-2016

durchgeführt von Chris (29-09-2016 01:02:14)

Gestartet von C:\Users\Chris\Desktop

Windows 7 Home Premium Service Pack 1 (X64) (2010-01-24 04:27:32)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-3975404785-3629955362-1126565087-500 - Administrator - Disabled)

Chris (S-1-5-21-3975404785-3629955362-1126565087-1000 - Administrator - Enabled) => C:\Users\Chris

Gast (S-1-5-21-3975404785-3629955362-1126565087-501 - Limited - Enabled) => C:\Users\Gast

HomeGroupUser$ (S-1-5-21-3975404785-3629955362-1126565087-1006 - Limited - Enabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Kaspersky Total Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}

AS: Kaspersky Total Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Total Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

6500_E709a (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

8500A909_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

8500A909_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

8500A909a (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)

Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)

Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)

Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)

AKVIS Retoucher (HKLM-x32\...\{3096C412-7636-45FD-9074-F596F4417076}) (Version: 5.5.869.8634 - AKVIS)

ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )

Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )

ATI Catalyst Install Manager (HKLM\...\{0FB2E75A-1024-331F-77EF-D45F71505D58}) (Version: 3.0.732.0 - ATI Technologies, Inc.)

Audials (HKLM-x32\...\{FFA5E466-D1D3-44AE-BB20-8D56CF061877}) (Version: 10.2.22605.500 - Audials AG)

Auktionatrix - der schnelle Weg zu eBay (HKLM-x32\...\{02E8DF80-DFB9-4C56-8CB9-AFA1CE97AF9C}) (Version: 4.10.4.0 - Z-Dev)

Avery Wizard 4.0 (HKLM-x32\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)

Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)

Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.10(T) - TOSHIBA CORPORATION)

BPD_DSWizards (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden

BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

Brew Recipe Developer (HKLM-x32\...\{B203CBE3-7CF4-40E7-A6F4-761C87AA945F}) (Version: 2.0.0 - Oli Weiss)

Brother MFL-Pro Suite DCP-115C (HKLM-x32\...\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}) (Version: 1.0.1.0 - Brother Industries, Ltd.)

Brother MFL-Pro Suite DCP-357C (HKLM-x32\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.0.2.0 - Brother Industries, Ltd.)

BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

Camera Assistant Software for Toshiba (HKLM-x32\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.260.0526L - Chicony Electronics Co.,Ltd.)

Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)

Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)

Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)

Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)

Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - *Canon Inc.)

Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)

Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)

Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)

Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)

Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)

ccc-core-static (x32 Version: 2009.0729.2238.38827 - Ihr Firmenname) Hidden

CD/DVD Drive Acoustic Silencer (HKLM-x32\...\{4C3F3228-13BE-41D0-A782-3DDE7CB2479A}) (Version: 3.01.05 - TOSHIBA)

chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 2.2.1.0 - Chip Digital GmbH)

Cinergy HTC USB XS V5.09.1202.00 (HKLM-x32\...\Cinergy HTC USB XS) (Version: 5.09.1202.00 - )

Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{0F9639CB-D661-4FA0-A4B1-0441E515E0B7}) (Version: 3.1.04072 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden

Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Compiled Driver Disc (Full) 0.99 (HKLM-x32\...\{3DCF00F5-04A5-4543-A088-70548081120E}_is1) (Version: 0.99.0.1 - COMPELSON Labs)

Compiled Driver Disk (Samsung) 0.99 (HKLM-x32\...\{3DCF00F5-04A5-4543-A088-705480811206}_is1) (Version: 0.99.0.1 - COMPELSON Labs)

Conexant Audio Driver For AMD HDMI Codec (HKLM\...\CNXT_AUDIO_HDA_HDMI) (Version: 4.98.6.0 - Conexant)

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.6.61 - Conexant)

DDBAC (HKLM-x32\...\{7CF93713-EB2A-475C-93CA-D1C9DA388EF4}) (Version: 5.3.50.0 - DataDesign)

Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)

DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden

DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden

Dropbox (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.)

DVD MovieFactory for TOSHIBA (HKLM-x32\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.51 - Ulead Systems, Inc.)

EpsonNet SetupManager (HKLM-x32\...\InstallShield_{BB828C7B-44A6-4A83-A96E-EF80B8680B8D}) (Version: 1.7.2 - SEIKO EPSON CORPORATION)

EpsonNet SetupManager (x32 Version: 1.7.2 - SEIKO EPSON CORPORATION) Hidden

EQUIP (HKLM-x32\...\{3BE64D7E-367A-EB54-9BE0-4D3E2A62EF17}) (Version: 3.3.0 - ISI GmbH)

EQUIP CAPI (HKLM-x32\...\{7B7618C6-0CF3-B1F4-496C-5E147D73AEA7}) (Version: 3.3.0 - )

Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

FileZilla Client 3.3.3 (HKLM-x32\...\FileZilla Client) (Version: 3.3.3 - )

Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)

fotokasten comfort 4.2 (HKLM-x32\...\fotokasten comfort_is1) (Version:  - )

Free Image Convert and Resize version 2.1 (HKLM-x32\...\Free Image Convert and Resize_is1) (Version:  - DVDVideoSoft Limited.)

Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.)

Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)

FreeCommander 2009.02a (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)

FRITZ!Box USB-Fernanschluss - 1  (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)

FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\f018cf21c0452c64) (Version: 2.3.0.2 - AVM Berlin)

GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)

Gini! (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\93edd1682ad811a0) (Version: 1.0.73.0 - FRITZ! Mini)

Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden

GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

grafstat4 (HKLM-x32\...\{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1) (Version: 4.249 - DrSoft)

HDMI Control Manager (HKLM-x32\...\InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA)

HDMI Control Manager (Version: 2.0 - TOSHIBA) Hidden

HDMI Control Manager (x32 Version: 2.0 - TOSHIBA) Hidden

HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)

HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP)

HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)

HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden

HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)

Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)

JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

Kalenderdruck-Assistent für Microsoft Office Outlook 2007 (HKLM-x32\...\{90120000-00A7-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)

Kaspersky Total Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden

kleiner-brauhelfer version 1.1.4.0 (HKLM-x32\...\kleiner-brauhelfer_is1) (Version:  - )

Lexware Abschreibungsrechner (HKLM-x32\...\{204294E8-371C-4DFB-8162-EF5BB4FEBFE1}) (Version: 11.00.04.0001 - Haufe-Lexware GmbH & Co.KG)

Lexware Elster (HKLM-x32\...\{AFB25971-2545-4EFF-922C-938915ACE6A8}) (Version: 11.01.00.0006 - Haufe-Lexware GmbH & Co.KG)

Lexware Info Service (HKLM-x32\...\{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}) (Version: 2.80.00.0007 - Haufe-Lexware GmbH & Co.KG)

Lexware online banking (HKLM-x32\...\{2C41394E-E15B-47DC-B33C-54D33EA85B68}) (Version: 15.00.00.0005 - Haufe-Lexware GmbH & Co.KG)

Logitech Z-series Software 1.03 (HKLM\...\{A8BE7A89-11DE-49B3-A4FC-6CDCB0C32B51}) (Version: 1.03.000 - Logitech)

Lottoschein-Check (HKLM-x32\...\Lottoschein-Check) (Version:  - )

MAGIX Foto Manager 9 (HKLM-x32\...\MAGIX Foto Manager 9 D) (Version: 7.0.0.91 - MAGIX AG)

MAGIX MP3 deluxe MX Download-Version (HKLM-x32\...\MAGIX_MSI_mp3_deluxe_mx) (Version: 18.0.0.109 - MAGIX AG)

MAGIX MP3 deluxe MX Download-Version (x32 Version: 18.0.0.109 - MAGIX AG) Hidden

MAGIX MP3 Maker 16 11.0.0.78 (D) (HKLM-x32\...\MAGIX MP3 Maker 16 D) (Version: 11.0.0.78 - MAGIX AG)

MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)

MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)

MAGIX Screenshare (HKLM-x32\...\MAGIX_MSI_PCVisit) (Version: 4.3.6.1987 - MAGIX AG)

MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden

MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.2.7 - MAGIX AG)

MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_MSI_Speed3_burnR_mxcdr_MSI) (Version: 7.0.2.6 - MAGIX AG)

MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden

Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden

Markets-Börsenticker (HKLM-x32\...\Markets-Börsenticker) (Version: 2 - Financial Times Deutschland)

Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.10.5.3 - Marvell)

maxdome - Online Videothek Version 3.1.0 (HKLM\...\maxdome - Online Videothek_is1) (Version:  - maxdome)

MDL Chime/Chime Pro for Internet Explorer (HKLM-x32\...\{46761278-BF32-4008-833B-93487FF0A06E}) (Version: 2.6 SP7 - MDL Information Systems, Inc.)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office Communicator 2007 (HKLM-x32\...\{0FCA0973-24C0-48EA-8CF6-71B53C135C09}) (Version: 2.0.6362.0 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)

Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)

MightyUninstaller (HKLM-x32\...\{91A02C6C-1FAA-49FA-957F-6ACF30D6B47D}_is1) (Version: 2.5.0.0 - MightyUninstaller.com)

MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)

Miranda Fusion 2.0.15 (HKLM-x32\...\MirandaFusion) (Version: 2.0.15 - Miranda Fusion Team)

Mobile Master (x32 Version: 7.8.3 - Jumping Bytes) Hidden

Mobile Master 7.8.3 (HKLM-x32\...\Mobile Master) (Version: 7.8.3 - Jumping Bytes)

MOBILedit! Support Libraries (HKLM-x32\...\{1A834332-A9EE-440C-9505-2D07F445F05A}) (Version: 4.0.0 - COMPELSON Labs)

MOBILedit! ver. 5.0.2.1015 (HKLM-x32\...\{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1) (Version: 5.0.2.1015 - COMPELSON Labs)

moneyplex 2011 (HKLM-x32\...\{B3946E24-EF59-4CEE-930F-7465D9C19A85}_is1) (Version: moneyplex 2011 - matrica GmbH)

MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)

Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)

MP3 deluxe MX Update (Version: 18.0.3.115 - MAGIX AG) Hidden

MPM (HKLM-x32\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)

MSXML 4.0 SP2 (KB941833) (HKLM-x32\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)

NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)

NetWaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.55 - BVRP Software, Inc)

Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden

Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden

Nitro Reader 2 (HKLM\...\{0723532B-AD75-4D04-B88A-8CCEC6624E6D}) (Version: 2.4.1.15 - Nitro PDF Software)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)

O2Micro Flash Memory Card Reader Driver (HKLM\...\{729F014A-9E91-49A6-B5F2-E8AA941452AE}) (Version: 3.31.03.A - O2Micro)

OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)

Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)

Ontrack EasyRecovery Home (HKLM-x32\...\{B8686BCF-5181-477F-9CBE-786391011B9C}_is1) (Version: 10.0.2.3 - Kroll Ontrack Inc.)

Paragon Festplatten Manager™ 15 Professional (HKLM\...\{1E104AF0-EA49-11DE-AC07-005056C00008}) (Version: 90.00.0003 - Paragon Software)

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Pinnacle DistanTV Server (HKLM-x32\...\{7C7AC2D4-1077-45C8-826A-16445B5E0DB7}) (Version: 1.0.0.095 - Pinnacle Systems)

Pinnacle TVCenter Pro (HKLM-x32\...\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}) (Version: 5.1.0.2722 - Pinnacle Systems)

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden

ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden

PSPP (HKLM-x32\...\B426B849-6071-5684-6429-7BE6B77DAB5B) (Version: 20100611 - GNU)

Quicken HOME & BUSINESS Jubiläumsversion (HKLM-x32\...\{A907A713-DA24-4352-8786-96C7A6944646}) (Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG)

Quicken Import Export Server Jubiläumsversion (HKLM-x32\...\{7FE9F5F5-8C9B-49F2-989C-BD885BD79B8D}) (Version: 20.30.00.0099 - Haufe-Lexware GmbH & Co.KG)

QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )

RasWin (remove only) (HKLM-x32\...\RasWin) (Version:  - )

RG eBook (HKLM-x32\...\com.radeberger-gruppe.ebook) (Version: 1.1.7 - Radeberger Gruppe KG)

RG eBook (x32 Version: 1.1.7 - Radeberger Gruppe KG) Hidden

Samsung ML-2010 Series (HKLM-x32\...\Samsung ML-2010 Series) (Version:  - )

Samsung ML-2010 Series SmartPanel (HKLM-x32\...\Samsung ML-2010 Series SmartPanel) (Version:  - )

SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )

Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )

SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )

Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )

Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )

SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )

SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )

Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.3.90702 - Samsung Electronics Co., Ltd.)

Samsung PC Studio 3 (x32 Version: 3.0.0.90702 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )

SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)

Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden

SecuBrowser (HKLM-x32\...\{A7287C0E-C94F-4009-B438-485E38286EB9}) (Version: 1.0.7.0 - Frank Eschenbacher)

ShaDown! (HKLM-x32\...\{909F4A33-D068-4D61-BBF1-B3135DD19C18}) (Version: 1.3.0.0 - Inforall.net)

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)

simfy VZ edition (HKLM-x32\...\simfy-VZ-edition) (Version: 1.2.0 - simfy GmbH)

simfy VZ edition (x32 Version: 1.2.0 - simfy GmbH) Hidden

Skype web features (HKLM-x32\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)

Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)

SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden

SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden

Spelling Dictionaries Support For Adobe Reader 8 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)

StarMoney (x32 Version: 3.0.2.50 - StarFinanz) Hidden

StarMoney Business 5.0  (HKLM-x32\...\{96CA5ACD-1A36-417E-AC15-707E93AB895C}) (Version: 5.0 - Star Finanz GmbH)

STATISTICA TRIAL DE 10 (HKLM-x32\...\{E492A541-96C6-4D38-B698-805A745C5EBC}) (Version: 10.0.228.8 - StatSoft (Europe) GmbH)

STATNOVAPDF (novaPDF 7.1 printer) (HKLM\...\STATNOVAPDF_is1) (Version:  - Softland)

Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden

Stellar Phoenix PowerPoint Recovery (HKLM-x32\...\Stellar Phoenix PowerPoint Recovery_is1) (Version: 1.0.0.0 - Stellar Information Systems Ltd.)

StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )

Stundenplan v1.0 (HKLM-x32\...\Stundenplan_is1) (Version:  - Bastian Dornauf)

Surf & E-Mail-Stick (HKLM-x32\...\Surf & E-Mail-Stick) (Version: 16.001.06.02.35 - Huawei Technologies Co.,Ltd)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)

TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.15.11 - )

Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)

Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden

Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.07 - TOSHIBA)

TOSHIBA Benutzerhandbücher (HKLM-x32\...\{1C971EE3-B4C4-4367-9676-57549919C6CE}) (Version: 7.40 - TOSHIBA)

TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.23 - TOSHIBA Corporation)

TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 for x64 - TOSHIBA Corporation)

TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 2.50.0.11-AU - TOSHIBA Corporation)

TOSHIBA Extended Tiles for Windows Mobility Center (HKLM-x32\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version:  - )

TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 2.0.17.64 - TOSHIBA)

TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{E8B39B08-7FAB-48CC-89E9-37C5589E130C}) (Version:  - )

Toshiba Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.06.0000 - TOSHIBA)

TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.2 for x64 - TOSHIBA)

TOSHIBA Recovery Disk Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0017 - TOSHIBA)

TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{DF0853CA-A1D0-4169-8472-F2822C8FA1EB}) (Version:  - )

TOSHIBA TEMPRO (HKLM-x32\...\{3A9B3B6D-3C08-4283-AF50-FD82C49DD71E}) (Version: 3.34 - Toshiba Europe GmbH)

TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.2.28.64 - TOSHIBA Corporation)

TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

TRORDCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.6 - TOSHIBA)

TRORDCLauncher (x32 Version: 1.0.0.6 - TOSHIBA) Hidden

Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )

Universal Document Converter (Demo) (HKLM-x32\...\Universal Document Converter_is1) (Version: 5.2 - fCoder Group, Inc.)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

