Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 30.11.2015, 21:28   #1
Trabor
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



Hallo Leute,

mein Problem ist wie dem Titel schon zu entnehmen, dass jedes mal wenn ich meinen Laptop starte, nach der Anmeldung diese Fehlermeldung bekomme:

Zitat:
Regsvr32

Fehlermeldung beim laden des Moduls"".

Stellen sie sicher, dass die Binärdatei am
angegebenen Pfad gespeichert ist, oder debuggen sie die Datei um
Probleme mit der binären Datei oder abhängigen
DLL-Dateien auszuschließen.

Falsche Parameter.
Logdateien hab ich hier schon mal vorbereitet:


Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-11-2015
durchgeführt von Manu (2015-11-30 20:17:17)
Gestartet von C:\Users\Manu\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-04-20 22:13:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1029605971-2717496707-4219619431-500 - Administrator - Disabled)
Gast (S-1-5-21-1029605971-2717496707-4219619431-501 - Limited - Disabled)
Hauptversorgung (S-1-5-21-1029605971-2717496707-4219619431-1000 - Administrator - Enabled) => C:\Users\Hauptversorgung
HomeGroupUser$ (S-1-5-21-1029605971-2717496707-4219619431-1003 - Limited - Enabled)
Manu (S-1-5-21-1029605971-2717496707-4219619431-1001 - Limited - Enabled) => C:\Users\Manu

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version:  - Ubisoft Montreal)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 2.0.0.9 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.11.1440 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.11(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.52.52 - Conexant)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
Debut Videorekorder (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Debut) (Version: 1.95 - NCH Software)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.11 - Electronic Arts)
Dropbox (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
DTS Sound (HKLM-x32\...\{791692AD-63B2-4A87-A097-4E8DD3CE4BC9}) (Version: 1.00.0078 - DTS, Inc.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.)
Free Studio version 6.5.0.301 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.)
Free WEBM Player (HKLM-x32\...\Free WEBM Player_is1) (Version: 1.0 - Free Converting)
Glary Utilities 5.39 (HKLM-x32\...\Glary Utilities 5) (Version: 5.39.0.59 - Glarysoft Ltd)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.102.12020 (HKLM-x32\...\{571E58E4-608E-B7A6-50FF-4B531B424F5B}) (Version: 2.16.102.12020 - Sony)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.1 (x86 de)) (Version: 33.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team)
NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.23.2817 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PhotoFiltre 7 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\PhotoFiltre 7) (Version:  - )
Picopix Viewer 2 (HKLM-x32\...\{6022800B-A1E1-4CA9-9B74-6E4F599AC42C}) (Version: 1.0.0.7 - PHILIPS)
PlanetSide 2 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version:  - Crytek)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.14.201410081526 - Sony Mobile Communications AB)
Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
SoundSwitch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\5e9d4b807286f8d3) (Version: 2.4.1.4 - Jeroen Pelgrims)
Spotify (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StormWatch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\StormWatch) (Version: 1.0.1.27 - StormWatch) <==== ACHTUNG
System Checkup 3.5 (HKLM-x32\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.5.6.8 - iolo technologies, LLC)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.9.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.0.10.0 - GOG.com)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.12 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 5.00.04.00 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.27.3201 - Toshiba Corporation)
UninstallMX-3200 Mouse (HKLM-x32\...\{41CC9883-5B20-4F62-98CB-034D10240708}}_is1) (Version:  - MX-3200 Mouse Driver)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WindowsMangerProtect20.0.0.1013 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1013 - WindowsProtect LIMITED) <==== ACHTUNG
WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2014-07-03 20:54 - 00000867 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1			d3oxij66pru1i3.cloudfront.net

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => 
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => 
Task: C:\Windows\Tasks\Media_Play_AIR+-nova.job => 
Task: C:\Windows\Tasks\Media_Play_AIR+-novainstaller.job => 
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => 
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => 
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => 

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-18 15:30 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\sony.com -> sony.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.137.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{695E765D-1888-4123-A8A0-77C1063C4600}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{7334B691-407C-4F7A-B1CD-649227889648}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{E7E0FB69-5014-4EDF-9346-E3CE354F890F}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{5B4215D7-629E-4CD1-8A9F-7AFD98D92516}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [TCP Query User{FD221C7B-2323-43AA-87F2-FA60B3CDAEA1}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe
FirewallRules: [UDP Query User{5F9E9BCD-E65A-458B-AB31-90F74F32492F}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe
FirewallRules: [{150BEBFA-06AC-446C-88AE-DC455F13C92E}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{3399C967-52AC-436B-AAA4-B0B033265B07}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{5FDAC454-596C-4093-9C44-386654845929}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FEEA1814-0AA6-446C-9AD6-58158DCB8366}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{77BA2580-97DA-42E3-A7C9-1F538BF6303F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{ED613459-72D8-489D-A965-6CA4C593548B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2A4B1D99-1D5D-4E69-83C2-3F4F14468DDC}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{BE5FB37C-92A8-4E65-AFCD-64328F901131}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{704239C9-60B8-4CEF-8368-FFCD03FB8C52}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{5C0AF49E-EDDB-4910-883A-243E86BE809E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{3F5AAD94-95FA-4D8C-A604-CEBE0D5B08EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5DC7C6FB-C9AC-4FC7-8B78-ACCB784808B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{69570EC4-3BA9-42AE-8B38-A551373CD101}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [UDP Query User{2D222F44-2F5E-4A05-AA89-969DA903E654}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [{15121F45-5065-4408-99AC-2987AE1F5E06}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{22715FA6-D188-4B64-B47F-9F17BC93A0A1}] => (Allow) LPort=2869
FirewallRules: [{761C75ED-7C81-436D-9038-00175947154E}] => (Allow) LPort=1900
FirewallRules: [{46FCDBBA-0F5D-402A-8D61-93295691B05B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{02A45172-C4DC-4C66-9133-20D4402B1DE0}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{08C48F49-058C-47BC-BC2D-E62AA9A6075D}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{AFA97030-0BDF-4923-AF83-25BD945A08DB}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3D3B09D3-A583-4625-BF68-11B0D1A88119}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{840649AA-4555-4A11-B44E-4941DFC38C88}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0B9FD96F-1A10-447B-BCFE-16A13A05EE85}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A415C068-196E-4E51-9D69-D23BB7851B93}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [UDP Query User{EF96EDDE-B1D2-494D-BA50-4AB950322CE2}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [TCP Query User{E4410D65-CD93-4D6B-9DDB-4C6D4740CD18}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{CE3168AC-A80B-41EA-9CA1-91147D7CF6B6}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{414CE259-0899-45A2-A87C-2781BE7F02E1}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe
FirewallRules: [UDP Query User{44979A6C-3837-4A68-BB24-6B09A7301BFB}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe
FirewallRules: [{BE758AE4-C60D-45DB-A9FA-6FBD285A667D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{D995E6C6-683C-4C6B-AC70-D0725B7E0A77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{5F307FEF-1FF6-4DCA-B0FA-97A5FAE437F5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{76B7ADE8-DACE-488D-970F-AD727A24E894}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93B38BA5-37F1-48A0-AE0C-83C315B45BEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{57697E62-A9AB-4CE8-B1EA-6386C3870037}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{B7713B6E-B5B4-4911-A3A2-567180FB102C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{912EE4F4-E9A8-49AE-AAA1-8FF0CC88BE3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{576CC5FE-A1BA-46B2-AC3B-D4D2C16C4E43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{7293FCF4-1A73-4502-B6BB-AE16B30B6A8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{11AB4B45-A653-49B8-B7EB-C71728E81216}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{6BFA2B02-35C6-4D26-8982-C6AD7F2AA929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{50C1150E-8695-472D-B1D7-E8415E876784}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe
FirewallRules: [{A36BF8F6-70A8-43B9-9C8A-202BB09D3CAF}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe
FirewallRules: [{ADD2C6A6-D26B-438F-B6B8-E7CFE514D766}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe
FirewallRules: [{FE84DAB2-AD69-4C7C-8133-5110540C7E70}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe
FirewallRules: [{42B8BE23-325D-4373-9F18-7A1586E3866D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{DA58110C-A453-4FA7-B3DB-452E2FF21E07}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{A290E011-B1D3-4675-B8F0-5FBBBCD69709}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{03FB4EEC-A900-45DB-A1F8-8FF8B632F1C2}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{14A24841-2449-4206-A1CD-52AF3D61ADCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{65E9204B-24D1-4616-9A10-8DEADD1D67CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6BCE2702-E6E8-49B9-B3B6-94DD8EB038B0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{885CC5DF-D215-47FD-860F-4A0947C1A479}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{AD749031-A1F6-43ED-9745-C0C26A72B9A6}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{61C6A1A6-E6A9-4AA6-BA3C-E4610C04530F}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{DA2525F1-DEB7-49F1-87A5-E61C7C38C59A}] => (Allow) C:\Users\Hauptversorgung\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{06C9F0A8-346F-4C0C-9B55-E653DF945D1D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{5EC3F0A6-9028-4498-9532-48EB0D0BE5E5}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{759BB140-F194-4985-9DDD-51A587D41EFE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{3293E2EB-2B90-461B-B2F5-ED2F77688E29}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0C6B17EA-CC2D-4EB4-87CB-846DF40EA8D9}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E6867034-8D86-4988-B6BE-5BDEC70F0D46}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3B7CBB1B-3F82-4E3C-8B68-EDEA086B2524}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C7E6BF53-0DA0-45AF-87AF-20579A896855}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe
FirewallRules: [UDP Query User{23324BB8-18D3-4304-B06C-A6718AB5EBB2}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe
FirewallRules: [TCP Query User{89CD0DE0-F2BF-430A-8A2C-2C452D71EBDF}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{727384BD-E278-4DFD-B9EA-1311169FCAB9}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{D28DA4D8-870A-4874-9A0A-07F998B654BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{9FA4D48B-86A8-4ECB-9297-F3ECDCE18FB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{1721AEB4-BA9D-4560-B96C-7EE39595B642}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{38E0F69F-9AC7-484C-9A66-23EFA9468806}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{365A8F52-5F7C-4D87-86E7-80471F9A22F2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{A9F2616C-8D6A-465D-803B-87412F96BE39}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{B85217BD-BF90-42FC-AC38-7E5329156401}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [UDP Query User{E1286947-A9B0-44BC-84FF-68C2BB8D86EB}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [{A34A4B2C-606F-4038-AA6E-BB2B980968F4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{A5DBA105-740F-4B0D-87E7-B712BC30A2C0}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{BD0440F7-5665-4B79-B226-1B3B86011CE8}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3D01D709-80EE-4CFF-B5AD-40033A43DADA}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{93877362-D359-4E3D-A3B9-EDC17E18EF50}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [{502EBF67-EDE6-4D14-98AE-860EB5C0D972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{EE0D5ABB-6FE7-4C6F-84A1-1C966530FA22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [TCP Query User{A88E8258-F561-44ED-9219-315BF1367CE0}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{EF807ECB-443B-431A-92EF-AE5620078C33}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [{E1ACAAB5-BF44-4C1D-827C-28743106A93E}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{511EA237-B5C6-4CD6-BBB6-1E18C6A3E827}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{E01C9A8D-F268-4334-8811-FB33F15CF691}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{47CA75A6-CF9A-4B52-8D13-395D6CE50ECA}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [TCP Query User{1E9E3768-7706-461F-BCCD-D45B7B429FC6}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4A92A064-0E08-424B-B185-77F82C728675}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{86226233-512F-4C66-AD95-004871ADEC8D}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{75CF4D54-4682-4D94-899F-FC1267F2B1E8}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A599D2BC-B153-43AD-9A54-0B3454E92695}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C9F7AB7D-CA57-4D28-9554-9B4A1FD6287D}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [{46C43241-26E4-43C9-A5D1-CA513B7CF971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{4D434C33-EA00-404E-A6E3-DE4D4B3BD158}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [UDP Query User{C108A8C9-73CE-425C-AF89-B2A6A9030AF8}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [{C313866D-3332-4B60-82CB-8657E7806570}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{325C35F4-85F1-4F48-A0C0-BCB9415E0234}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{04511432-AE04-49EC-A4FA-CB5D5D8454BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5A9125A0-77C9-46D5-B6AB-53C7B1B8FBCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D1516845-6E21-4850-8D47-03BBA9BE16EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{74EE8792-45C4-4D90-94C6-0C7D1B86868E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DF066418-9661-412A-9365-1349110E6823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{F1525B84-1D69-42B3-9C34-88CC394EC190}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{063B437B-D699-484F-BEA0-920D3B769F09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{4BB81FE2-D083-4AF1-8B61-1BF0E3C141E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{BF07CEF3-AECC-4D06-BE76-9F33F3E57C84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{2B02CD39-DBA6-4AE6-8BCA-6CB6638BD9B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C85F2749-3ED8-414E-83E0-4C1BBCEECB25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{AAF532D2-C9F1-4534-BB2B-62537D62DBD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 3D-Videocontroller
Description: 3D-Videocontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20046

Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20046

Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/30/2015 05:42:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19048

Error: (11/30/2015 05:42:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19048

Error: (11/30/2015 05:42:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/30/2015 05:42:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18049

Error: (11/30/2015 05:42:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18049

Error: (11/30/2015 05:42:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/30/2015 05:42:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17035


Systemfehler:
=============
Error: (11/30/2015 07:48:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update snipsmart" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/30/2015 03:20:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AntiVirSchedulerService erreicht.

Error: (11/30/2015 05:41:51 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.

Error: (11/29/2015 00:40:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.

Error: (11/29/2015 09:02:37 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.

Error: (11/28/2015 07:38:40 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (11/28/2015 07:19:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (11/28/2015 00:21:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (11/28/2015 03:48:33 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (11/26/2015 09:14:39 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


CodeIntegrity:
===================================
  Date: 2014-11-30 22:22:54.493
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:22:54.472
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:21:01.882
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:21:01.858
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 12216.36 MB
Verfügbarer physikalischer RAM: 7770.16 MB
Summe virtueller Speicher: 24430.93 MB
Verfügbarer virtueller Speicher: 19407.53 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:503.32 GB) (Free:31.59 GB) NTFS
Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:2066.22 GB) NTFS

==================== MBR & Partitionstabelle ==================

==================== Ende von Addition.txt ============================
         
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-11-30 20:53:02
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 HGST_HTS541075A9E680 rev.JA2OA700 698,64GB
Running: Gmer-19357.exe; Driver: C:\Users\HAUPTV~1\AppData\Local\Temp\kxldypog.sys


---- User IAT/EAT - GMER 2.1 ----

IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetModuleFileNameA]                     [5f00735f66746e69] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetModuleFileNameW]                     [5f66746e69727063] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetModuleHandleW]                       [7570635f006c5f73] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!Sleep]                                  [747570635f007374] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetProcAddress]                         [616572635f007377] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!WriteFile]                              [656c61636f6c5f65] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetStdHandle]                           [666e616373635f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetSystemWindowsDirectoryW]             [666e616373635f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetSystemDirectoryW]                    [616373635f006c5f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLongPathNameW]                       [73635f00735f666e] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentThreadId]                     [6c5f735f666e6163] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FlsSetValue]                            [33656d6974635f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FlsGetValue]                            [656d6974635f0032] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!DebugBreak]                             [74635f00735f3233] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!OutputDebugStringA]                     [635f003436656d69] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCommandLineA]                        [735f3436656d6974] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CloseHandle]                            [5f66746e69727077] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLastError]                           [69727077635f0070] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ResumeThread]                           [6c5f705f66746e] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateThread]                           [746e69727077635f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FlsFree]                                [61637377635f006c] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetLastError]                           [637377635f00666e] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentThread]                       [635f006c5f666e61] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FlsAlloc]                               [735f666e61637377] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FindNextFileA]                          [6e61637377635f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FindFirstFileA]                         [645f006c5f735f66] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FindClose]                              [746867696c7961] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FindNextFileW]                          [5f65646f6365645f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FindFirstFileW]                         [7265746e696f70] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLogicalDrives]                       [6d6974666669645f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetDiskFreeSpaceA]                      [6669645f00323365] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FileTimeToSystemTime]                   [3436656d697466] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FileTimeToLocalFileTime]                [6570616d736f645f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetErrorMode]                           [627473645f007272] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!Beep]                                   [7075645f00736169] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFileAttributesA]                     [5f00327075645f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetFileAttributesA]                     [735f766e65707564] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetEnvironmentVariableA]                [5f00747663655f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentDirectoryA]                   [5f00735f74766365] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetCurrentDirectoryA]                   [705f65646f636e65] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFullPathNameA]                       [5f007265746e696f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetDriveTypeA]                          [5f6465646f636e65] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentProcessId]                    [6e655f006c6c756e] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateDirectoryA]                       [64616572687464] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!MoveFileA]                              [65726874646e655f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RemoveDirectoryA]                       [6e655f0078656461] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!DeleteFileA]                            [655f006e6f726976] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFileAttributesW]                     [6e7272655f00666f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetEnvironmentVariableW]                [6c636578655f006f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentDirectoryW]                   [656c636578655f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetCurrentDirectoryW]                   [706c636578655f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetFileAttributesW]                     [706c636578655f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFullPathNameW]                       [76636578655f0065] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateDirectoryW]                       [6576636578655f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!MoveFileW]                              [7076636578655f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RemoveDirectoryW]                       [7076636578655f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetDriveTypeW]                          [746978655f0065] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!DeleteFileW]                            [646e617078655f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetExitCodeProcess]                     [5f65736f6c63665f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!WaitForSingleObject]                    [5f006b636f6c6f6e] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateProcessA]                         [6c6165736f6c6366] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LoadLibraryA]                           [747663665f006c] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FreeLibrary]                            [735f747663665f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateProcessW]                         [6e65706f64665f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ReadFile]                               [5f6873756c66665f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!DuplicateHandle]                        [5f006b636f6c6f6e] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentProcess]                      [7261686374656766] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetSystemTimeAsFileTime]                [6377746567665f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetTimeZoneInformation]                 [6b636f6c6f6e5f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLocalTime]                           [686377746567665f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!WideCharToMultiByte]                    [626c69665f007261] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetFileTime]                            [656c69665f006675] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LocalFileTimeToFileTime]                [5f006874676e656c] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SystemTimeToFileTime]                   [676e656c656c6966] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetLocalTime]                           [665f003436696874] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!MultiByteToWideChar]                    [665f006f6e656c69] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCPInfo]                              [65736f6c63646e69] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetACP]                                 [6966646e69665f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetOEMCP]                               [665f003233747372] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!IsValidCodePage]                        [7473726966646e69] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetDateFormatA]                         [665f003436693233] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetTimeFormatA]                         [7473726966646e69] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RaiseException]                         [646e69665f003436] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RtlPcToFileHeader]                      [6934367473726966] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RtlLookupFunctionEntry]                 [646e69665f003233] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RtlUnwindEx]                            [5f0032337478656e] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapSetInformation]                     [7478656e646e6966] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapCreate]                             [665f003436693233] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapDestroy]                            [367478656e646e69] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapFree]                               [6e646e69665f0034] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapQueryInformation]                   [6574696e69665f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapValidate]                           [6873756c665f0066] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapCompact]                            [6f6d665f006c6c61] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapWalk]                               [6c6370665f006564] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!VirtualProtect]                         [6370665f00737361] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!VirtualAlloc]                           [665f00667373616c] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetSystemInfo]                          [6c665f6565656970] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!VirtualQuery]                           [73657270665f0074] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetHandleCount]                         [697270665f007465] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFileType]                            [665f006c5f66746e] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetStartupInfoA]                        [705f66746e697270] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFileInformationByHandle]             [746e697270665f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!PeekNamedPipe]                          [665f006c5f705f66] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateFileA]                            [735f66746e697270] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateFileW]                            [747570665f006c5f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetFilePointer]                         [70665f0072616863] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetConsoleCP]                           [6c6f6e5f63777475] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetConsoleMode]                         [7570665f006b636f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FlushFileBuffers]                       [5f00726168637774] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreatePipe]                             [6f6e5f6461657266] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetStdHandle]                           [72665f006b636f6c] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ReadConsoleInputA]                      [6f6c6f6e5f646165] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetConsoleMode]                         [72665f00735f6b63] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!PeekConsoleInputA]                      [6c61636f6c5f6565] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetNumberOfConsoleInputEvents]          [61656572665f0065] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ReadConsoleInputW]                      [5f61656572665f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!WriteConsoleA]                          [66656572665f0073] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetConsoleOutputCP]                     [616373665f00736c] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!WriteConsoleW]                          [73665f006c5f666e] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!IsDBCSLeadByteEx]                       [6c5f735f666e6163] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ReadConsoleA]                           [5f6b656573665f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ReadConsoleW]                           [5f006b636f6c6f6e] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetEndOfFile]                           [3436696b65657366] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetProcessHeap]                         [696b656573665f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LockFile]                               [636f6c6f6e5f3436] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!UnlockFile]                             [65706f73665f006b] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!TerminateProcess]                       [74617473665f006e] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!UnhandledExceptionFilter]               [617473665f003233] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetUnhandledExceptionFilter]            [5f00343669323374] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!IsDebuggerPresent]                      [34367461747366] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RtlVirtualUnwind]                       [343674617473665f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RtlCaptureContext]                      [6574665f00323369] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetConsoleCtrlHandler]                  [636f6c6f6e5f6c6c] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!InitializeCriticalSectionAndSpinCount]  [6c6c6574665f006b] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FreeEnvironmentStringsW]                [6574665f00343669] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetEnvironmentStringsW]                 [6f6e5f3436696c6c] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCommandLineW]                        [74665f006b636f6c] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FreeEnvironmentStringsA]                [665f003233656d69] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetEnvironmentStrings]                  [735f3233656d6974] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!QueryPerformanceCounter]                [36656d6974665f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetTickCount]                           [656d6974665f0034] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetStringTypeW]                         [75665f00735f3436] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetStringTypeA]                         [5f00687461706c6c] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LCMapStringA]                           [3233656d69747566] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LCMapStringW]                           [656d697475665f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CompareStringA]                         [727077665f003436] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CompareStringW]                         [5f006c5f66746e69] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLocaleInfoW]                         [66746e6972707766] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLocaleInfoA]                         [727077665f00705f] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetUserDefaultLCID]                     [6c5f705f66746e69] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!EnumSystemLocalesA]                     [6e69727077665f00] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!IsValidLocale]                          [5f006c5f735f6674] 
IAT  C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LoadLibraryW]                           [6e5f657469727766] 

