Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"
 

Hallo zusammen,



nach einem Websitebesuch auf einer halbseidenen Page mit Keygens u.a. stellte ich fest, dass mein GData Internet Security keien Updates mehr laden konnte.

Neuinstallation und Deinstallation wurde mit dem Hinweis auf Dateiausführungsverhinderung verweigert. Bei der Ursachensuche stellte ich fest, dass die Zertifikate sämtlicher AV-Hersteller vom AVAST bis TrendMicro auf der Liste der nicht vertrauenswürdigen Zertifikate im Zertifikatsspeicher aufgeführt sind. Einmaliges Lösche der Liste erfolgte im Offline Betrieb, danach konnte ich GDATA neu installieren und durchlaufen lassen. GDATA hat nichts gefunden.

Heute war wieder GDATA gesperrt und die Einträge im Zertifikatsspeicher erneut vorhanden.
Hat jemand schon mal ähnliches erlebt? Wo könnte die Ursache der sich automatisch wieder erneuernden Einträge im Zertifikatsspeicher sein? Bin echt abgenervt, überlege ernsthaft, mein Windows komplett neu zu installieren.



Danke für jeden Hinweis!





Gerd

:hallo:
Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:

• Bitte lies meine Posts komplett durch bevor du sie abarbeitest
• Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
• Bitte kein Crossposting
• Installiere oder Deinstalliere keine Software ohne Aufforderung
• Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
• Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
• Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
• Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
• Wir machen unsere Arbeit freiwillig und ehrenamtlich neben unserer normalen Beschäftigung im Leben. Dennoch, wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!

Los geht's :abklatsch:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST.txt
 

Hier die FRST.txt
#######
FRST Logfile:
--- --- ---

Addition.txt
 

Und hier die Addition.txt
######

Ist das ein gewerblich genutztes System?

Kannst du mal bitte einen Screenshot der blockierten Zertifikate zeigen?

Ist mein privat-PC
 

Ist mein privat-PC, allerdings mit VPN-Zugriff (über Router) auf meine Praxis. Habe aber die VPN-Laufwerksverknüpfungen sicherheitshalber gelöscht.
Ist ein System, auf dem ich alles mögliche ausprobiere, installiere, wieder deinstalliere und letztes Jahr von win 7 auf win10 upgegradet habe. Dürfte sehr viel Datenmüll drauf sein.

Habe Screenshot als pdf angehängt

Schritt: 1
Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

• Starte bitte die mbar.exe.
• Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
• Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
• Klicke auf den CleanUp Button und erlaube den Neustart.
• Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
• Nach dem Neustart starte die mbar.exe erneut.
• Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

s. Anhang.
die Fehleinträge in der Hosts-Datei (s. 2. scan) habe ich manuell glöscht; der 3. Scan hat dann keinen Fehler mehr gezeigt.
Die fälschlich gesperrten Zertifikate habe ich über den Zertifikatsmanager manuell gelöscht - mal sehen, ob die jetzt dauerhaft weg bleiben.

Werde jetz den Rechner nochmal neu starten und dann das Ergebnis berichten

habe win 10 gerade neu gestartet. Im zertifikatsspeicher finden sich derzeit keine "nicht vetrauenswürdig" eingestuften Zertifikate mehr.
Vielleicht ist das Problem damit gelöst. Werde trotzdem weiter beobachten.

ja ganz ruhig da :D wir sind hier noch lange nicht fertig.

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser.
• Starte die adwcleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel
  • "Prefetch" Dateien
  • Proxy
  • Winsock
  • Internet Explorer Richtlinien
  • Chrome Richtlinien
• Bestätige die Auswahl mit Ok.
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Lade dir folgendes Programm herunter und installiere es: http://filepony.de/icon/tiny/malware...ti_malware.png Malwarebytes Anti-Malware

• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM nach dem Neustart, klicke auf Berichte.
• Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
• Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:

• Logfile von AdwCleaner
• Logfile von Malwarebytes
• Frst.txt
• Addition.txt

FRST.txt
 

Hier sind die Dateien.