UPS Widget 2 (HKLM-x32\...\com.polythink.ups.wda.03EBA0C726630DF115D9764F9B83F5185396D811.1) (Version: 2.1.81 - ThinkDesktop LLC)

UPS Widget 2 (x32 Version: 2.1.81 - ThinkDesktop LLC) Hidden

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)

VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)

Vodafone Mobile Connect (HKLM-x32\...\{91252C0A-59F9-42F9-9181-B9CC74F592C0}) (Version: 9.4.10.24647 - Vodafone)

Vodafone Mobile Connect Lite (HKLM-x32\...\{B5761811-28F3-4257-B537-815C5EEF472C}) (Version: 3.1.2.104 - Vodafone)

Währungsumrechner (HKLM-x32\...\{5B0A0143-7ED2-4B68-A60B-9D92987DE5BD}) (Version: 1.0.1 - Stephan Muller)

WatchTVPro Essential Version 1.00 (HKLM-x32\...\WatchTVPro Essential_is1) (Version: 3.11 - Michael Hepp)

WEB.DE Online-Speicher 1.32.1.0 (HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\...\WEB.DE Application {sync-000021}) (Version: 1.32.1.0 - 1&1 Mail & Media GmbH)

WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden

Wertpapieranalyse 2012 (HKLM-x32\...\{A7166A02-9745-4F19-BB16-A0CC1F3ABDB1}) (Version: 1.01.0006 - Haufe-Lexware GmbH & Co. KG)

Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

Windows-Treiberpaket - Chicony (usbvideo) Image  (05/12/2009 6.3.251.0512) (HKLM\...\4D0A78D60CE7E81C31D46CB92DBA41CCF993C9BD) (Version: 05/12/2009 6.3.251.0512 - Chicony)

WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

WinSCP 5.1.7 (HKLM-x32\...\winscp3_is1) (Version: 5.1.7 - Martin Prikryl)

WinTimeKill 3.2 (HKLM-x32\...\{8667C09D-CD26-40BB-95F6-423272ACAA0A}_is1) (Version:  - Patrik Abend)

WISO Börse 2009 (HKLM-x32\...\{8596363E-8F5F-4693-BAA4-CC32973455D6}) (Version: 9.0.0.0 - Buhl Data Service GmbH)

WISO Mein Geld 2009 Professional (HKLM-x32\...\{44061C54-0775-4AE1-B433-79BCC6431817}) (Version: 10.01.0082 - Buhl Data Service GmbH)

WISO Mein Geld 2012 Professional (HKLM-x32\...\WISO Mein Geld 2012 Professional) (Version:  - Buhl Data Service GmbH)

WISO Mein Geld 2012 Professional (x32 Version: 14.0.1.18 - Buhl Data Service GmbH) Hidden
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{009EDA42-71E4-4C16-BB2E-578DC33BA491}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0274CF59-F6B1-474B-A138-51A810564926}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{063E01DE-C9E1-4809-A15F-B84F52E578D2}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0E5E5B83-A16D-4D15-AB45-7A0F8EECB0A5}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{0F8B006E-892B-4863-982B-29FBE45536F9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{1D2BA6AE-3D89-4187-85CB-E5AF407887FF}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{1E78821A-BA30-4AA0-B7A6-670DC23459DA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{32B32854-7FEC-4816-B0BD-D053DE2B2918}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{43B3E546-36B7-48C9-9796-2C7574787A1C}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{4E285563-1863-4D93-805F-2D2FFCD4814F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{511B6700-19AE-4143-812F-1543B5E1C985}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{54614417-8AA4-4B1B-AA98-559FC054636D}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{5F67A6B4-1A03-4371-A8A1-BD3263A2C2EC}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{6DB72514-5DA2-4791-9B68-310FDEB85CC9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{6FBE247C-3300-4F44-B5E6-1AC33BF03995}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{7C3F44C4-07D3-418D-A3BA-C7F1A5EF1235}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{7FE2C97A-562F-4791-ABB1-7C02D18EEC59}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8790471D-FE4E-4FF5-A91F-0808F923BEB9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8951CFDD-B3F7-4F2D-AF61-FE2228347429}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{8EB50499-42D6-456A-A1A7-4DC4BB4B0F5B}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{90E6DB72-4FBB-4F7A-9D36-3B56F3C4A517}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{90FC7BE4-DBEB-4CF4-828B-9AA72AE8FF74}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9221816B-AC34-4E7B-AE2F-4032653ECDDB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9962A902-9E84-45FA-B2E9-FC6CDD02674E}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9BDE95FF-99CA-413F-A4B4-2D1B21FC9EE8}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{9D40216B-B7B9-4402-BF6A-D21FD70A6000}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{A607C93C-A6EF-4B55-B8F9-6CA2C10690E4}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{A83FBE75-11CB-49F5-B9D7-802782B81CCB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{AE86BB6A-EB9A-4A4A-B0A9-FBAE38CFFBC9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{B037D8DB-0736-46A4-AF2B-E902E59DDD54}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{B716B7B7-443C-4E2D-A4B1-29BEB5987FC1}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{BB1B99DE-B2EB-4561-880E-BFCD4438E657}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C1E8B9C9-A293-4813-B730-54F5972AEE5A}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C28602FF-7932-4EE2-9315-B47E2C6E1ED3}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{C8F19C62-21CD-428E-AA37-773DAA8917E5}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{CAADC8E8-5514-495E-9DAC-C53C3A8D503F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D04F500B-185A-4E3E-B82A-76509373F9AC}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D2B3ACC4-B475-4435-8AA7-DA83C7D86C7E}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{D8CAEBA4-584C-43DF-8C0F-2F764E2B1BCB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{DDF489D3-8A13-4761-ABD7-FAF62A428252}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{DE119701-E35B-49BD-BB71-A51B2EE8B251}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E00AF38E-7813-4623-BBB2-9DB8323648DF}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E41726A5-6A44-4112-8C22-9658E343B903}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E6CED06A-26B6-455B-90C4-0EAFC522BC71}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{E8FE3CF4-FDC0-41DD-9B2E-3E7750CA3990}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{EE4A1121-C3D3-464E-B86B-CE0AA5D6D948}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{F6D701F8-799E-432F-BF81-C90B53D73AFD}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{F911124F-7BE5-4977-9B72-DEB00CE30D04}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FAE7A96A-56C3-4ABF-A6C2-D5D78089A7D8}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3975404785-3629955362-1126565087-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {00A50F64-49EA-4E90-B353-DD359493C931} - System32\Tasks\{AA37AD7A-A892-46C2-B416-734ACEC8F226} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe

Task: {0B51DC78-6AB9-40B1-B476-1C87752223F8} - System32\Tasks\{D4789B5A-6DB4-44E9-A9ED-5AC6AF432DF7} => pcalua.exe -a "C:\Users\Chris\Downloads\Treiber - DA2 Hybrid\driver\yInstallTools.exe" -d "C:\Users\Chris\Downloads\Treiber - DA2 Hybrid\driver"

Task: {16F46E11-86F0-4CA1-ABFD-14FF70BAC4F9} - System32\Tasks\{FB826B21-F920-416A-8815-52AC2A56170B} => pcalua.exe -a C:\Users\Chris\Downloads\iview436_setup.exe -d C:\Users\Chris\Downloads

Task: {1AD9F8B0-5360-453D-9AD1-F251165E341D} - System32\Tasks\{7C18FACC-B665-4062-86F3-56F5668D95C8} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.)