---- Registry - GMER 2.1 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Shares@Nightcore\xb2                                                                                                                          CSCFlags=2048?MaxUses=4294967295?Path=F:\Manu's Muik\Nightcore??Permissions=0?Remark=?ShareName=Nightcore??Type=0?
Reg  HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Shares@Purple Ramon\xb2                                                                                                                       CSCFlags=2048?MaxUses=4294967295?Path=F:\Manu's Muik\Purple Ramon??Permissions=0?Remark=?ShareName=Purple Ramon??Type=0?
Reg  HKLM\SYSTEM\ControlSet002\services\LanmanServer\Shares@Nightcore\xb2                                                                                                                              CSCFlags=2048?MaxUses=4294967295?Path=F:\Manu's Muik\Nightcore??Permissions=0?Remark=?ShareName=Nightcore??Type=0?
Reg  HKLM\SYSTEM\ControlSet002\services\LanmanServer\Shares@Purple Ramon\xb2                                                                                                                           CSCFlags=2048?MaxUses=4294967295?Path=F:\Manu's Muik\Purple Ramon??Permissions=0?Remark=?ShareName=Purple Ramon??Type=0?

---- EOF - GMER 2.1 ----
         
der defogger hat mir nichts angezeigt. und die addition datei war zu groß also hab ich sie angehängt

Ich hoffe mal ihr könnt mir weiter helfen

Geändert von Trabor (30.11.2015 um 21:36 Uhr)

Alt 30.11.2015, 22:40   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.


Los geht's:

FRST.txt fehlt noch.
__________________

__________________

Alt 30.11.2015, 23:42   #3
Trabor
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



oh äh ja sorry
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-11-2015
durchgeführt von Manu (ACHTUNG: der Benutzer ist kein Administrator) auf MANUSPC (30-11-2015 20:15:52)
Gestartet von C:\Users\Manu\Downloads
Geladene Profile: Hauptversorgung & Manu (Verfügbare Profile: Hauptversorgung & Manu)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> lsm.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> sched.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> armsvc.exe
konnte nicht auf den Prozess zugreifen -> avguard.exe
konnte nicht auf den Prozess zugreifen -> AppleMobileDeviceService.exe
konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe
konnte nicht auf den Prozess zugreifen -> CxAudMsg64.exe
konnte nicht auf den Prozess zugreifen -> dts_apo_service.exe
konnte nicht auf den Prozess zugreifen -> PnkBstrA.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> TODDSrv.exe
konnte nicht auf den Prozess zugreifen -> WLIDSVC.EXE
konnte nicht auf den Prozess zugreifen -> Avira.ServiceHost.exe
konnte nicht auf den Prozess zugreifen -> WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Dropbox, Inc.) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Perixx) C:\Program Files (x86)\MX-3200 Mouse\DriverAP4.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(TOSHIBA) C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe
(DTS, Inc.) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe
(Jeroen Pelgrims) C:\Users\Manu\AppData\Local\Apps\2.0\0ABQ1AN0.GDN\P53J042M.3WC\soun..tion_0000000000000000_0002.0004_f839aedc2aa2d7a7\SoundSwitch.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
konnte nicht auf den Prozess zugreifen -> avshadow.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
konnte nicht auf den Prozess zugreifen -> iPodService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> TosBtSrv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeBtMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvProvider.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
konnte nicht auf den Prozess zugreifen -> wmpnetwk.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
konnte nicht auf den Prozess zugreifen -> PCCService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
konnte nicht auf den Prozess zugreifen -> dllhost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
konnte nicht auf den Prozess zugreifen -> taskeng.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [Mouse] => C:\Program Files (x86)\MX-3200 Mouse\DriverST.exe [184393 2012-08-21] ()
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [mbot_de_196] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DTS Sound] => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe [1471296 2013-05-30] (DTS, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [WinSat] => winsat dwm -xml results.xml
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Manu\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [UyxoTahus] => regsvr32.exe "
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [MsgCenterExe] => "C:\Program Files (x86)\Real\RealPlayer\update\RealOneMessageCenter.exe"  -osboot
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [456576 2015-06-10] (Sony)
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Amazon Music] => C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Dropbox Update] => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Spotify Web Helper] => C:\Users\Manu\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-16] (Spotify Ltd)
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Spotify] => C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-16] (Spotify Ltd)
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {18ed8091-29f2-11e4-8bba-089e01edcedd} - G:\Startme.exe
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {41279464-59ea-11e5-9db0-089e01edcedd} - G:\Startme.exe
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {a032e248-300f-11e5-9529-089e01edcedd} - G:\Startme.exe
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2014-10-25]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SoundSwitch.appref-ms [2015-11-13] ()
BootExecute: autocheck autochk *  
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1			d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{6C682299-B5C3-4C67-9664-DB8D9F66E50A}: [DhcpNameServer] 192.168.189.1
Tcpip\..\Interfaces\{A5FB92D2-F30F-4AD6-AA26-D990772111F5}: [DhcpNameServer] 192.168.137.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWLniD5Hi5TtMwpB9a8S8zUk_vcOqfL1PXZH5_TOB43gcPePFXEgQgutc1vlx8PLTyWkFtXF-TJRIbJExoZdFiIxeS-rJtwWoq-Mydx8BYVItvv79X5exqIju0iOriDxgP_0D-GcIYvvYSmIrYannwGapA,,&q={searchTerms}
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWLniD5Hi5TtMwpB9a8S8zUk_vcOqfL1PXZH5_TOB43gcPePFXEgQgutc1vlx8PLTyWkFtXF-TJRIbJExoZdFiIxeS-rJtwWoq-Mydx8BYVItvv79X5exqIju0iOriDxgP_0D-GcIYvvYSmIrYannwGapA,,&q={searchTerms}
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
URLSearchHook: [S-1-5-21-1029605971-2717496707-4219619431-1000] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll [2014-08-22] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll [2014-08-22] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-03-01] (DVDVideoSoft Ltd.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-03-01] (DVDVideoSoft Ltd.)

FireFox:
========
FF ProfilePath: C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default
FF DefaultSearchEngine: Astromenda
FF SelectedSearchEngine: Astromenda
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-18] ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-08-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-08-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-18] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-08-21] (Nexon)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml [2014-10-27]
FF Extension: Avira Browser Safety - C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\abs@avira.com [2015-08-09] [ist nicht signiert]
FF Extension: Astrmenda Search - C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\{8dc5c42e-9204-2a64-8b97-fa94ff8a241f} [2014-11-08] [ist nicht signiert]
FF Extension: Astro New Tab - C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi [2014-10-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\extensions\faststartff@gmail.com => nicht gefunden