Interessant: Firefox startet nicht. Fehlermeldung: Konfigurationsdatei konnte nicht gelesen werden. Bitte kontaktieren Sie Ihren System-Administrator

Denke mal, dass die Datei von der Anti-Malware oder GData gesperrt wurde

FRST.txt
[CODEUntersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-05-2017
durchgeführt von Leo (Administrator) auf QUADCORE-I5 (28-05-2017 17:19:40)
Gestartet von C:\Users\Leo\Downloads
Geladene Profile: Leo & UpdatusUser & MSSQLServerOLAPService & ReportServer & MsDtsServer120 (Verfügbare Profile: Leo & UpdatusUser & MSSQLServerOLAPService & ReportServer & MSSQLFDLauncher & SQLSERVERAGENT & MsDtsServer120 & MSSQLSERVER)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Alle) =========================

(Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(IBM Corp) C:\Windows\SysWOW64\nslsvice.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IBM Corp) C:\Windows\SysWOW64\nsl.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\conhost.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
(Microsoft Corporation) C:\Windows\System32\taskeng.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(IBM Corp) C:\Program Files (x86)\lotus\notes\ntmulti.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.WTSNXEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER\OLAP\bin\msmdsrv.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Windows\explorer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Users\Leo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Farbar) C:\Users\Leo\Downloads\FRST64(1).exe

==================== Registry (Alle) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-02] ()
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1314112 2015-02-09] (FileOpen Systems Inc.)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [725280 2012-08-27] (Oki Data Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4243168 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-03-16] (Apple Inc.)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2016-12-17] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [30264 2009-10-06] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [CDIWTSEnabler] => wscript "C:\Program Files (x86)\Cherry\CDI\cdiwtsclient.vbs"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [SpeechExecSDQuickLoad] => C:\Program Files (x86)\Philips Speech\SpeechExec Dictate\SEDict.exe [3430416 2016-03-21] (Speech Processing Solutions GmbH)
HKLM-x32\...\Run: [PowerDVD12DMREngine] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [513304 2016-11-01] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [386088 2016-11-01] (CyberLink Corp.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2015-10-30] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26112 2015-10-30] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [4516800 2017-03-04] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [4075184 2017-03-04] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [] => [X]
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-05-25] (Glarysoft Ltd)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [OneDrive] => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1518808 2017-04-12] (Microsoft Corporation)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [5489808 2016-11-04] (IDRIX)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\RedFox\AnyDVD\AnyDVDtray.exe [11030528 2017-05-05] (RedFox)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-163866912-915633979-1340512146-1003\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-163866912-915633979-1340512146-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-163866912-915633979-1340512146-1003\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [167936 2016-07-01] (Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [842240 2017-03-04] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - Keine Datei
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - Keine Datei
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\System32\EhStorShell.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Offline Files] -> {4E77131D-3629-431c-9818-C5679DC83E81} => C:\Windows\System32\cscui.dll [2017-03-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BootExecute: autocheck autochk *
AlternateShell: cmd.exe

==================== Internet (Alle) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [65024 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [55808 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70656 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [70656 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23552 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog5-x64 01 C:\Windows\system32\NLAapi.dll [80896 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5-x64 02 C:\Windows\system32\napinsp.dll [68096 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [87040 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5-x64 04 C:\Windows\system32\pnrpnsp.dll [87040 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [31744 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Hosts: 192.168.0.100 server
Tcpip\..\Interfaces\{17c1f411-9307-40f5-9a1d-ee7ed90c4bdc}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{29da9083-c071-4fe1-8443-3d1fad58c598}: [NameServer] 192.168.178.1
Tcpip\..\Interfaces\{ce6720c6-251d-4ab7-8a8a-f8b63ce173de}: [DhcpNameServer] 192.168.0.1 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-163866912-915633979-1340512146-1003\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-163866912-915633979-1340512146-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-163866912-915633979-1340512146-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-163866912-915633979-1340512146-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
URLSearchHook: HKU\S-1-5-21-163866912-915633979-1340512146-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-163866912-915633979-1340512146-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-163866912-915633979-1340512146-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-163866912-915633979-1340512146-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {E6E723A7-46B5-4C92-A0C7-212CA110DA98} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {E6E723A7-46B5-4C92-A0C7-212CA110DA98} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-163866912-915633979-1340512146-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-163866912-915633979-1340512146-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-163866912-915633979-1340512146-1001 -> {E6E723A7-46B5-4C92-A0C7-212CA110DA98} URL =
SearchScopes: HKU\S-1-5-21-163866912-915633979-1340512146-1003 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Kein Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-22] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\23.8\pdfforgeToolbarIE64.dll Keine Datei
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-163866912-915633979-1340512146-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2016-10-25] (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2016-10-25] (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2015-10-30] (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2015-10-30] (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll [2014-03-31] (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2017-03-04] (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2012-11-10] (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2015-10-30] (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2015-10-30] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll [2014-03-31] (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-03-29] (Microsoft Corporation)
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2016-10-25] (Microsoft Corporation)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2016-10-25] (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-03-29] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] (Microsoft Corporation)
Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll [2014-03-31] (Microsoft Corporation)
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll [2014-03-31] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Keine Datei
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2010-02-28] (Microsoft Corporation)
Filter-x32: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2012-10-31] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe

FireFox:
========
FF DefaultProfile: z4l03ruv.default-1494428104936
FF ProfilePath: C:\Users\Leo\AppData\Roaming\TomTom\HOME\Profiles\raxen8ss.default [2016-11-23]
FF Extension: (Kein Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nicht gefunden]
FF ProfilePath: C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936 [2017-05-28]
FF Homepage: Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936 -> hxxps://www.google.de/?gws_rd=ssl
FF NetworkProxy: Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936 -> type", 0
FF Extension: (Shield Recipe Client) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936\features\{c12fbbad-744b-4fa4-ae23-5949d3deb5e0}\shield-recipe-client@mozilla.org.xpi [2017-05-21]
FF ProfilePath: C:\Users\Leo\AppData\Roaming\KompoZer\Profiles\qo2jmiju.default [2016-06-11]
FF Extension: (KompoZer (classic)) - C:\Users\Leo\AppData\Roaming\KompoZer\Profiles\qo2jmiju.default\Extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2015-11-20] [ist nicht signiert]
FF Extension: (Default) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2017-05-20] [ist nicht signiert]
FF Extension: (Application Update Service Helper) - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi [2017-05-20] [ist nicht signiert]
FF Extension: (Multi-process staged rollout) - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi [2017-05-20] [ist nicht signiert]
FF Extension: (Pocket) - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi [2017-05-20] [ist nicht signiert]
FF Extension: (Web Compat) - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi [2017-05-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bonjour4firefox@apple.com] - C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension
FF Extension: (Bonjour Extension for Firefox) - C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension [2013-02-28] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-04-04]
FF HKLM-x32\...\Mozilla Firefox 53.0.3\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF Extension: (Kein Name) - C:\Program Files (x86)\Mozilla Firefox\components [2016-11-18] [ist nicht signiert]
FF HKLM-x32\...\Mozilla Firefox 53.0.3\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF Extension: (Kein Name) - C:\Program Files (x86)\Mozilla Firefox\plugins [2017-04-14] [ist nicht signiert]
FF HKLM-x32\...\Mozilla Thunderbird 45.8.0\Extensions: [Components] - C:\Program Files (x86)\Mozilla Thunderbird\components => nicht gefunden
FF HKLM-x32\...\Mozilla Thunderbird 45.8.0\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Thunderbird\plugins => nicht gefunden
FF HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Mozilla Firefox 53.0.3\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Mozilla Firefox 53.0.3\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Mozilla Thunderbird 45.8.0\Extensions: [Components] - C:\Program Files (x86)\Mozilla Thunderbird\components => nicht gefunden
FF HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Mozilla Thunderbird 45.8.0\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Thunderbird\plugins => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-24] ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-163866912-915633979-1340512146-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2012-03-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll [2012-03-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Leo\AppData\Roaming\mozilla\plugins\npasperaweb.dll [2013-02-27] (Aspera, Inc. )
StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\988562.js [2017-05-09] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\channel-prefs.js [2017-05-05]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://de.search.yahoo.com/?type=971163&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://de.search.yahoo.com/?type=971163&fr=yo-yhp-ch"
CHR NewTab: Default -> "chrome-extension://icfefgaiandjaieopcfbidalbebjlhjl/ntp/newtab.html"
CHR DefaultSearchURL: Default -> {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:iOSSearchLanguage}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:contextualSearchVersion}ie={inputEncoding }
CHR DefaultSearchKeyword: Default -> google.com
CHR DefaultNewTabURL: Default -> {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google :inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}s ugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default [2017-03-24]
CHR Extension: (Google Docs) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-24]
CHR Extension: (Chrome Media Router) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-12-17]
StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