Task: {2308EF6C-BB71-4AE7-92B9-64093BAA4F8D} - System32\Tasks\{B8A6E478-3AF8-46BD-8261-CB722F6903D3} => pcalua.exe -a C:\Users\Chris\Downloads\LiveUSBHelper.exe -d "C:\Program Files (x86)\Mozilla Firefox"

Task: {29BA79AF-3117-4068-B736-6ECF72F7BF56} - System32\Tasks\{BD8A5EF9-D2C1-4FCB-93A7-808176143B30} => pcalua.exe -a H:\Setup.exe -d H:\

Task: {35449C4F-B1E9-470D-8E2D-6826A9E9FBAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-15] (Adobe Systems Incorporated)

Task: {35ECE4F3-BC11-4315-933F-C18A85205DF1} - System32\Tasks\{6B21BEC5-D3AE-4354-80D2-764432510387} => pcalua.exe -a H:\Setup.exe -d H:\

Task: {43AD022A-2BB9-4FE2-818B-39D95CFE1827} - System32\Tasks\{68B17966-2F73-40C4-8B36-89087A972312} => pcalua.exe -a "C:\Program Files (x86)\MAGIX\MP3_Maker_16\unwise.exe"

Task: {52313735-3929-43EC-91CD-77FB0BD62FBE} - System32\Tasks\{3AF93069-6DC9-46EE-97A3-A591F702CA35} => pcalua.exe -a I:\boot\Porteus-installer-for-Windows.exe -d I:\boot

Task: {543369A4-C969-4838-B92D-2A7DC84EA3CA} - System32\Tasks\{0C1C7759-13FA-458D-8090-A6078AC5C98C} => pcalua.exe -a C:\Users\Chris\Downloads\Officejet6500E709a_ES_MJP1FN0935AR_GER.exe -d C:\Users\Chris\Downloads

Task: {56E38062-4F32-44B4-8E66-176F2DB61FEE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"]

Task: {5B7EFF43-D7BF-477E-8772-8D7C5C1BFBFA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000Core => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-04] (Dropbox, Inc.)

Task: {5C728041-8EC9-49D1-A954-327E77027CEE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {5DA7E1B4-84E0-4C01-BF11-964D2216F958} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {64FB3D25-1327-4F5A-BAFC-38156858BB45} - System32\Tasks\{DEBE6408-024E-4819-8D61-8410057B6AC2} => Firefox.exe hxxp://ui.skype.com/ui/0/7.8.0.102/de/abandoninstall?page=tsProgressBar

Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs

Task: {818E3FB0-85F8-4E77-8493-4817184891DF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {8601B210-24FA-4436-A263-15A5673BE8E9} - System32\Tasks\{BDB07A78-03B3-49A5-BD37-5175E8D7F861} => pcalua.exe -a "C:\Program Files (x86)\Universal Phonebook Editor\uninstall.exe" -d "C:\Program Files (x86)\Universal Phonebook Editor"

Task: {8827FA34-3070-421D-BB2F-572653596B85} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {8B5D32FE-D3D4-4CFD-92BC-6B2DFC64F423} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)

Task: {93067070-B8A9-4C20-AAC0-11C374778F84} - System32\Tasks\{716937DF-D5A3-4046-8594-CCDA873196E5} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\2\SSM_Uninstall.exe

Task: {9B543991-FD98-4728-83CD-468052D2F1C9} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-09-03] (TOSHIBA CORPORATION)

Task: {A4E44E72-EF5C-41A1-B3C3-A60EDD61A7D9} - System32\Tasks\{8B7373D6-C48D-492C-8734-AF5087D2E2D5} => pcalua.exe -a C:\Users\Chris\Downloads\Samsung_PC_Studio_322_HK4.exe -d C:\Users\Chris\Downloads

Task: {A71F18D1-2CB9-4682-A5D8-BEEDEB44A63A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {A74E11CE-2F3E-4EF4-90C0-A21FEA0E5316} - System32\Tasks\{99CAA6B9-ACBA-4021-90BB-18A369274190} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\1\SS_Uninstall.exe

Task: {A90215A6-803C-40C1-9D04-2CBA3E518C80} - System32\Tasks\{4908698E-00E3-4059-B956-2F876C3A0468} => pcalua.exe -a "C:\Program Files (x86)\MAGIX\MP3_Maker_16\InstallLauncher.exe" -d "C:\Program Files (x86)\MAGIX\MP3_Maker_16"

Task: {AC11D051-7009-45E9-AB9A-AF149069458D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {BE35B1E0-8578-45C7-B0EE-EE6B4F3B86F4} - System32\Tasks\{9B33248F-F8DF-4A45-ABBB-8F53BBD07115} => pcalua.exe -a H:\VMCLiteSetup.exe -d H:\

Task: {C368FF83-A215-47DB-AAB8-4C2E43EDAB49} - System32\Tasks\{FAE26A1A-8FCC-41F2-A570-2FCF7D9A1C24} => pcalua.exe -a C:\Users\Chris\Downloads\AVM_FRITZ!_Mini_Assistent.exe -d "C:\Program Files (x86)\Mozilla Firefox"

Task: {C54E3770-6F3B-462A-AB96-EDBA234D8901} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000UA => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-04] (Dropbox, Inc.)

Task: {DBBDBC63-5585-4360-B96F-9FF11A80721E} - System32\Tasks\{F333CAB0-1196-4AE6-9CC5-5790870CA562} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\7\SSECUninstall.exe

Task: {E5B85FED-B082-42A8-80D8-0A448C829E79} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs

Task: {F3BB91A4-A792-4C1C-96B9-AEC4E69D4AD7} - System32\Tasks\{046C2D50-3619-4E16-9AB7-8FAAC3CB7CE3} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\6\SSBCUninstall.exe

Task: {FB973E15-0B31-4011-8CC5-4DF7055CB3A9} - System32\Tasks\{F16B9B92-3000-4D0A-A6C0-2897B7481825} => pcalua.exe -a C:\Users\Chris\Downloads\Statistikprogs\SPSS_Stats_trial_19_Language_win64.exe -d C:\Users\Chris\Downloads\Statistikprogs
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000Core.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3975404785-3629955362-1126565087-1000UA.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2014-09-21 15:01 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll

2006-12-04 02:26 - 2006-12-04 02:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll

2014-09-21 15:01 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll

2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2013-11-14 15:28 - 2013-11-14 15:28 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 00135680 _____ () C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 07553024 _____ () C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll

2008-08-22 21:06 - 2008-08-22 21:06 - 01032704 _____ () C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll

2010-04-24 15:23 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll

2016-05-18 00:42 - 2016-05-18 00:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll

2009-07-16 16:27 - 2009-07-16 16:27 - 07244600 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll

2009-07-16 16:27 - 2009-07-16 16:27 - 00051512 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll

2009-04-06 14:17 - 2007-04-23 09:09 - 00016896 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll

2009-03-12 20:08 - 2009-03-12 20:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll

2009-07-25 18:38 - 2009-07-25 18:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00056832 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Utilities.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00009728 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Utilities.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00025088 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Common.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00009216 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientScan.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00021504 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerScan.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00010240 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerAccess.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00007168 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientAccess.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00007680 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.ShellExtension.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00013824 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.ShellExtension.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00014336 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Core.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00034304 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Common.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00017408 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.CrossCutting.DependenciesConfiguration.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00006144 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.CrossCutting.DependenciesConfiguration.Contracts.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00029696 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerScan.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00082944 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.Core.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00026112 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ServerAccess.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00025088 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientScan.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00020480 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Sync.ClientAccess.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00014336 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Migration.dll

2015-11-11 22:20 - 2016-04-21 15:42 - 00005120 _____ () C:\Users\Chris\AppData\Local\WEB.DE Application {sync-000021}\UnitedInternet.PcSync.Logic.Migration.Contracts.dll

2010-03-14 23:17 - 2006-12-01 21:13 - 00520192 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe

2009-05-04 11:45 - 2009-05-04 11:45 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2010-01-24 15:21 - 2010-01-24 15:21 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2013-08-29 02:23 - 2013-08-29 02:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

2013-10-10 23:48 - 2013-10-10 23:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll

2015-12-18 19:30 - 2015-12-11 02:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll

2013-02-18 19:52 - 2011-01-13 12:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney Business 5.0\ouservice\PATCHW32.dll

2008-03-25 15:45 - 2008-03-25 15:45 - 00111888 _____ () C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\UPnPStreamingDevice.dll

2011-10-27 12:32 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

2013-08-29 02:25 - 2013-08-29 02:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

2016-08-25 18:23 - 2016-08-24 06:43 - 00035792 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd

2016-09-25 15:22 - 2016-08-24 06:43 - 00145864 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\pyexpat.pyd

2016-09-25 15:22 - 2016-08-24 06:43 - 00019408 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\faulthandler.pyd