Chrome: 
=======
CHR HomePage: Default -> hxxp://start.androidnewtab.com/?1=1__PARAM__
CHR StartupUrls: Default -> "hxxp://pr0gramm.com/#newest/*"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-30]
CHR Extension: (Google-Suche) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Google Docs Offline) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Webseite Blocher (Beta)) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2014-06-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Google Mail) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-10] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-30] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-05-19] (EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-14] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6952504 2015-10-14] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-06] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-11-21] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Update snipsmart; "C:\Program Files (x86)\snipsmart\updatesnipsmart.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-22] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-10-22] (Sony Mobile Communications)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-11-30] (Glarysoft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118352 2013-01-15] (Qualcomm Atheros Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-26] (Malwarebytes Corporation)
R3 subvgaproduct64; C:\Windows\System32\DRIVERS\subvga64.sys [5120 2009-12-29] (Windows (R) Win 7 DDK provider)
R3 subvgaproductmirr64; C:\Windows\System32\DRIVERS\subvgamirr64.sys [5120 2009-12-29] (Windows (R) Win 7 DDK provider)
S3 usbezdisplay64; C:\Windows\System32\drivers\usbezdisplay64.sys [31336 2009-09-26] (Windows (R) Codename Longhorn DDK provider)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-30 20:15 - 2015-11-30 20:16 - 00026038 _____ C:\Users\Manu\Downloads\FRST.txt
2015-11-30 20:15 - 2015-11-30 20:15 - 00000000 ____D C:\FRST
2015-11-30 20:11 - 2015-11-30 20:12 - 02350080 _____ (Farbar) C:\Users\Manu\Downloads\FRST64.exe
2015-11-30 20:01 - 2015-11-30 20:02 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-11-30 20:01 - 2015-11-30 20:01 - 15218408 _____ C:\Users\Manu\Downloads\gu5setup.exe
2015-11-30 20:01 - 2015-11-30 20:01 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-11-30 20:01 - 2015-11-30 20:01 - 00003332 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-11-30 20:01 - 2015-11-30 20:01 - 00002990 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-11-30 20:01 - 2015-11-30 20:01 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-11-30 20:01 - 2015-11-30 20:01 - 00001084 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-11-30 20:01 - 2015-11-30 20:01 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\GlarySoft
2015-11-30 20:01 - 2015-11-30 20:01 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\DiskDefrag
2015-11-30 19:56 - 2015-11-30 19:56 - 00003172 _____ C:\Windows\System32\Tasks\ParetoLogic Registration3
2015-11-30 19:56 - 2015-11-30 19:56 - 00002960 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task
2015-11-30 19:56 - 2015-11-30 19:56 - 00000488 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2015-11-30 19:56 - 2015-11-30 19:56 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\ParetoLogic
2015-11-30 19:56 - 2015-11-30 19:56 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\DriverCure
2015-11-30 19:55 - 2015-11-30 19:59 - 00000000 ____D C:\ProgramData\ParetoLogic
2015-11-30 19:55 - 2015-11-30 19:56 - 00003296 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3
2015-11-30 19:55 - 2015-11-30 19:56 - 00000514 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-11-30 19:55 - 2015-11-30 19:55 - 00000462 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job
2015-11-30 19:54 - 2015-11-30 19:54 - 05813872 _____ (ParetoLogic Inc.) C:\Users\Manu\Downloads\ParetoLogic PC Health Advisor_de.exe
2015-11-30 19:49 - 2015-11-30 19:49 - 00000000 ___HD C:\OneDriveTemp
2015-11-29 12:41 - 2015-11-29 12:41 - 00222600 _____ (TOSHIBA Europe GmbH) C:\Users\Manu\Downloads\TOSHIBA-94-detector (2).exe
2015-11-21 20:12 - 2015-11-18 20:15 - 00000030 _____ C:\AVScanner.ini
2015-11-21 16:57 - 2015-11-21 16:57 - 00000000 ____D C:\ProgramData\Ubisoft
2015-11-21 16:56 - 2015-11-21 16:56 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-21 16:56 - 2015-11-21 16:56 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-18 20:15 - 2015-11-18 20:15 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\Adobe
2015-11-18 20:15 - 2015-11-18 20:15 - 00000000 ____D C:\ProgramData\McAfee
2015-11-13 11:55 - 2015-11-13 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test
2015-11-13 11:48 - 2015-11-24 22:48 - 00000000 ____D C:\Program Files (x86)\Diablo III Public Test
2015-11-13 10:19 - 2015-11-13 10:19 - 00002080 _____ C:\Users\Manu\Downloads\SoundSwitch.application
2015-11-13 10:19 - 2015-11-13 10:19 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jeroen Pelgrims
2015-11-13 09:48 - 2015-11-13 09:48 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-12 17:52 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-10 20:43 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-10 20:43 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-10 20:43 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-10 20:43 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-10 20:43 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-10 20:43 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-10 20:43 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-10 20:43 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-10 20:43 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-10 20:43 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-10 20:42 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-10 20:42 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-10 20:42 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-10 20:42 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-10 20:42 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-10 20:42 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-10 20:42 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-10 20:42 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-10 20:42 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-10 20:42 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-10 20:42 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-10 20:42 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-10 20:42 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-10 20:42 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-10 20:42 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-10 20:42 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-10 20:42 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-10 20:42 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-10 20:42 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-10 20:42 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-10 20:42 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-10 20:42 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-10 20:42 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-10 20:42 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-10 20:42 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-10 20:42 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-10 20:42 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-10 20:42 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-10 20:42 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-10 20:42 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-10 20:42 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-10 20:42 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-10 20:42 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-10 20:42 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-10 20:42 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-10 20:42 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-10 20:42 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-10 20:42 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-10 20:42 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-10 20:42 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-10 20:42 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-10 20:42 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-10 20:42 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-10 20:42 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-10 20:42 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-10 20:42 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-10 20:42 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-10 20:42 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-10 20:42 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-10 20:42 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-10 20:42 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-10 20:42 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-10 20:42 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-10 20:42 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-10 20:42 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-10 20:42 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-10 20:42 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-10 20:42 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-10 20:42 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-10 20:42 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-10 20:42 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-10 20:42 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-10 20:42 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-10 20:42 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-10 20:42 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-10 20:42 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-10 20:42 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-10 20:42 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-10 20:42 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-10 20:42 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-10 20:42 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-10 20:42 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-10 20:42 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-10 20:42 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-10 20:42 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-10 20:42 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-10 20:42 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-10 20:42 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-10 20:42 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-10 20:42 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-10 20:42 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-10 20:42 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-10 20:42 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-10 20:42 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-10 20:42 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-10 20:42 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-10 20:42 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-10 20:42 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-10 20:42 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-10 20:42 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-10 20:42 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-10 20:42 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-10 20:42 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-10 20:42 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-10 20:42 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-10 20:42 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-10 20:42 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-10 20:42 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-10 20:42 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-10 20:42 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-10 20:41 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-10 20:41 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-10 20:41 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-10 20:41 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-30 20:12 - 2014-05-30 22:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-30 20:09 - 2014-05-30 22:09 - 00001498 _____ C:\Windows\Tasks\Media_Play_AIR+-nova.job
2015-11-30 20:04 - 2015-01-27 17:28 - 00003322 _____ C:\Windows\System32\Tasks\AviraSpeedup
2015-11-30 20:01 - 2014-10-26 01:09 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-30 20:01 - 2009-07-14 05:45 - 00013568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-30 20:01 - 2009-07-14 05:45 - 00013568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-30 19:55 - 2014-04-20 23:51 - 00078032 _____ C:\Users\Hauptversorgung\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-30 19:53 - 2015-01-27 17:36 - 00000000 ___RD C:\Users\Manu\Dropbox
2015-11-30 19:52 - 2015-08-20 19:14 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Spotify
2015-11-30 19:52 - 2015-08-20 19:14 - 00000000 ____D C:\Users\Manu\AppData\Local\Spotify
2015-11-30 19:52 - 2015-01-27 17:29 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Dropbox
2015-11-30 19:49 - 2015-01-10 16:26 - 00000000 ___RD C:\Users\Manu\OneDrive
2015-11-30 19:49 - 2014-10-18 17:58 - 00000000 ____D C:\Users\Manu\AppData\Local\Deployment
2015-11-30 19:48 - 2014-10-26 01:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-30 19:48 - 2014-05-30 22:09 - 00001568 _____ C:\Windows\Tasks\Media_Play_AIR+-novainstaller.job
2015-11-30 19:48 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-30 19:46 - 2014-06-25 20:34 - 00002048 _____ C:\Users\Manu\AppData\Roaming\mouse.dat
2015-11-30 19:46 - 2014-06-25 20:34 - 00000256 _____ C:\Users\Manu\AppData\Roaming\setup.dat
2015-11-30 19:46 - 2014-04-21 00:09 - 00000000 ____D C:\Users\Manu\Desktop\Games
2015-11-30 19:40 - 2014-08-22 23:35 - 00000000 ____D C:\Users\Manu\AppData\Local\Battle.net
2015-11-30 19:39 - 2015-06-18 09:27 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job
2015-11-30 18:39 - 2015-06-18 09:27 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job
2015-11-30 17:27 - 2014-11-01 15:50 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-29 18:09 - 2009-07-14 18:58 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-11-29 18:09 - 2009-07-14 18:58 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-11-29 18:09 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-29 18:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-29 12:49 - 2014-04-20 23:21 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\ElevatedDiagnostics
2015-11-28 22:42 - 2014-08-07 09:33 - 00000000 ____D C:\Users\Manu\AppData\Local\CrashDumps
2015-11-28 22:38 - 2014-04-21 00:11 - 00000000 ____D C:\Users\Manu\Desktop\Bilder für langeweile
2015-11-28 18:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-11-28 18:46 - 2015-03-03 18:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-28 18:46 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-28 18:40 - 2015-02-04 16:22 - 00000000 ____D C:\Users\Hauptversorgung\Documents\My Games
2015-11-26 18:16 - 2015-07-29 15:07 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\MalwareProtectionLive
2015-11-24 21:55 - 2014-08-22 23:34 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-24 20:27 - 2015-05-04 18:02 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\NXEPassportClient
2015-11-24 18:20 - 2015-03-31 11:59 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-11-20 19:29 - 2014-08-29 14:22 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-11-18 21:12 - 2014-05-30 22:27 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-18 21:12 - 2014-05-30 22:27 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-18 21:12 - 2014-05-30 22:27 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-18 20:19 - 2014-07-09 07:53 - 00000000 ____D C:\Users\Manu\AppData\Local\Adobe
2015-11-18 20:02 - 2014-08-22 23:27 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-18 20:01 - 2014-08-22 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-13 19:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-13 12:12 - 2014-08-29 17:53 - 00000000 ____D C:\Users\Manu\Documents\Diablo III
2015-11-13 11:48 - 2014-04-20 23:13 - 00000000 ____D C:\Users\Hauptversorgung
2015-11-13 10:06 - 2009-07-14 05:45 - 00332632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 20:47 - 2015-07-12 22:25 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-11 20:16 - 2014-05-07 14:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 20:07 - 2014-04-21 19:24 - 01593564 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 20:06 - 2014-10-26 01:09 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 19:59 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-10 20:20 - 2014-08-22 23:49 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-11-03 20:10 - 2015-01-10 16:26 - 00002176 _____ C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-11-03 18:51 - 2015-03-03 21:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieBrowserModeList
2015-11-03 18:51 - 2014-07-01 15:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieUserList
2015-11-03 18:51 - 2014-07-01 15:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieSiteList

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-06-25 20:34 - 2015-11-30 19:46 - 0002048 _____ () C:\Users\Manu\AppData\Roaming\mouse.dat
2014-06-25 20:34 - 2015-11-30 19:46 - 0000256 _____ () C:\Users\Manu\AppData\Roaming\setup.dat
2014-10-27 12:04 - 2015-01-18 18:42 - 0005120 _____ () C:\Users\Manu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Manu\Combatarms_eu.exe


Einige Dateien in TEMP:
====================
C:\Users\Hauptversorgung\AppData\Local\Temp\6a246669c4722113966d0cbd29442eb9.dll
C:\Users\Hauptversorgung\AppData\Local\Temp\amazonicon_v10.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\avgnt.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\c33768490d71bd4b6f1456e1b4aac6b5.dll
C:\Users\Hauptversorgung\AppData\Local\Temp\HaloTrialSetup.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\NGMDll.dll
C:\Users\Hauptversorgung\AppData\Local\Temp\NGMResource.dll
C:\Users\Hauptversorgung\AppData\Local\Temp\sdan.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\sdapk.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\sdaspwn.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\unicows.dll
C:\Users\Hauptversorgung\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Manu\AppData\Local\Temp\aacdec.exe
C:\Users\Manu\AppData\Local\Temp\avgnt.exe
C:\Users\Manu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmegiv3.dll
C:\Users\Manu\AppData\Local\Temp\ffmpeg15.exe
C:\Users\Manu\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Manu\AppData\Local\Temp\NGMSetup.exe
C:\Users\Manu\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Manu\AppData\Local\Temp\tmd_34013020.exe
C:\Users\Manu\AppData\Local\Temp\tmd_34018119.exe
C:\Users\Manu\AppData\Local\Temp\Uninstaller-6084.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator

==================== Ende von FRST.txt ============================
         
__________________

Alt 30.11.2015, 23:50   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



Wichtige Online-Passwörter von einem sauberen PC oder Handy/Tablet ändern.