==================== Dienste (Alle) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83056 2017-04-25] (Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [271960 2017-03-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
S3 AJRouter; C:\Windows\System32\AJRouter.dll [23040 2015-10-30] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [97792 2015-10-30] (Microsoft Corporation)
R2 AppHostSvc; C:\Windows\system32\inetsrv\apphostsvc.dll [64512 2016-03-11] (Microsoft Corporation)
R2 AppHostSvc; C:\Windows\SysWOW64\inetsrv\apphostsvc.dll [56832 2016-03-11] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [45056 2016-11-22] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [94720 2015-10-30] (Microsoft Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [200192 2016-02-13] (Microsoft Corporation)
S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [165376 2016-02-13] (Microsoft Corporation)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [504320 2017-03-04] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [2175488 2017-03-04] (Microsoft Corporation)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51376 2015-10-30] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [275456 2016-03-11] (Microsoft Corporation)
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [1054208 2017-03-04] (Microsoft Corporation)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5044784 2017-01-19] (G DATA Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [1022440 2016-12-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3236168 2017-01-10] (G Data Software AG)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114176 2015-10-30] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [361472 2016-03-29] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [794112 2016-03-29] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [1132544 2016-10-25] (Microsoft Corporation)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462096 2015-08-12] (Apple Inc.)
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2015-04-13] () [Datei ist nicht signiert]
R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [587776 2016-10-25] (Microsoft Corporation)
R3 Browser; C:\Windows\System32\browser.dll [134656 2016-03-29] (Microsoft Corporation)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-10-30] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [91136 2016-08-03] (Microsoft Corporation)
S4 CDPSvc; C:\Windows\System32\CDPSvc.dll [287744 2017-03-04] (Microsoft Corporation)
R2 CertPropSvc; C:\Windows\System32\certprop.dll [192000 2017-03-04] (Microsoft Corporation)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [569344 2015-07-31] (REINER SCT)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [98072 2016-11-01] (CyberLink Corp.)
S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [625000 2017-04-28] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [754664 2017-04-28] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [461824 2017-04-28] (Microsoft Corporation)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [301552 2016-11-02] (Intel Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [79872 2016-05-28] (Microsoft Corporation)
R2 CscService; C:\Windows\System32\cscsvc.dll [735232 2016-02-13] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [85784 2016-11-01] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [302872 2016-11-01] (CyberLink)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [905728 2017-04-28] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [186880 2015-10-30] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [527872 2016-09-07] (Microsoft Corporation)
R2 DeviceAssociationService; C:\Windows\system32\das.dll [445440 2016-10-05] (Microsoft Corporation)
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [111616 2015-10-30] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [34304 2015-10-30] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [355840 2016-05-28] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [293888 2016-05-28] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [31744 2015-10-30] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1637216 2017-03-04] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-11] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [224256 2011-03-02] () [Datei ist nicht signiert]
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [278016 2016-09-07] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [200192 2016-05-28] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57856 2015-10-30] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [285184 2017-03-04] (Microsoft Corporation)
R2 DoSvc; C:\Windows\system32\dosvc.dll [1097728 2017-03-04] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [264704 2015-10-30] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [170496 2015-10-30] (Microsoft Corporation)
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [205824 2015-10-30] (Microsoft Corporation)
S3 DsSvc; C:\Windows\System32\DsSvc.dll [145408 2016-03-11] (Microsoft Corporation)
S3 Eaphost; C:\Windows\System32\eapsvc.dll [112640 2016-09-07] (Microsoft Corporation)
R2 EFS; C:\Windows\system32\efssvc.dll [60416 2015-10-30] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [111616 2015-10-30] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [314368 2016-09-07] (Microsoft Corporation)
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1743872 2016-09-07] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [473088 2015-10-30] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [345600 2015-10-30] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [651776 2015-10-30] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [21504 2015-10-30] (Microsoft Corporation)
R2 FDResPub; C:\Windows\system32\fdrespub.dll [35840 2015-10-30] (Microsoft Corporation)
S3 fhsvc; C:\Windows\system32\fhsvc.dll [118784 2016-10-25] (Microsoft Corporation)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [341312 2015-02-09] (FileOpen Systems Inc.)
S3 FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1087792 2016-12-26] (Flexera Software LLC)
R2 FontCache; C:\Windows\system32\FntCache.dll [1661952 2017-03-04] (Microsoft Corporation)
R3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2015-10-23] (Microsoft Corporation)
S3 fsssvc; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [1512640 2014-03-31] (Microsoft Corporation)
S3 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [3991016 2017-01-19] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3386872 2017-01-10] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [852968 2016-12-23] (G DATA Software AG)
S2 gpsvc; C:\Windows\System32\gpsvc.dll [1339904 2016-05-28] (Microsoft Corporation)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4608320 2014-11-27] (SafeNet Inc.)
R3 hidserv; C:\Windows\system32\hidserv.dll [36864 2015-10-30] (Microsoft Corporation)
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [31744 2015-10-30] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [279040 2016-10-25] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [464384 2015-10-30] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [381440 2015-10-30] (Microsoft Corporation)
S2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Datei ist nicht signiert]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [163328 2016-05-28] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [119296 2017-04-28] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [957952 2017-04-28] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [634632 2012-06-19] (Intel(R) Corporation)
R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [49376 2012-02-27] (Intel Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [963072 2016-05-28] (Microsoft Corporation)
R3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [689464 2017-03-22] (Apple Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S3 KeyIso; C:\Windows\system32\keyiso.dll [97792 2015-10-30] (Microsoft Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [70656 2015-10-30] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [378880 2015-10-30] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [283136 2017-03-04] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [274432 2017-03-04] (Microsoft Corporation)