2016-09-25 15:22 - 2016-08-24 06:43 - 00116688 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\pywintypes27.dll

2016-08-25 18:23 - 2016-08-24 06:43 - 00100296 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_ctypes.pyd

2016-08-25 18:23 - 2016-08-24 06:43 - 00018888 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\select.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00019760 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd

2016-08-25 18:23 - 2016-08-24 06:43 - 00694224 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\unicodedata.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00020816 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd

2016-08-25 18:23 - 2016-08-24 06:43 - 00123856 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 01682760 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00020808 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00105928 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32api.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00021312 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00052024 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00038696 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\fastpath.pyd

2016-09-25 15:22 - 2016-08-24 06:43 - 00392144 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\pythoncom27.dll

2016-09-25 15:22 - 2016-08-24 06:45 - 00020936 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\mmapfile.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00024528 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32event.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00116176 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32security.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00381752 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00124880 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32file.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00025424 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00024016 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32clipboard.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00175560 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32gui.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00030160 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32pipe.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00043472 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32process.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00048592 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32service.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00057808 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32evtlog.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00024016 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32profile.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00246592 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00026456 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00028616 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32ts.pyd

2016-08-25 18:23 - 2016-08-24 06:43 - 00144848 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_elementtree.pyd

2016-08-25 18:23 - 2016-08-24 06:44 - 00241104 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_jpegtran.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00023376 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00020800 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00019776 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00020800 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00020280 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00350152 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winxpgui.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00022352 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00024392 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd

2016-09-25 15:22 - 2016-08-24 06:41 - 00036296 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\librsync.dll

2016-09-25 15:22 - 2016-09-20 03:15 - 00084280 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL

2016-09-25 15:22 - 2016-09-20 03:15 - 01826096 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd

2016-08-25 18:23 - 2016-08-24 06:43 - 00083912 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\sip.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00531248 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 03928880 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 01972528 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00133424 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00224056 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00207672 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00020288 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd

2016-08-25 18:23 - 2016-08-24 06:45 - 00060880 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32print.pyd

2016-08-25 18:23 - 2016-09-20 03:15 - 00024904 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00546096 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00357680 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00042808 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd

2016-09-25 15:22 - 2016-09-20 03:15 - 00168760 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27644631.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\58058682.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\B50EA66D.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27644631.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\58058682.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\B50EA66D.sys => ""="Driver"
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
 

127.0.0.1       localhost

::1             localhost
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-3975404785-3629955362-1126565087-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

HKU\S-1-5-21-3975404785-3629955362-1126565087-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

HKU\S-1-5-21-3975404785-3629955362-1126565087-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.178.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{3B498F82-E6B1-4079-92C5-B809AAC1D572}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe

FirewallRules: [{94B915EA-362B-4182-B20B-23100E9775B0}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe

FirewallRules: [{CAC92C89-3768-4335-9C6B-A7D295780EFC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [TCP Query User{5862B42F-63CC-4FCE-87DE-6D182CADA2DB}C:\program files (x86)\mirandafusion\miranda32.exe] => (Allow) C:\program files (x86)\mirandafusion\miranda32.exe

FirewallRules: [UDP Query User{675CC335-508C-42F0-BD63-FC3E09F4CBC6}C:\program files (x86)\mirandafusion\miranda32.exe] => (Allow) C:\program files (x86)\mirandafusion\miranda32.exe

FirewallRules: [{08F2CAA4-9983-4293-AE11-2689ED92A48F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe

FirewallRules: [{F27EBA1D-F7BE-40D3-BB69-D39A17022BC5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe

FirewallRules: [{1BF0AC42-126D-423F-963E-93EFE7C661D1}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{6AEB7994-DF92-4248-A124-EB261430D800}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{3B65A749-CD90-4B76-9FD8-E1A470D71D4B}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{136DA2BF-1E6E-445F-97D2-9CB5B2840D1A}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe

FirewallRules: [{2910747F-5B2E-460F-9F34-BA3246D949C9}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe

FirewallRules: [{5363A111-4EDE-4891-AC7E-0D015D28895D}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe

FirewallRules: [TCP Query User{7F6BA431-5258-41BF-8D63-DF80F3260424}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe] => (Allow) C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe

FirewallRules: [UDP Query User{690E7D39-CF3D-429E-B10A-BF4076E8EDA9}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe] => (Allow) C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe

FirewallRules: [{48E308A4-4A33-4B4D-B409-9A750BA2AE3D}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe

FirewallRules: [{B1CB65F8-53D0-4332-85D7-C18030C1E031}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe

FirewallRules: [{1E598ADB-4672-464D-8CFF-7E03DA9F13DC}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{22A011A9-7A10-48D6-A8E9-8BE89975CB07}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{1D89CAFF-3E75-41D3-ACB8-D45FB8027E9E}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS7EB5\OJP8500vA909_Full_13\setup\hpznui40.exe

FirewallRules: [{1A649C83-F9BE-4E5A-9450-A4A4A0E8F71F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

FirewallRules: [{B45D410B-B5B8-4963-8D87-6703C9BA22F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe

FirewallRules: [{2576125D-A259-479F-9F1F-B51C18BA8CA1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe

FirewallRules: [{96BD5F29-C91E-433D-8402-8F0BE853EE2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe

FirewallRules: [{77F823DB-06D6-4B46-8796-01543187F1DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe

FirewallRules: [{E47379FC-AB92-45FF-A81B-3870E308C8ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe

FirewallRules: [{42415531-0267-4DE3-9880-B99D0335759C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe

FirewallRules: [{16CE3075-C5EC-4D6E-9EAA-321375004F53}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe

FirewallRules: [{9A851529-AB13-49B9-B55F-2B0B20E50608}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe

FirewallRules: [{E71B519F-8461-4139-A91D-0BB078DA1AEB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe

FirewallRules: [{A5261F2F-8A51-4EBA-B831-90C2497D104E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe

FirewallRules: [{79B3A7E0-DB58-4911-9A1B-EF427DBBBA07}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe

FirewallRules: [{4ABA3AED-1E9A-411F-BDA1-6E1D26094A28}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe

FirewallRules: [{EDFF2F88-E0E2-4ACC-A8AC-D78DEE47B9A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

FirewallRules: [{F6F3DB79-15B7-412A-A5E0-FEF89F62A25E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe

FirewallRules: [{AC4DD1C0-1F9C-426E-BE09-87F5FDB7BE32}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe

FirewallRules: [{1C46CD2B-6920-470A-B552-4D4FB64AD6B4}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe

FirewallRules: [{C52F9996-E769-46DE-B291-A571F2EED59D}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe

FirewallRules: [{18A64633-A0FD-4FEE-8048-23479432530E}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsasvr.exe

FirewallRules: [{F13DDCF2-D87A-4270-BC40-DF39B9737F92}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsasvr.exe

FirewallRules: [{E2F78DD6-0416-4462-952C-6525BD64E0D3}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsvsvr.exe

FirewallRules: [{897B6510-A049-4ADA-9A34-FCA7570CA349}] => (Allow) C:\Program Files (x86)\SAMSUNG\Samsung New PC Studio\npsvsvr.exe

FirewallRules: [TCP Query User{C0957462-D874-4CFE-B9FF-939A23E0895F}C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe] => (Allow) C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe

FirewallRules: [UDP Query User{84832C12-5F67-4DA1-96A6-E7271C9E86EA}C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe] => (Allow) C:\program files (x86)\epsonnet\epsonnet setupmanager\imanager.exe

FirewallRules: [{317F6EAF-DAE6-48CC-9459-66F5D064AEC9}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{CE59ED56-BACB-4E32-B1EC-86B10893995C}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{8DE56995-CF43-4A7C-B7EC-4A58E48CAA03}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{7A67C93A-579D-4291-A98F-FFDE9451746D}] => (Allow) C:\Program Files (x86)\Auktionatrix\Auktionatrix.exe

FirewallRules: [{2251F733-A846-44F1-977A-F04290671BC0}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{53FFB021-B571-4665-A546-52FC18732C28}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe

FirewallRules: [{4AEB8EE4-30E1-419E-9580-43354951D894}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{FC856EBE-64D6-47C1-9DB3-8D7EBA294F87}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [TCP Query User{19FB4C61-3944-4D22-933E-250244D86492}C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [UDP Query User{518FC4E6-062A-4AD6-9B1A-EF8059953E1C}C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [{DBD7C753-EDFB-45CF-BC77-A1351EC61170}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{B1293262-7D44-4EF1-AB31-8B52CB544CDC}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [TCP Query User{F767CC0C-C7D0-4791-850F-A3356A56B7E2}C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [UDP Query User{2B084990-3ACF-458F-B0DB-1932EC24BF7D}C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\chris\appdata\local\apps\2.0\e3tvm487.5k2\5rc5hybl.c73\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [TCP Query User{5D60EF0A-EE93-4B63-81D6-4DCEFE77A9F7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [UDP Query User{30C1C709-5B78-4534-BEC6-D4EBC1CCD898}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe

FirewallRules: [{D1DA0B4D-2339-4058-A8C3-10D0C45460F1}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\7JHG7237.HRK\NHAGXY99.J3W\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{DD573B4A-6D13-4B4E-9DBB-021537E258F7}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\7JHG7237.HRK\NHAGXY99.J3W\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C82B9940-5E0A-4A27-8137-6BD8A83091C9}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe

FirewallRules: [{5F49AD72-F25B-4513-85BB-7CF599F7A0EA}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe

FirewallRules: [{C6B96FDB-AE10-47B6-AE7D-72583B19B607}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{AE91007B-71DE-41C4-9273-574D43CF2AE0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{4B252877-FE68-453A-8B8F-23A46DB79183}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{32EBA946-2164-4AF6-B085-D6FF08F0A0B4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{42CC78F1-7688-4430-9DBC-2374EFA11063}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe

FirewallRules: [{F62742BB-A37E-45EE-B97A-6DB714E8D432}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe

FirewallRules: [{0A61605A-E08C-4522-A69C-8FAF391ADA13}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\app\StarMoney.exe

FirewallRules: [{0CCBFC81-E02D-40C7-87E3-3F7C68EFAADF}] => (Allow) C:\Program Files (x86)\StarMoney Business 5.0\app\StarMoney.exe

FirewallRules: [{5515B9C1-9D15-43A9-B705-2E5A261ED0CE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{A17D7959-38F5-41E3-9A8A-76D68EEDD966}] => (Allow) LPort=9322

FirewallRules: [{FEED730F-E300-4876-9C09-E54E8CE36959}] => (Allow) LPort=5353

FirewallRules: [{3ED5535E-EEA6-4939-B2D6-AAE000594A84}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe

FirewallRules: [{AD0288E7-E19B-4BD6-B947-73650A4A8FB9}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe

FirewallRules: [{F3A50888-4C82-4041-8099-3BD96A501F01}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe

FirewallRules: [{AF045C17-1DED-4729-ABBF-EDADCE241E94}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe

FirewallRules: [{9AEDB208-87F5-475F-850E-F4DA21533FB5}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe

FirewallRules: [{CB055D33-611C-4211-B9D2-6F7BA5F11CFB}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe

FirewallRules: [{CFB76798-0A7B-4F6C-81A3-DD52CCFE2361}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe

FirewallRules: [{49B3388D-C506-4D9F-A83E-C8A887736E08}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe

FirewallRules: [{A01F5991-4282-4B5A-98F4-2D20C4DE1F09}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe

FirewallRules: [{699C2634-F7F9-4E0C-83B1-F310D8902114}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe

FirewallRules: [{EBBDF23B-A64B-4F29-8D46-DFB5E21D0D2B}] => (Allow) LPort=5353

FirewallRules: [{A291B612-7DC2-4053-A674-A3C3B4ED8EC0}] => (Allow) C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

FirewallRules: [{D2AA0C76-6289-47D6-BA0F-A80B8D9EA215}] => (Allow) C:\Program Files (x86)\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

FirewallRules: [{17EF27AB-E32C-4F70-AD4A-BC86A4E3D948}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{A7838210-48DF-4EBA-816F-43623E865A61}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{3454E41E-FFEC-44F5-B2FD-93C9607D9857}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C7292A3B-75E5-4854-8710-A395D0C260FC}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\E3TVM487.5K2\5RC5HYBL.C73\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

FirewallRules: [{C2266FDF-BB49-414C-BBB8-6E27A8494D25}] => (Allow) C:\Program Files (x86)\Audials\Audials 10\Audials.exe

FirewallRules: [{75669AE8-CF83-47CF-82A8-9B206B5AC6F2}] => (Allow) LPort=12972

FirewallRules: [{FF82941F-52CE-45B6-BAD9-C02906E318B0}] => (Allow) LPort=14714

FirewallRules: [{CFFA7C30-FFF6-41FD-B249-9D179FF3B52C}] => (Allow) LPort=31931

FirewallRules: [{FFD223BE-B88B-4DCF-99DE-A43294048B04}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{0914084C-55E9-49FA-BD8F-0821C6C913B9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{07EF2CD4-31E2-414D-B616-9D8F7920C6AC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{62B0B672-A97D-4A89-AE52-DE6A26A3CCDD}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS2647\HPDiagnosticCoreUI.exe

FirewallRules: [{8541EF87-6686-4D86-93D2-04DDC211080A}] => (Allow) C:\Users\Chris\AppData\Local\Temp\7zS2647\HPDiagnosticCoreUI.exe

FirewallRules: [{7F0C0A55-4C81-402C-9C9E-0B56B431C240}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{FBECAA93-E1E4-424E-BDF2-E909FB0D3B2F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{73D50136-5336-4933-A9BC-776C6395BDE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{C4198AC7-1D25-4D37-AF12-89EEC95A2A85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{0F61DA1D-2D6E-4506-B7FC-2D2EF44DA553}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe] => (Block) C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe

FirewallRules: [UDP Query User{981DCC8F-5141-4750-8FA2-97A4C2CA5503}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe] => (Block) C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe

FirewallRules: [{C4EFDD36-4653-4823-924C-7D543C1398C4}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\ZW8JXE9N.63C\CC9667DP.LKQ\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{81C8BA49-2EA4-45EE-8A42-A080466925A8}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\ZW8JXE9N.63C\CC9667DP.LKQ\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{F6FD3182-F891-403C-920D-F65074490C6B}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\RPDH7O7A.KJ7\8VE1QDO5.TOE\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{F8F9E99D-1954-4ED4-86C4-9A1E73D36D9C}] => (Allow) C:\Users\Chris\AppData\Local\Apps\2.0\RPDH7O7A.KJ7\8VE1QDO5.TOE\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe

FirewallRules: [{63401765-166F-4BE5-B875-1C72F47F7B79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{14083FD7-70C5-43FA-94D0-2A337FFF2246}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{05F36E34-621A-4058-ABCD-CD0D046D953D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{F7D4BA75-E4C5-41D6-B709-550207B17F62}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 

==================== Wiederherstellungspunkte =========================
 

28-09-2016 22:56:29 Geplanter Prüfpunkt
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: FRITZ!WLAN Repeater N/G  (192.168.178.32)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: FRITZ!WLAN Repeater N/G  (192.168.178.2)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: SN  (192.168.178.1)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: FRITZ!Box Fon WLAN 7320  (169.254.1.1)

Description: AVM Audio

Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}

Manufacturer: AVM Berlin

Service: avmaudio

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (09/29/2016 12:09:49 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\chris\desktop\esetsmartinstaller_deu.exe". Fehler in

Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 

Error: (09/28/2016 10:10:36 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in

Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 

Error: (09/28/2016 05:12:20 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe". Fehler in

Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 

Error: (09/28/2016 05:12:20 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe". Fehler in

Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 

Error: (09/28/2016 05:12:13 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe". Fehler in

Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 

Error: (09/28/2016 05:11:08 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe". Fehler in

Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 

Error: (09/28/2016 05:00:23 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/27/2016 10:38:17 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/27/2016 10:33:19 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (09/27/2016 10:22:17 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 
 

Systemfehler:

=============

Error: (09/28/2016 05:18:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (09/28/2016 05:18:59 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 