Zitat:
(ACHTUNG: der Benutzer ist kein Administrator)
Bitte mit Admin-Rechten wiederholen.

Schritt 1



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.12.2015, 00:04   #5
Trabor
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-11-2015
durchgeführt von Hauptversorgung (Administrator) auf MANUSPC (01-12-2015 00:01:34)
Gestartet von C:\Users\Manu\Downloads\Hilfe
Geladene Profile: Hauptversorgung & Manu (Verfügbare Profile: Hauptversorgung & Manu)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(DTS, Inc.) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe
(Dropbox, Inc.) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Jeroen Pelgrims) C:\Users\Manu\AppData\Local\Apps\2.0\0ABQ1AN0.GDN\P53J042M.3WC\soun..tion_0000000000000000_0002.0004_f839aedc2aa2d7a7\SoundSwitch.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Perixx) C:\Program Files (x86)\MX-3200 Mouse\DriverAP4.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeBtMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvProvider.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\SpotifyCrashService.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [Mouse] => C:\Program Files (x86)\MX-3200 Mouse\DriverST.exe [184393 2012-08-21] ()
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [mbot_de_196] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DTS Sound] => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe [1471296 2013-05-30] (DTS, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [WinSat] => winsat dwm -xml results.xml
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-11-23] (Glarysoft Ltd)
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Manu\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [UyxoTahus] => regsvr32.exe "
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [MsgCenterExe] => "C:\Program Files (x86)\Real\RealPlayer\update\RealOneMessageCenter.exe"  -osboot
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Amazon Music] => C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Dropbox Update] => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Spotify Web Helper] => C:\Users\Manu\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-16] (Spotify Ltd)
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Spotify] => C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-16] (Spotify Ltd)
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {18ed8091-29f2-11e4-8bba-089e01edcedd} - G:\Startme.exe
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {41279464-59ea-11e5-9db0-089e01edcedd} - G:\Startme.exe
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {a032e248-300f-11e5-9529-089e01edcedd} - G:\Startme.exe
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2014-10-25]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Hauptversorgung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei)
Startup: C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SoundSwitch.appref-ms [2015-11-13] ()
BootExecute: autocheck autochk *  
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1			d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{6C682299-B5C3-4C67-9664-DB8D9F66E50A}: [DhcpNameServer] 192.168.189.1
Tcpip\..\Interfaces\{A5FB92D2-F30F-4AD6-AA26-D990772111F5}: [DhcpNameServer] 192.168.137.1

Internet Explorer:
==================
HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms}
HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ie
HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX
HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms}
HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWLniD5Hi5TtMwpB9a8S8zUk_vcOqfL1PXZH5_TOB43gcPePFXEgQgutc1vlx8PLTyWkFtXF-TJRIbJExoZdFiIxeS-rJtwWoq-Mydx8BYVItvv79X5exqIju0iOriDxgP_0D-GcIYvvYSmIrYannwGapA,,&q={searchTerms}
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWLniD5Hi5TtMwpB9a8S8zUk_vcOqfL1PXZH5_TOB43gcPePFXEgQgutc1vlx8PLTyWkFtXF-TJRIbJExoZdFiIxeS-rJtwWoq-Mydx8BYVItvv79X5exqIju0iOriDxgP_0D-GcIYvvYSmIrYannwGapA,,&q={searchTerms}
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000 -> {BCDA714C-8505-4B2F-8D95-183C58730C77} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll [2014-08-22] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll [2014-08-22] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-03-01] (DVDVideoSoft Ltd.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-03-01] (DVDVideoSoft Ltd.)

FireFox:
========
FF ProfilePath: C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Homepage: hxxps://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ff
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-18] ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-08-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-08-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-18] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-08-21] (Nexon)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1029605971-2717496707-4219619431-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\searchplugins\yahoo_ff.xml [2015-07-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml [2014-10-27]
FF Extension: Kein Name - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\extensions\faststartff@gmail.com [nicht gefunden]
FF Extension: Amazon-Icon - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\extensions\amazon-icon@giga.de [2015-02-04] [ist nicht signiert]
FF Extension: TVU Web Player - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\firefox@tvunetworks.com [2015-08-09] [ist nicht signiert]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-01] [ist nicht signiert]
FF Extension: Astro New Tab - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi [2014-10-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\extensions\faststartff@gmail.com => nicht gefunden