S3 lfsvc; C:\Windows\System32\lfsvc.dll [27136 2015-10-30] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-10-30] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [22528 2015-10-30] (Microsoft Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [280576 2015-10-30] (Microsoft Corporation)
R3 lmhosts; C:\Windows\System32\lmhsvc.dll [24576 2015-10-30] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277824 2012-07-19] (Intel Corporation)
R2 Lotus Notes Single Logon; C:\Windows\SysWOW64\nslsvice.exe [20530 2005-12-01] (IBM Corp) [Datei ist nicht signiert]
R2 LSM; C:\Windows\System32\lsm.dll [729600 2015-10-30] (Microsoft Corporation)
R2 LVPrcS64; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [191000 2009-10-07] (Logitech Inc.)
S2 MapsBroker; C:\Windows\System32\moshost.dll [72704 2017-03-04] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-20] (Microsoft Corporation)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52736 2015-10-30] (Microsoft Corporation)
U3 MessagingService_10105602; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_10105602; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_1fe9f20; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_1fe9f20; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_22264171; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_22264171; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_2805d80; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_2805d80; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_294dc563; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_294dc563; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_3cc87; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_3cc87; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_4110a2; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_4110a2; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_4eb27f1; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_4eb27f1; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 MessagingService_63fe3; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 MessagingService_63fe3; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_6d8e6; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_6d8e6; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7b29c; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7b29c; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7eb04; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7eb04; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7ec8d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7ec8d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_83adf; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_83adf; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_84931; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_84931; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_8c236; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_8c236; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_93a21e; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_93a21e; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_9551f; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_9551f; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_95cd17; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_95cd17; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_b9401; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_b9401; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_bc77fc; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_bc77fc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_f33b3d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_f33b3d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [173512 2017-05-20] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [870912 2016-04-23] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [147968 2015-10-30] (Microsoft Corporation)
R2 MsDtsServer120; C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe [216768 2016-09-24] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151040 2015-10-30] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [66048 2015-10-30] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [58368 2015-10-30] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26624 2016-03-11] (Microsoft Corporation)
R2 MSSQL$WTSNXEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.WTSNXEXPRESS\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
S3 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [372416 2016-09-24] (Microsoft Corporation)
S4 MSSQLServerADHelper100; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [59744 2010-04-03] (Microsoft Corporation)
R2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER\OLAP\bin\msmdsrv.exe [51156160 2015-04-21] (Microsoft Corporation)
R2 Multi-user Cleanup Service; C:\Program Files (x86)\lotus\notes\ntmulti.exe [57393 2005-12-01] (IBM Corp) [Datei ist nicht signiert]
R2 NAUpdate; C:\Program Files (x86)\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [168960 2015-10-30] (Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [338432 2016-03-29] (Microsoft Corporation)
R3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [79872 2017-03-04] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [Datei ist nicht signiert]
S3 Netlogon; C:\Windows\system32\netlogon.dll [847360 2016-09-07] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [713728 2016-03-11] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [265728 2016-10-25] (Microsoft Corporation)
R2 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [135848 2015-10-30] (Microsoft Corporation)
R2 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [135848 2015-10-30] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [547840 2015-10-30] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [211456 2016-08-03] (Microsoft Corporation)
S2 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [135848 2015-10-30] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [135848 2015-10-30] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [289792 2016-05-06] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [649216 2016-09-07] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [371712 2015-10-30] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [30720 2015-10-30] (Microsoft Corporation)
R2 nvsvc; C:\Windows\system32\nvvsvc.exe [891240 2012-10-02] (NVIDIA Corporation)
R2 nvUpdatusService; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1258856 2012-10-10] (NVIDIA Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [342016 2017-03-04] (Microsoft Corporation)
U2 OneSyncSvc_10105602; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_10105602; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_1fe9f20; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_1fe9f20; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_22264171; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_22264171; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_2805d80; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_2805d80; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_294dc563; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_294dc563; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_3cc87; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_3cc87; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_4110a2; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_4110a2; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_4eb27f1; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_4eb27f1; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_50ee0; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_50ee0; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
R2 OneSyncSvc_63fe3; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