Error: (09/28/2016 05:18:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (09/28/2016 05:18:58 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 

Error: (09/28/2016 05:18:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (09/28/2016 05:18:58 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 

Error: (09/28/2016 05:15:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (09/28/2016 05:15:31 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 

Error: (09/28/2016 05:15:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (09/28/2016 05:15:31 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 
 

CodeIntegrity:

===================================

  Date: 2015-07-12 11:10:18.113

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.856

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.713

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-12 11:10:17.515

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-05-09 11:12:09.232

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.216

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.185

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-05-09 11:12:09.138

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2010-01-23 20:37:58.912

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\KLIFX64\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2010-01-23 20:37:58.897

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\KLIFX64\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM)2 Duo CPU T9550 @ 2.66GHz

Prozentuale Nutzung des RAM: 64%

Installierter physikalischer RAM: 4060.85 MB

Verfügbarer physikalischer RAM: 1423.31 MB

Summe virtueller Speicher: 8119.91 MB

Verfügbarer virtueller Speicher: 4716.72 MB
 

==================== Laufwerke ================================
 

Drive c: (Windows7) (Fixed) (Total:232.42 GB) (Free:16.87 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

Drive d: () (Fixed) (Total:465.76 GB) (Free:0.46 GB) NTFS

Drive f: (Data) (Fixed) (Total:231.87 GB) (Free:1.81 GB) NTFS

Drive h: (desinfDATA) (Removable) (Total:1.59 GB) (Free:1.5 GB) FAT32
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BA938E8E)

Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)

Partition 2: (Active) - (Size=232.4 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (Size: 465.8 GB) (Disk ID: 553AFC2C)

Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (Size: 7.7 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

So, fertig. :daumenhoc

M-K-D-B

29.09.2016 14:49

Servus,

Zitat:

Kann ich die übrig gebliebenen in .VIRUS umbenannten Dateien (von Desinfec't) wieder umbenennen? An der Outlook.pst hänge ich besonders.

Von welchen Dateien sprichst du jetzt genau?
Also diejenigen, die von ESET auch schon angezeigt wurden, entfernen wir jetzt dann... :D

Zitat:

Würde gerne abschließend Kaspersky Total Security nochmal sauber neu installieren. Da sind sicherlich noch Reste von Pure und Testversionen drauf. Hast Du da noch Tipps? Ggf. auch für ne Kaspersky-Alternative nach Lizenzablauf. Hat ja leider doch Einiges durchgelassen und den Firehooker auch nicht in den Griff bekommen.

Eine Neuinstallation von Kaspersky kannst du im Anschluss an die Bereinigung immer noch machen, klar. Nach der Deinstallation aller Kaspersky Komponenten über die Systemsteuerung empfehle ich noch die Verwendung von kavremover. Damit sollten noch übrige Reste entfernt werden.
Danach kannst du Kaspersky neu installieren.

Andere Anti-Viren Hersteller hätten diese Adware wohl auch "durchgelassen", weil sie im Bereich Adware/PUP oft mangelhaft sind. Hierfür empfehle ich MBAM und AdwCleaner (beide Kostenlos) als Zusatz.

Zitat:

Was könnte der Trojaner angerichtet haben? Spionage? Gibts noch offene Tore oder Dateien gelöscht/unbrauchbar gemacht?...

War kein Trojaner, nur Adware. :D

Zitat:

Was wurde jetzt eigentlich so alles gelöscht im Rahmen der Bereinigung? Muss ich da was vermissen oder können Probleme auftreten? Z.B. diese oben erwähnte Proxy-Meldung vom FF?

Adware und PUPs wurden gelöscht. Das mit FF will ich noch hinbekommen. :)

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

start

CloseProcesses:

C:\Users\Chris\AppData\Roaming\Mozilla\Backup Firefox Jan 2015\Profiles\464scs16.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}

C:\Users\Chris\Documents\Firefox 35.0 (x86 de) - 2015-01-18.pcv

C:\Users\Chris\Downloads\FreeStudio.exe.VIRUS

C:\Users\Chris\Downloads\FritzRePass1.20-U3.zip

C:\Users\Chris\Downloads\registrybooster.exe.VIRUS

C:\Users\Chris\Downloads\FritzRePass1.20-U3\FritzRePass+U3\Portable\FritzRePass.exe

C:\Users\Chris\Downloads\FritzRePass1.20-U3\FritzRePass+U3\U3\FritzRePassU3.exe

DeleteKey: HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

DeleteKey: HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

DeleteKey: HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}

DeleteKey: HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}

FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF SelectedSearchEngine: google

FF Homepage: hxxp://www.google.de?hl=de&gl=de

FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF NetworkProxy: "type", 0

Folder: C:\Program Files\{08182E2D-B449-4D76-A8B3-A36FF9A8CE4E}

Folder: C:\Program Files\{0BA15EA7-137E-47DE-9952-536F0754F5C6}

Folder: C:\Program Files\{16916AFE-57EE-48FB-AD4A-6A0BA8760DBD}

Folder: C:\Program Files\{2E581B0F-78F6-46EC-963C-74734453F68B}

Folder: C:\Program Files\{59DC0B16-6721-47A2-8A18-638F86DE577B}

Folder: C:\Program Files\{5DE52103-CB18-4C18-9731-CA12C6608B4E}

Folder: C:\Program Files\{6898554C-783C-4ABE-BB8A-0D19E0BBD00E}

Folder: C:\Program Files\{7F691B94-EC20-4AB1-B359-65F7E779A79A}

Folder: C:\Program Files\{846F4C8A-F6AD-4D76-803E-FA53E52E7B77}

Folder: C:\Program Files\{A8AB7588-B27F-4596-8EBA-B7BCEF12A0C1}

Folder: C:\Program Files\{C424C90C-BE90-4C5A-B85C-A058A6CFD745}

Folder: C:\Program Files\{CACC03DD-9A08-4DDD-835C-48048033E61E}

Folder: C:\Program Files\{D7139FD5-6BBD-4CBF-8C21-770ED5ECB337}

Folder: C:\Program Files\{ECA3C7D6-410D-4C8C-97D0-99041876CB1E}

Folder: C:\Program Files\{F1F8D207-809B-4951-821A-9AFC3E8EF560}

Folder: C:\Program Files\{F7F09E8D-C722-4D76-8582-F88D0B42ADCE}

Folder: C:\Program Files (x86)\{01615F43-3647-4928-8CB4-0B7F4F940DEA}

Folder: C:\Program Files (x86)\{0F4AA5F5-B1C3-4A4E-B8BB-814F3FAAA4CA}

Folder: C:\Program Files (x86)\{21FFFEFC-5DD2-4991-9B43-509D22668380}

Folder: C:\Program Files (x86)\{34200A20-0B27-4742-B4A2-009E0EC4DA7E}

Folder: C:\Program Files (x86)\{71834002-D354-430D-8859-FA657575900E}

Folder: C:\Program Files (x86)\{7DD2579A-B226-4D61-BAA6-01947EBECE7D}

EmptyTemp:

end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

CChris

29.09.2016 17:13

Fixlog.txt

Code:



Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-09-2016

durchgeführt von Chris (29-09-2016 17:04:30) Run:5

Gestartet von C:\Users\Chris\Desktop

Geladene Profile: Chris & Gast &  (Verfügbare Profile: Chris & Gast)

Start-Modus: Normal

==============================================
 

fixlist Inhalt:

*****************

start

CloseProcesses:

C:\Users\Chris\AppData\Roaming\Mozilla\Backup Firefox Jan 2015\Profiles\464scs16.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}

C:\Users\Chris\Documents\Firefox 35.0 (x86 de) - 2015-01-18.pcv

C:\Users\Chris\Downloads\FreeStudio.exe.VIRUS

C:\Users\Chris\Downloads\FritzRePass1.20-U3.zip

C:\Users\Chris\Downloads\registrybooster.exe.VIRUS

C:\Users\Chris\Downloads\FritzRePass1.20-U3\FritzRePass+U3\Portable\FritzRePass.exe