Chrome: 
=======
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX"
CHR DefaultSearchURL: Default -> hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms}
CHR DefaultSearchKeyword: Default -> webssearches
CHR Profile: C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-16]
CHR Extension: (Google Drive) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-30]
CHR Extension: (YouTube) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-30]
CHR Extension: (Google-Suche) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-30]
CHR Extension: (Google Docs Offline) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-30]
CHR Extension: (Google Mail) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-16]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-10] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-30] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-05-19] (EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-14] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6952504 2015-10-14] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-06] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-11-21] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Update snipsmart; "C:\Program Files (x86)\snipsmart\updatesnipsmart.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-22] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-10-22] (Sony Mobile Communications)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-11-30] (Glarysoft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118352 2013-01-15] (Qualcomm Atheros Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-26] (Malwarebytes Corporation)
R3 subvgaproduct64; C:\Windows\System32\DRIVERS\subvga64.sys [5120 2009-12-29] (Windows (R) Win 7 DDK provider)
R3 subvgaproductmirr64; C:\Windows\System32\DRIVERS\subvgamirr64.sys [5120 2009-12-29] (Windows (R) Win 7 DDK provider)
S3 usbezdisplay64; C:\Windows\System32\drivers\usbezdisplay64.sys [31336 2009-09-26] (Windows (R) Codename Longhorn DDK provider)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-30 23:38 - 2015-11-30 23:38 - 00048048 _____ C:\Users\Manu\Downloads\Addition.txt
2015-11-30 23:38 - 2015-11-30 23:38 - 00048048 _____ C:\Users\Manu\Downloads\Addition (1).txt
2015-11-30 22:22 - 2015-11-30 22:22 - 02205679 _____ C:\Users\Manu\Desktop\eab2ba2781ad4980.webm
2015-11-30 22:19 - 2015-11-30 22:19 - 00000000 ____D C:\Users\Hauptversorgung\Documents\The Witcher 3
2015-11-30 20:59 - 2015-11-30 20:59 - 00002026 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-11-30 20:56 - 2015-11-30 20:56 - 00000000 ___HD C:\OneDriveTemp
2015-11-30 20:35 - 2015-11-30 20:36 - 00152532 _____ C:\Windows\ntbtlog.txt
2015-11-30 20:23 - 2015-11-30 20:23 - 00380416 _____ C:\Users\Manu\Desktop\Gmer-19357.exe
2015-11-30 20:23 - 2015-11-30 20:23 - 00000000 _____ C:\Users\Hauptversorgung\defogger_reenable
2015-11-30 20:22 - 2015-11-30 20:22 - 00050477 _____ C:\Users\Manu\Downloads\Defogger.exe
2015-11-30 20:21 - 2015-11-30 21:30 - 00000000 ____D C:\Users\Manu\Downloads\Hilfe
2015-11-30 20:15 - 2015-12-01 00:01 - 00000000 ____D C:\FRST
2015-11-30 20:01 - 2015-11-30 20:02 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-11-30 20:01 - 2015-11-30 20:01 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-11-30 20:01 - 2015-11-30 20:01 - 00003332 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-11-30 20:01 - 2015-11-30 20:01 - 00002990 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-11-30 20:01 - 2015-11-30 20:01 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-11-30 20:01 - 2015-11-30 20:01 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\GlarySoft
2015-11-30 20:01 - 2015-11-30 20:01 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\DiskDefrag
2015-11-30 19:56 - 2015-11-30 20:34 - 00000488 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2015-11-30 19:56 - 2015-11-30 19:56 - 00003172 _____ C:\Windows\System32\Tasks\ParetoLogic Registration3
2015-11-30 19:56 - 2015-11-30 19:56 - 00002960 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task
2015-11-30 19:56 - 2015-11-30 19:56 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\ParetoLogic
2015-11-30 19:56 - 2015-11-30 19:56 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\DriverCure
2015-11-30 19:55 - 2015-11-30 20:55 - 00000514 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-11-30 19:55 - 2015-11-30 20:34 - 00000462 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job
2015-11-30 19:55 - 2015-11-30 19:59 - 00000000 ____D C:\ProgramData\ParetoLogic
2015-11-30 19:55 - 2015-11-30 19:56 - 00003296 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3
2015-11-29 12:41 - 2015-11-29 12:41 - 00222600 _____ (TOSHIBA Europe GmbH) C:\Users\Manu\Downloads\TOSHIBA-94-detector (2).exe
2015-11-21 20:12 - 2015-11-18 20:15 - 00000030 _____ C:\AVScanner.ini
2015-11-21 16:57 - 2015-11-21 16:57 - 00000000 ____D C:\ProgramData\Ubisoft
2015-11-21 16:56 - 2015-11-21 16:56 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-21 16:56 - 2015-11-21 16:56 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-18 20:15 - 2015-11-18 20:15 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\Adobe
2015-11-18 20:15 - 2015-11-18 20:15 - 00000000 ____D C:\ProgramData\McAfee
2015-11-13 11:55 - 2015-11-13 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test
2015-11-13 11:48 - 2015-11-24 22:48 - 00000000 ____D C:\Program Files (x86)\Diablo III Public Test
2015-11-13 10:19 - 2015-11-13 10:19 - 00002080 _____ C:\Users\Manu\Downloads\SoundSwitch.application
2015-11-13 10:19 - 2015-11-13 10:19 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jeroen Pelgrims
2015-11-13 09:48 - 2015-11-13 09:48 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-12 17:52 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-10 20:43 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-10 20:43 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-10 20:43 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-10 20:43 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-10 20:43 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-10 20:43 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-10 20:43 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-10 20:43 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-10 20:43 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-10 20:43 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-10 20:43 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-10 20:42 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-10 20:42 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-10 20:42 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-10 20:42 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-10 20:42 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-10 20:42 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-10 20:42 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-10 20:42 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-10 20:42 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-10 20:42 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-10 20:42 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-10 20:42 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-10 20:42 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-10 20:42 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-10 20:42 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-10 20:42 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-10 20:42 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-10 20:42 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-10 20:42 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-10 20:42 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-10 20:42 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-10 20:42 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-10 20:42 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-10 20:42 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-10 20:42 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-10 20:42 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-10 20:42 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-10 20:42 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-10 20:42 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-10 20:42 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-10 20:42 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-10 20:42 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-10 20:42 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-10 20:42 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-10 20:42 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-10 20:42 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-10 20:42 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-10 20:42 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-10 20:42 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-10 20:42 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-10 20:42 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-10 20:42 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-10 20:42 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-10 20:42 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-10 20:42 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-10 20:42 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-10 20:42 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-10 20:42 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-10 20:42 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-10 20:42 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-10 20:42 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-10 20:42 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-10 20:42 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-10 20:42 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-10 20:42 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-10 20:42 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-10 20:42 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-10 20:42 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-10 20:42 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-10 20:42 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-10 20:42 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-10 20:42 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-10 20:42 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-10 20:42 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-10 20:42 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-10 20:42 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-10 20:42 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-10 20:42 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-10 20:42 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-10 20:42 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-10 20:42 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-10 20:42 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-10 20:42 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-10 20:42 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-10 20:42 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-10 20:42 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-10 20:42 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-10 20:42 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-10 20:42 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-10 20:42 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-10 20:42 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-10 20:42 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-10 20:42 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-10 20:42 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-10 20:42 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-10 20:42 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-10 20:42 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-10 20:42 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-10 20:42 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-10 20:42 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-10 20:42 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-10 20:42 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-10 20:42 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-10 20:42 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-10 20:42 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-10 20:42 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-10 20:42 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 20:42 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-10 20:42 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-10 20:42 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-10 20:42 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-10 20:42 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-10 20:42 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-10 20:41 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-10 20:41 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-10 20:41 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-10 20:41 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-01 00:01 - 2014-10-26 01:09 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-01 00:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-11-30 23:39 - 2015-06-18 09:27 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job
2015-11-30 23:30 - 2014-11-01 15:50 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-30 23:12 - 2014-05-30 22:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-30 23:09 - 2014-05-30 22:09 - 00001568 _____ C:\Windows\Tasks\Media_Play_AIR+-novainstaller.job
2015-11-30 23:09 - 2014-05-30 22:09 - 00001498 _____ C:\Windows\Tasks\Media_Play_AIR+-nova.job
2015-11-30 22:19 - 2015-10-20 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-11-30 22:18 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-30 22:17 - 2014-08-07 09:33 - 00000000 ____D C:\Users\Manu\AppData\Local\CrashDumps
2015-11-30 22:01 - 2014-10-26 01:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-30 21:05 - 2009-07-14 05:45 - 00013568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-30 21:05 - 2009-07-14 05:45 - 00013568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-30 21:02 - 2015-08-20 19:14 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Spotify
2015-11-30 21:00 - 2015-01-27 17:36 - 00000000 ___RD C:\Users\Manu\Dropbox
2015-11-30 21:00 - 2015-01-27 17:29 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Dropbox
2015-11-30 20:59 - 2014-08-22 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-11-30 20:58 - 2015-08-20 19:14 - 00000000 ____D C:\Users\Manu\AppData\Local\Spotify
2015-11-30 20:58 - 2014-04-20 23:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-30 20:57 - 2014-10-18 17:58 - 00000000 ____D C:\Users\Manu\AppData\Local\Deployment
2015-11-30 20:56 - 2015-01-10 16:26 - 00000000 ___RD C:\Users\Manu\OneDrive
2015-11-30 20:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-30 20:33 - 2014-06-25 20:34 - 00002048 _____ C:\Users\Manu\AppData\Roaming\mouse.dat
2015-11-30 20:33 - 2014-06-25 20:34 - 00000256 _____ C:\Users\Manu\AppData\Roaming\setup.dat
2015-11-30 20:30 - 2014-07-04 14:42 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\CrashDumps
2015-11-30 20:23 - 2014-04-20 23:13 - 00000000 ____D C:\Users\Hauptversorgung
2015-11-30 20:04 - 2015-01-27 17:28 - 00003322 _____ C:\Windows\System32\Tasks\AviraSpeedup
2015-11-30 19:55 - 2014-04-20 23:51 - 00078032 _____ C:\Users\Hauptversorgung\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-30 19:46 - 2014-04-21 00:09 - 00000000 ____D C:\Users\Manu\Desktop\Games
2015-11-30 19:40 - 2014-08-22 23:35 - 00000000 ____D C:\Users\Manu\AppData\Local\Battle.net
2015-11-30 18:39 - 2015-06-18 09:27 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job
2015-11-29 18:09 - 2009-07-14 18:58 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-11-29 18:09 - 2009-07-14 18:58 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-11-29 18:09 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-29 18:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-29 12:49 - 2014-04-20 23:21 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\ElevatedDiagnostics
2015-11-28 22:38 - 2014-04-21 00:11 - 00000000 ____D C:\Users\Manu\Desktop\Bilder für langeweile
2015-11-28 18:46 - 2015-03-03 18:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-28 18:40 - 2015-02-04 16:22 - 00000000 ____D C:\Users\Hauptversorgung\Documents\My Games
2015-11-26 18:16 - 2015-07-29 15:07 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\MalwareProtectionLive
2015-11-24 21:55 - 2014-08-22 23:34 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-24 20:27 - 2015-05-04 18:02 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\NXEPassportClient
2015-11-24 18:20 - 2015-03-31 11:59 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-11-20 19:29 - 2014-08-29 14:22 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-11-18 21:12 - 2014-05-30 22:27 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-18 21:12 - 2014-05-30 22:27 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-18 21:12 - 2014-05-30 22:27 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-18 20:19 - 2014-07-09 07:53 - 00000000 ____D C:\Users\Manu\AppData\Local\Adobe
2015-11-18 20:02 - 2014-08-22 23:27 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-18 20:01 - 2014-08-22 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-13 19:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-13 12:12 - 2014-08-29 17:53 - 00000000 ____D C:\Users\Manu\Documents\Diablo III
2015-11-13 10:06 - 2009-07-14 05:45 - 00332632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 20:47 - 2015-07-12 22:25 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-11 20:16 - 2014-05-07 14:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 20:07 - 2014-04-21 19:24 - 01593564 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 20:06 - 2014-10-26 01:09 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 19:59 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-10 20:20 - 2014-08-22 23:49 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-11-03 20:10 - 2015-01-10 16:26 - 00002176 _____ C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-11-03 18:51 - 2015-03-03 21:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieBrowserModeList
2015-11-03 18:51 - 2014-07-01 15:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieUserList
2015-11-03 18:51 - 2014-07-01 15:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieSiteList

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-04 16:09 - 2015-02-13 01:55 - 0002048 _____ () C:\Users\Hauptversorgung\AppData\Roaming\mouse.dat
2014-07-04 16:09 - 2015-02-13 01:55 - 0000256 _____ () C:\Users\Hauptversorgung\AppData\Roaming\setup.dat
2014-10-25 21:54 - 2014-10-25 21:54 - 0612324 _____ (CMI Limited) C:\Users\Hauptversorgung\AppData\Local\nsm606A.tmp
2014-12-08 15:42 - 2015-03-09 20:04 - 0007642 _____ () C:\Users\Hauptversorgung\AppData\Local\Resmon.ResmonCfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Manu\Combatarms_eu.exe


Einige Dateien in TEMP:
====================
C:\Users\Hauptversorgung\AppData\Local\Temp\6a246669c4722113966d0cbd29442eb9.dll
C:\Users\Hauptversorgung\AppData\Local\Temp\amazonicon_v10.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\avgnt.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\c33768490d71bd4b6f1456e1b4aac6b5.dll
C:\Users\Hauptversorgung\AppData\Local\Temp\HaloTrialSetup.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\NGMDll.dll
C:\Users\Hauptversorgung\AppData\Local\Temp\NGMResource.dll
C:\Users\Hauptversorgung\AppData\Local\Temp\sdan.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\sdapk.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\sdaspwn.exe
C:\Users\Hauptversorgung\AppData\Local\Temp\unicows.dll
C:\Users\Hauptversorgung\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Manu\AppData\Local\Temp\aacdec.exe
C:\Users\Manu\AppData\Local\Temp\avgnt.exe
C:\Users\Manu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpol9dkp.dll
C:\Users\Manu\AppData\Local\Temp\ffmpeg15.exe
C:\Users\Manu\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Manu\AppData\Local\Temp\NGMSetup.exe
C:\Users\Manu\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Manu\AppData\Local\Temp\tmd_34013020.exe
C:\Users\Manu\AppData\Local\Temp\tmd_34018119.exe
C:\Users\Manu\AppData\Local\Temp\Uninstaller-6084.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-13 18:57

==================== Ende von FRST.txt ============================
         


Alt 01.12.2015, 00:06   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



jup,

Schritt 1

Echtzeitschutz des Virenscanners abschalten.



Schritt 2
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".

Alt 01.12.2015, 00:07   #7
Trabor
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-11-2015
durchgeführt von Hauptversorgung (2015-12-01 00:02:12)
Gestartet von C:\Users\Manu\Downloads\Hilfe
Windows 7 Professional Service Pack 1 (X64) (2014-04-20 22:13:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1029605971-2717496707-4219619431-500 - Administrator - Disabled)
Gast (S-1-5-21-1029605971-2717496707-4219619431-501 - Limited - Disabled)
Hauptversorgung (S-1-5-21-1029605971-2717496707-4219619431-1000 - Administrator - Enabled) => C:\Users\Hauptversorgung
HomeGroupUser$ (S-1-5-21-1029605971-2717496707-4219619431-1003 - Limited - Enabled)
Manu (S-1-5-21-1029605971-2717496707-4219619431-1001 - Limited - Enabled) => C:\Users\Manu