R2 OneSyncSvc_63fe3; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_6d8e6; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_6d8e6; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7b29c; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7b29c; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7eb04; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7eb04; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7ec8d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7ec8d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_83adf; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_83adf; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_84931; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_84931; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_8c236; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_8c236; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_93a21e; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_93a21e; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_9551f; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_9551f; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_95cd17; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_95cd17; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_b9401; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_b9401; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_bc77fc; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_bc77fc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_f33b3d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_f33b3d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [351232 2017-03-04] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [434176 2015-10-30] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [528736 2016-10-25] (Microsoft Corporation)
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1978880 2016-09-07] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2015-10-30] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [752640 2017-03-04] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [252928 2016-03-11] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_10105602; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_10105602; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_1fe9f20; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_1fe9f20; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_22264171; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_22264171; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_2805d80; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_2805d80; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_294dc563; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_294dc563; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_3cc87; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_3cc87; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_4110a2; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_4110a2; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_4eb27f1; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_4eb27f1; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 PimIndexMaintenanceSvc_63fe3; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 PimIndexMaintenanceSvc_63fe3; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_6d8e6; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_6d8e6; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7b29c; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7b29c; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7eb04; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7eb04; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7ec8d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7ec8d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_83adf; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_83adf; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_84931; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_84931; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_8c236; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_8c236; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_93a21e; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_93a21e; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_9551f; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_9551f; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_95cd17; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_95cd17; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_b9401; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_b9401; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_bc77fc; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_bc77fc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_f33b3d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_f33b3d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 pla; C:\Windows\system32\pla.dll [1487360 2016-09-07] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1537536 2016-09-07] (Microsoft Corporation)
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [111616 2015-10-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [Datei ist nicht signiert]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [27648 2015-10-30] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [351232 2017-03-04] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [392192 2016-05-28] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [113664 2015-10-30] (Microsoft Corporation)
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [3337728 2017-04-28] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [328192 2016-03-29] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [286720 2017-03-04] (Microsoft Corporation)
S3 QWAVE; C:\Windows\SysWOW64\qwave.dll [246784 2017-03-04] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [106496 2016-02-13] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [696320 2015-10-30] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [507904 2016-09-07] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [436224 2016-09-07] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [156160 2015-10-30] (Microsoft Corporation)
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2467008 2015-04-21] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [1073152 2017-03-04] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [79360 2015-10-30] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10752 2015-10-30] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [905728 2017-04-28] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [57912 2016-09-07] (Microsoft Corporation)
S2 SCardSvr; C:\Windows\System32\SCardSvr.dll [235520 2015-10-30] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [181760 2015-10-30] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1001472 2017-03-04] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [192000 2017-03-04] (Microsoft Corporation)
S4 SDRSVC; C:\Windows\System32\SDRSVC.dll [150528 2016-07-01] (Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [31232 2016-03-11] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [73216 2015-10-30] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1297408 2017-03-04] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [339968 2017-03-04] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [180224 2016-02-13] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [372736 2015-10-30] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [313344 2015-10-30] (Microsoft Corporation)
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [456704 2016-03-11] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [608768 2015-10-30] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [559616 2015-10-30] (Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies)
S3 smphost; C:\Windows\System32\smphost.dll [23552 2015-10-30] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [20992 2015-10-30] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [591872 2016-09-07] (Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [15872 2015-10-30] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [755712 2016-09-07] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [6536248 2017-04-28] (Microsoft Corporation)
S4 SQLAgent$WTSNXEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.WTSNXEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S3 SQLBrowser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [270016 2014-02-21] (Microsoft Corporation)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2016-09-24] (Microsoft Corporation)
R2 SQLWriter; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [134336 2015-04-21] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [239616 2015-10-30] (Microsoft Corporation)

FRST.txt, Teil 2
 

FRST.txt, Teil2

[/CODE]

Addition.txt
 

malwarebytes Logfile
 

habe die Datei als ZIP angehängt ( ungezipt ist sie ca. 570 MB groß)

du meinst wohl Kilobytes haha

Die FRST Logs kannst gleich nochmal machen, Haken bei allen Whitelists wieder aktivieren und nur zusätzlich bei Adition.txt :)