C:\Users\Chris\Downloads\FritzRePass1.20-U3\FritzRePass+U3\U3\FritzRePassU3.exe

DeleteKey: HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

DeleteKey: HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

DeleteKey: HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}

DeleteKey: HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}

FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF SelectedSearchEngine: google

FF Homepage: hxxp://www.google.de?hl=de&gl=de

FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF NetworkProxy: "type", 0

Folder: C:\Program Files\{08182E2D-B449-4D76-A8B3-A36FF9A8CE4E}

Folder: C:\Program Files\{0BA15EA7-137E-47DE-9952-536F0754F5C6}

Folder: C:\Program Files\{16916AFE-57EE-48FB-AD4A-6A0BA8760DBD}

Folder: C:\Program Files\{2E581B0F-78F6-46EC-963C-74734453F68B}

Folder: C:\Program Files\{59DC0B16-6721-47A2-8A18-638F86DE577B}

Folder: C:\Program Files\{5DE52103-CB18-4C18-9731-CA12C6608B4E}

Folder: C:\Program Files\{6898554C-783C-4ABE-BB8A-0D19E0BBD00E}

Folder: C:\Program Files\{7F691B94-EC20-4AB1-B359-65F7E779A79A}

Folder: C:\Program Files\{846F4C8A-F6AD-4D76-803E-FA53E52E7B77}

Folder: C:\Program Files\{A8AB7588-B27F-4596-8EBA-B7BCEF12A0C1}

Folder: C:\Program Files\{C424C90C-BE90-4C5A-B85C-A058A6CFD745}

Folder: C:\Program Files\{CACC03DD-9A08-4DDD-835C-48048033E61E}

Folder: C:\Program Files\{D7139FD5-6BBD-4CBF-8C21-770ED5ECB337}

Folder: C:\Program Files\{ECA3C7D6-410D-4C8C-97D0-99041876CB1E}

Folder: C:\Program Files\{F1F8D207-809B-4951-821A-9AFC3E8EF560}

Folder: C:\Program Files\{F7F09E8D-C722-4D76-8582-F88D0B42ADCE}

Folder: C:\Program Files (x86)\{01615F43-3647-4928-8CB4-0B7F4F940DEA}

Folder: C:\Program Files (x86)\{0F4AA5F5-B1C3-4A4E-B8BB-814F3FAAA4CA}

Folder: C:\Program Files (x86)\{21FFFEFC-5DD2-4991-9B43-509D22668380}

Folder: C:\Program Files (x86)\{34200A20-0B27-4742-B4A2-009E0EC4DA7E}

Folder: C:\Program Files (x86)\{71834002-D354-430D-8859-FA657575900E}

Folder: C:\Program Files (x86)\{7DD2579A-B226-4D61-BAA6-01947EBECE7D}

EmptyTemp:

end

*****************
 

Prozess erfolgreich geschlossen.

C:\Users\Chris\AppData\Roaming\Mozilla\Backup Firefox Jan 2015\Profiles\464scs16.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} => erfolgreich verschoben

C:\Users\Chris\Documents\Firefox 35.0 (x86 de) - 2015-01-18.pcv => erfolgreich verschoben

C:\Users\Chris\Downloads\FreeStudio.exe.VIRUS => erfolgreich verschoben

C:\Users\Chris\Downloads\FritzRePass1.20-U3.zip => erfolgreich verschoben

C:\Users\Chris\Downloads\registrybooster.exe.VIRUS => erfolgreich verschoben

C:\Users\Chris\Downloads\FritzRePass1.20-U3\FritzRePass+U3\Portable\FritzRePass.exe => erfolgreich verschoben

C:\Users\Chris\Downloads\FritzRePass1.20-U3\FritzRePass+U3\U3\FritzRePassU3.exe => erfolgreich verschoben

HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.

HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} => Schlüssel erfolgreich entfernt

HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.

HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} => Schlüssel erfolgreich entfernt

HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D} => Schlüssel erfolgreich entfernt

HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA} => Schlüssel erfolgreich entfernt

Firefox DefaultSearchUrl erfolgreich entfernt

Firefox SelectedSearchEngine erfolgreich entfernt

Firefox "homepage" erfolgreich entfernt

Firefox "Keyword.URL" erfolgreich entfernt

Firefox Proxy-Einstellungen wurden zurückgesetzt
 

========================= Folder: C:\Program Files\{08182E2D-B449-4D76-A8B3-A36FF9A8CE4E} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{0BA15EA7-137E-47DE-9952-536F0754F5C6} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{16916AFE-57EE-48FB-AD4A-6A0BA8760DBD} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{2E581B0F-78F6-46EC-963C-74734453F68B} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{59DC0B16-6721-47A2-8A18-638F86DE577B} ========================
 

2016-06-25 13:49 - 2016-06-25 13:49 - 0494080 _____ ( ) C:\Program Files\{59DC0B16-6721-47A2-8A18-638F86DE577B}\{3518E829-4D6F-4A1F-98C7-3B3279C64432}.bin.VIRUS
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{5DE52103-CB18-4C18-9731-CA12C6608B4E} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{6898554C-783C-4ABE-BB8A-0D19E0BBD00E} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{7F691B94-EC20-4AB1-B359-65F7E779A79A} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{846F4C8A-F6AD-4D76-803E-FA53E52E7B77} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{A8AB7588-B27F-4596-8EBA-B7BCEF12A0C1} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{C424C90C-BE90-4C5A-B85C-A058A6CFD745} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{CACC03DD-9A08-4DDD-835C-48048033E61E} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{D7139FD5-6BBD-4CBF-8C21-770ED5ECB337} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{ECA3C7D6-410D-4C8C-97D0-99041876CB1E} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{F1F8D207-809B-4951-821A-9AFC3E8EF560} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files\{F7F09E8D-C722-4D76-8582-F88D0B42ADCE} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files (x86)\{01615F43-3647-4928-8CB4-0B7F4F940DEA} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files (x86)\{0F4AA5F5-B1C3-4A4E-B8BB-814F3FAAA4CA} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files (x86)\{21FFFEFC-5DD2-4991-9B43-509D22668380} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files (x86)\{34200A20-0B27-4742-B4A2-009E0EC4DA7E} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files (x86)\{71834002-D354-430D-8859-FA657575900E} ========================
 
 

====== Ende von Folder: ======
 
 

========================= Folder: C:\Program Files (x86)\{7DD2579A-B226-4D61-BAA6-01947EBECE7D} ========================
 
 

====== Ende von Folder: ======
 
 

=========== EmptyTemp: ==========
 

BITS transfer queue => 8388608 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4669638 B

Java, Flash, Steam htmlcache => 686 B

Windows/system/drivers => 43818866 B

Edge => 0 B

Chrome => 0 B

Firefox => 84621425 B

Opera => 0 B
 

Temp, IE cache, history, cookies, recent:

Default => 0 B

Public => 0 B

ProgramData => 0 B

systemprofile => 128 B

systemprofile32 => 128 B

LocalService => 0 B

NetworkService => 1144 B

Chris => 396081 B

Admin => 0 B

Gast => 0 B
 

RecycleBin => 0 B

EmptyTemp: => 135.3 MB temporäre Dateien entfernt.
 

================================
 
 

Das System musste neu gestartet werden.
 

==== Ende von Fixlog 17:04:58 ====

1)Naja, ich hatte ja die 4 Virenscanner vom Desinfec't- Linux drüberlaufen lassen und alles gefundene in .VIRUS umbenennen lassen. Unter anderem war da eben auch die .pst-Datei mit dabei. Einen Teil von diesen umbenannten Dateien hattest Du ja - wie Du schon sagtest - auch gefunden und gelöscht. Kann ich dann also die übrig gebliebenen .VIRUS Dateien als "Fehlalarm" sehen und wieder umbenennen/zurückholen?

2)Der Firehooker-Trojaner ist gar kein Trojaner, sondern Adware? Also relativ harmlos? Somit wären irgendwann mal angesteckte USB-Speicher und darauf abgespeicherte Backups damit vermutlich auch nicht infiziert?

Alle Zeitangaben in WEZ +1. Es ist jetzt 09:47 Uhr.

Seite 1 von 2

100 Beiträge dieses Themas auf einer Seite anzeigen

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131