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version:  - Ubisoft Montreal)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 2.0.0.9 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.11.1440 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.11(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.52.52 - Conexant)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
Debut Videorekorder (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Debut) (Version: 1.95 - NCH Software)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.11 - Electronic Arts)
Dropbox (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
DTS Sound (HKLM-x32\...\{791692AD-63B2-4A87-A097-4E8DD3CE4BC9}) (Version: 1.00.0078 - DTS, Inc.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.)
Free Studio version 6.5.0.301 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.)
Free WEBM Player (HKLM-x32\...\Free WEBM Player_is1) (Version: 1.0 - Free Converting)
Glary Utilities 5.39 (HKLM-x32\...\Glary Utilities 5) (Version: 5.39.0.59 - Glarysoft Ltd)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.102.12020 (HKLM-x32\...\{571E58E4-608E-B7A6-50FF-4B531B424F5B}) (Version: 2.16.102.12020 - Sony)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.1 (x86 de)) (Version: 33.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team)
NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.23.2817 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PhotoFiltre 7 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\PhotoFiltre 7) (Version:  - )
Picopix Viewer 2 (HKLM-x32\...\{6022800B-A1E1-4CA9-9B74-6E4F599AC42C}) (Version: 1.0.0.7 - PHILIPS)
PlanetSide 2 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version:  - Crytek)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.14.201410081526 - Sony Mobile Communications AB)
Sony PC Companion 2.10.297 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.297 - Sony)
SoundSwitch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\5e9d4b807286f8d3) (Version: 2.4.1.4 - Jeroen Pelgrims)
Spotify (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StormWatch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\StormWatch) (Version: 1.0.1.27 - StormWatch) <==== ACHTUNG
System Checkup 3.5 (HKLM-x32\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.5.6.8 - iolo technologies, LLC)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.12 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 5.00.04.00 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.27.3201 - Toshiba Corporation)
UninstallMX-3200 Mouse (HKLM-x32\...\{41CC9883-5B20-4F62-98CB-034D10240708}}_is1) (Version:  - MX-3200 Mouse Driver)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WindowsMangerProtect20.0.0.1013 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1013 - WindowsProtect LIMITED) <==== ACHTUNG
WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtExt.dll (TOSHIBA)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

28-11-2015 22:37:50 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
28-11-2015 22:39:20 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
29-11-2015 19:00:12 Windows-Sicherung

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2014-07-03 20:54 - 00000867 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1			d3oxij66pru1i3.cloudfront.net

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02B218BB-B0BE-40B5-880B-669D3D989018} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {0813768E-6D3C-4A33-8AAF-76C7FB4D8FD8} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {13C2E034-EA0B-47AB-A2A5-B2F03342B9A8} - System32\Tasks\iolo System Checkup => C:\ProgramData\iolo\scustask.lnk [2015-10-20] ()
Task: {36CC9A75-FF2F-453A-A08C-3DF6DA05C672} - System32\Tasks\{DC9E7E91-893F-4F34-8078-1E9598CD3A6A} => pcalua.exe -a "C:\Program Files (x86)\Media_Play_AIR+\Uninstall.exe" -c /fcp=1
Task: {41F2AC6B-6E34-4814-A9F1-95BCAD745482} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {50E975AD-4387-477D-B251-BFE13359C3B4} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {5614D4B7-E311-43A2-AC53-7B57D764F255} - System32\Tasks\Media_Play_AIR+-nova => C:\Program Files (x86)\Media_Play_AIR+\Media_Play_AIR+-nova.exe <==== ACHTUNG
Task: {65E73BDE-6998-4EF4-B2F2-BE1C22C01D89} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {80BF3CDD-F884-4F26-AF87-90928C62F92B} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-08-25] (Avira Operations GmbH & Co. KG)
Task: {84FB224D-0E25-44C3-9193-28B6C475FFF8} - System32\Tasks\Browser Updater\Browser Updater => C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe <==== ACHTUNG
Task: {89F4AD92-E3AC-49CB-AE69-8C756DECBC63} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {8BFBE1DB-10C4-4689-86AA-AE3C0C18A7EF} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-11-23] (Glarysoft Ltd)
Task: {9C074F6C-8604-4152-8DD2-2F5AA246BCEE} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {A080FAC0-37E4-49E5-93D3-DF214BAE1EDB} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {A65C5FEC-9688-4B0C-BFB3-10B416D56081} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-11-23] (Glarysoft Ltd)
Task: {AEBD5690-7CB0-4CF6-A0A6-8F09C7EA5158} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B351028B-8FB9-4A26-AF99-C96AEF5227D1} - System32\Tasks\Media_Play_AIR+-novainstaller => C:\Program Files (x86)\Media_Play_AIR+\Media_Play_AIR+-novainstaller.exe <==== ACHTUNG
Task: {B375BCBF-15A7-44DD-94EB-F3C4B8E56AB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B6CFCE72-B725-4A8C-9FED-D67829945A5A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B78AA8BB-2BFC-449F-A1C3-6882B976C7F6} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\WBrowserKeeper.exe <==== ACHTUNG
Task: {B840759D-ECF9-4937-A52E-CA3B370031CF} - \ASP -> Keine Datei <==== ACHTUNG
Task: {C213B827-FF0C-44DD-BC69-8F567D29E2D0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {E1B00C93-5703-46DE-8C3B-9C36F51FC3B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-18] (Adobe Systems Incorporated)
Task: {FDE43669-62CB-4041-B6BE-0F4463347814} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Media_Play_AIR+-nova.job => C:\Program Files (x86)\Media_Play_AIR+\Media_Play_AIR+-nova.exe>/agentregpath='Media_Play_AIR+' /appid=58488 /srcid='001578' /subid='verticals-ads,intext,shopping,pops' /zdata='0' /bic=392AC318B77E48BDBDF766E33A4026A7IE /verifier=610bf72dd3027908fe751c6076fcfe71 /installerversion=1_34_05_29 /installerfullversion=1.34.5.29 /installationtime=1401484143 /statsdomain=hxxp:/stats.datademoserv.com /errorsdomain=hxxp:/errors.datademoserv.com /codedownloaddomain=hxxp:/js.datademoserv.com /defbro=ch /usehklm /browsername='nova' /autoupdateulr='hxxp:/update.datademoserv.com/novarun/{CAMP_ID}/update.jso
Task: C:\Windows\Tasks\Media_Play_AIR+-novainstaller.job => C:\Program Files (x86)\Media_Play_AIR+\Media_Play_AIR+-novainstaller.exeX/updateapp /runfrom=task /agentregpath='Media_Play_AIR+' /appid=58488 /srcid='001578' /subid='verticals-ads,intext,shopping,pops' /zdata='0' /bic=392AC318B77E48BDBDF766E33A4026A7IE /verifier=610bf72dd3027908fe751c6076fcfe71 /installerversion=1_34_05_29 /installerfullversion=1.34.5.29 /installationtime=1401484143 /statsdomain=hxxp:/stats.datademoserv.com /errorsdomain=hxxp:/errors.datademoserv.com /codedownloaddomain=hxxp:/js.datademoserv.com /defbro=ch /usehklm /browsername='nova' /autoupdateulr='hxxp:/update.datademoserv.com/novacode/{CAMP_ID}/update.jso
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Windows\system32\rundll32.exeGC:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-30 14:32 - 2013-05-30 14:32 - 00016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-11-21 16:56 - 2015-11-21 16:56 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-18 15:30 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-08-15 10:05 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-08-20 19:14 - 2015-11-16 17:08 - 50678592 _____ () C:\Users\Manu\AppData\Roaming\Spotify\libcef.dll
2015-11-30 20:57 - 2015-11-30 20:57 - 00071168 _____ () c:\users\manu\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpol9dkp.dll
2015-10-16 17:29 - 2015-09-03 01:11 - 00012800 _____ () C:\Users\Manu\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-10-16 17:29 - 2015-09-03 01:11 - 00779776 _____ () C:\Users\Manu\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-10-16 17:29 - 2015-09-03 01:11 - 00056320 _____ () C:\Users\Manu\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-10-16 17:29 - 2015-09-03 01:11 - 00012288 _____ () C:\Users\Manu\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2012-05-07 10:55 - 2012-05-07 10:55 - 00178104 _____ () C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosGatt.dll
2015-11-11 20:04 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-11 20:04 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
2015-08-20 19:14 - 2015-11-16 17:08 - 01880896 _____ () C:\Users\Manu\AppData\Roaming\Spotify\libglesv2.dll
2015-08-20 19:14 - 2015-11-16 17:08 - 00081216 _____ () C:\Users\Manu\AppData\Roaming\Spotify\libegl.dll
2015-08-15 10:05 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-08-22 14:59 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 13:54 - 2011-07-07 13:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-08-22 14:59 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2015-03-23 18:19 - 2015-03-23 18:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2014-08-22 14:59 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-04-10 10:26 - 2015-04-10 10:26 - 00669696 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2015-11-11 20:04 - 2015-11-07 05:36 - 16496456 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll
2014-11-01 15:51 - 2015-10-05 17:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-02-11 15:25 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-02-11 15:25 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-11 15:25 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-11-01 15:51 - 2015-11-10 03:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll
2014-11-01 15:51 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-11-01 15:51 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-11-01 15:51 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-11-01 15:51 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-11-01 15:51 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-11-01 15:51 - 2015-11-10 03:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 00:08 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-11-01 15:51 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-02-11 15:25 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\sony.com -> sony.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.137.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{695E765D-1888-4123-A8A0-77C1063C4600}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{7334B691-407C-4F7A-B1CD-649227889648}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{E7E0FB69-5014-4EDF-9346-E3CE354F890F}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{5B4215D7-629E-4CD1-8A9F-7AFD98D92516}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [TCP Query User{FD221C7B-2323-43AA-87F2-FA60B3CDAEA1}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe
FirewallRules: [UDP Query User{5F9E9BCD-E65A-458B-AB31-90F74F32492F}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe
FirewallRules: [{150BEBFA-06AC-446C-88AE-DC455F13C92E}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{3399C967-52AC-436B-AAA4-B0B033265B07}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{5FDAC454-596C-4093-9C44-386654845929}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FEEA1814-0AA6-446C-9AD6-58158DCB8366}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{77BA2580-97DA-42E3-A7C9-1F538BF6303F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{ED613459-72D8-489D-A965-6CA4C593548B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2A4B1D99-1D5D-4E69-83C2-3F4F14468DDC}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{BE5FB37C-92A8-4E65-AFCD-64328F901131}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{704239C9-60B8-4CEF-8368-FFCD03FB8C52}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{5C0AF49E-EDDB-4910-883A-243E86BE809E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{3F5AAD94-95FA-4D8C-A604-CEBE0D5B08EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5DC7C6FB-C9AC-4FC7-8B78-ACCB784808B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{69570EC4-3BA9-42AE-8B38-A551373CD101}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [UDP Query User{2D222F44-2F5E-4A05-AA89-969DA903E654}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [{15121F45-5065-4408-99AC-2987AE1F5E06}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{22715FA6-D188-4B64-B47F-9F17BC93A0A1}] => (Allow) LPort=2869
FirewallRules: [{761C75ED-7C81-436D-9038-00175947154E}] => (Allow) LPort=1900
FirewallRules: [{46FCDBBA-0F5D-402A-8D61-93295691B05B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{02A45172-C4DC-4C66-9133-20D4402B1DE0}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{08C48F49-058C-47BC-BC2D-E62AA9A6075D}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{AFA97030-0BDF-4923-AF83-25BD945A08DB}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3D3B09D3-A583-4625-BF68-11B0D1A88119}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{840649AA-4555-4A11-B44E-4941DFC38C88}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0B9FD96F-1A10-447B-BCFE-16A13A05EE85}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A415C068-196E-4E51-9D69-D23BB7851B93}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [UDP Query User{EF96EDDE-B1D2-494D-BA50-4AB950322CE2}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [TCP Query User{E4410D65-CD93-4D6B-9DDB-4C6D4740CD18}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{CE3168AC-A80B-41EA-9CA1-91147D7CF6B6}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{414CE259-0899-45A2-A87C-2781BE7F02E1}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe
FirewallRules: [UDP Query User{44979A6C-3837-4A68-BB24-6B09A7301BFB}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe
FirewallRules: [{BE758AE4-C60D-45DB-A9FA-6FBD285A667D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{D995E6C6-683C-4C6B-AC70-D0725B7E0A77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{5F307FEF-1FF6-4DCA-B0FA-97A5FAE437F5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{76B7ADE8-DACE-488D-970F-AD727A24E894}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93B38BA5-37F1-48A0-AE0C-83C315B45BEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{57697E62-A9AB-4CE8-B1EA-6386C3870037}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{B7713B6E-B5B4-4911-A3A2-567180FB102C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{912EE4F4-E9A8-49AE-AAA1-8FF0CC88BE3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{576CC5FE-A1BA-46B2-AC3B-D4D2C16C4E43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{7293FCF4-1A73-4502-B6BB-AE16B30B6A8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{11AB4B45-A653-49B8-B7EB-C71728E81216}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{6BFA2B02-35C6-4D26-8982-C6AD7F2AA929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{50C1150E-8695-472D-B1D7-E8415E876784}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe
FirewallRules: [{A36BF8F6-70A8-43B9-9C8A-202BB09D3CAF}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe
FirewallRules: [{ADD2C6A6-D26B-438F-B6B8-E7CFE514D766}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe
FirewallRules: [{FE84DAB2-AD69-4C7C-8133-5110540C7E70}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe
FirewallRules: [{42B8BE23-325D-4373-9F18-7A1586E3866D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{DA58110C-A453-4FA7-B3DB-452E2FF21E07}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{A290E011-B1D3-4675-B8F0-5FBBBCD69709}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{03FB4EEC-A900-45DB-A1F8-8FF8B632F1C2}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{14A24841-2449-4206-A1CD-52AF3D61ADCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{65E9204B-24D1-4616-9A10-8DEADD1D67CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6BCE2702-E6E8-49B9-B3B6-94DD8EB038B0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{885CC5DF-D215-47FD-860F-4A0947C1A479}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{AD749031-A1F6-43ED-9745-C0C26A72B9A6}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{61C6A1A6-E6A9-4AA6-BA3C-E4610C04530F}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{DA2525F1-DEB7-49F1-87A5-E61C7C38C59A}] => (Allow) C:\Users\Hauptversorgung\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{06C9F0A8-346F-4C0C-9B55-E653DF945D1D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{5EC3F0A6-9028-4498-9532-48EB0D0BE5E5}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{759BB140-F194-4985-9DDD-51A587D41EFE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{3293E2EB-2B90-461B-B2F5-ED2F77688E29}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0C6B17EA-CC2D-4EB4-87CB-846DF40EA8D9}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E6867034-8D86-4988-B6BE-5BDEC70F0D46}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3B7CBB1B-3F82-4E3C-8B68-EDEA086B2524}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C7E6BF53-0DA0-45AF-87AF-20579A896855}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe
FirewallRules: [UDP Query User{23324BB8-18D3-4304-B06C-A6718AB5EBB2}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe
FirewallRules: [TCP Query User{89CD0DE0-F2BF-430A-8A2C-2C452D71EBDF}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{727384BD-E278-4DFD-B9EA-1311169FCAB9}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{D28DA4D8-870A-4874-9A0A-07F998B654BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{9FA4D48B-86A8-4ECB-9297-F3ECDCE18FB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{1721AEB4-BA9D-4560-B96C-7EE39595B642}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{38E0F69F-9AC7-484C-9A66-23EFA9468806}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{365A8F52-5F7C-4D87-86E7-80471F9A22F2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{A9F2616C-8D6A-465D-803B-87412F96BE39}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{B85217BD-BF90-42FC-AC38-7E5329156401}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [UDP Query User{E1286947-A9B0-44BC-84FF-68C2BB8D86EB}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [{A34A4B2C-606F-4038-AA6E-BB2B980968F4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{A5DBA105-740F-4B0D-87E7-B712BC30A2C0}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{BD0440F7-5665-4B79-B226-1B3B86011CE8}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3D01D709-80EE-4CFF-B5AD-40033A43DADA}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{93877362-D359-4E3D-A3B9-EDC17E18EF50}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [{502EBF67-EDE6-4D14-98AE-860EB5C0D972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{EE0D5ABB-6FE7-4C6F-84A1-1C966530FA22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [TCP Query User{A88E8258-F561-44ED-9219-315BF1367CE0}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{EF807ECB-443B-431A-92EF-AE5620078C33}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [{E1ACAAB5-BF44-4C1D-827C-28743106A93E}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{511EA237-B5C6-4CD6-BBB6-1E18C6A3E827}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{E01C9A8D-F268-4334-8811-FB33F15CF691}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{47CA75A6-CF9A-4B52-8D13-395D6CE50ECA}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [TCP Query User{1E9E3768-7706-461F-BCCD-D45B7B429FC6}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4A92A064-0E08-424B-B185-77F82C728675}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{86226233-512F-4C66-AD95-004871ADEC8D}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{75CF4D54-4682-4D94-899F-FC1267F2B1E8}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A599D2BC-B153-43AD-9A54-0B3454E92695}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C9F7AB7D-CA57-4D28-9554-9B4A1FD6287D}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [{46C43241-26E4-43C9-A5D1-CA513B7CF971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{4D434C33-EA00-404E-A6E3-DE4D4B3BD158}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [UDP Query User{C108A8C9-73CE-425C-AF89-B2A6A9030AF8}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [{C313866D-3332-4B60-82CB-8657E7806570}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{325C35F4-85F1-4F48-A0C0-BCB9415E0234}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{04511432-AE04-49EC-A4FA-CB5D5D8454BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5A9125A0-77C9-46D5-B6AB-53C7B1B8FBCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D1516845-6E21-4850-8D47-03BBA9BE16EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{74EE8792-45C4-4D90-94C6-0C7D1B86868E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DF066418-9661-412A-9365-1349110E6823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{F1525B84-1D69-42B3-9C34-88CC394EC190}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{063B437B-D699-484F-BEA0-920D3B769F09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{4BB81FE2-D083-4AF1-8B61-1BF0E3C141E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{BF07CEF3-AECC-4D06-BE76-9F33F3E57C84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{2B02CD39-DBA6-4AE6-8BCA-6CB6638BD9B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C85F2749-3ED8-414E-83E0-4C1BBCEECB25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{AAF532D2-C9F1-4534-BB2B-62537D62DBD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 3D-Videocontroller
Description: 3D-Videocontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/30/2015 10:17:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: witcher3.exe, Version: 3.0.6.7903, Zeitstempel: 0x561eca18
Name des fehlerhaften Moduls: igdusc64.dll, Version: 9.18.10.3165, Zeitstempel: 0x5189985d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007ab2
ID des fehlerhaften Prozesses: 0x18c0
Startzeit der fehlerhaften Anwendung: 0xwitcher3.exe0
Pfad der fehlerhaften Anwendung: witcher3.exe1
Pfad des fehlerhaften Moduls: witcher3.exe2
Berichtskennung: witcher3.exe3

Error: (11/30/2015 08:30:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x176c
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3

Error: (11/30/2015 08:29:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0xb00
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3

Error: (11/30/2015 08:28:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x1e8c
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3

Error: (11/30/2015 08:24:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0xee8
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3

Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20046

Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20046

Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/30/2015 05:42:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19048

Error: (11/30/2015 05:42:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19048


Systemfehler:
=============
Error: (11/30/2015 08:55:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update snipsmart" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/30/2015 08:38:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/30/2015 08:36:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/30/2015 08:36:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/30/2015 08:36:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/30/2015 08:36:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/30/2015 08:36:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/30/2015 08:36:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/30/2015 08:36:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (11/30/2015 08:36:32 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}


CodeIntegrity:
===================================
  Date: 2014-11-30 22:22:54.493
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:22:54.472
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:21:01.882
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:21:01.858
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 12216.36 MB
Verfügbarer physikalischer RAM: 7622.86 MB
Summe virtueller Speicher: 24430.93 MB
Verfügbarer virtueller Speicher: 19181.72 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:503.32 GB) (Free:66.41 GB) NTFS
Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:2066.22 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 9E560E8A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=06)
Partition 3: (Not Active) - (Size=503.3 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== Ende von Addition.txt ============================
         

Alt 01.12.2015, 00:08   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



Siehe oben...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.12.2015, 00:23   #9
Trabor
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



ja schon klar, aber du meintest ja ich soll nach dem scan als admin beide nochmal posten

das is jetzt von combofix
Code:
ATTFilter
ComboFix 15-11-30.01 - Hauptversorgung 01.12.2015   0:12.1.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.12216.7388 [GMT 1:00]
ausgeführt von:: c:\users\Manu\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\users\Hauptversorgung\AppData\Local\nsm606A.tmp
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\de\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\en\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\es\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\fr\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\it\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\ja\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\ko\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\ko_KR\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\pt\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\pt_BR\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\sl\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\tr\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\zh\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\zh_CN\messages.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\background.html
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\blocked.html
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\blocked.css
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\form.css
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\options.css
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\popup.css
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\reset.css
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\style.css
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\128.png
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\16.png
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\19.png
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\48.png
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\64.png
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\72.png
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\checkbox.png
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\options.png
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\radio.png
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\select.png
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\common.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\controller.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\functions.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\init-facebook.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\injection.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-background.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-blocked.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-news.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-options.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-popup.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-share.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-welcome.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\utils.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\website-blocker.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\lib\ChromeDB.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\lib\jquery-2.0.0.min.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\lib\sha256.js
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\manifest.json
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\news.html
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\options.html
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\popup.html
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\share.html
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\welcome.html
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hclgegipaehbigmbhdpfapmjadbaldib_0.localstorage-journal
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hclgegipaehbigmbhdpfapmjadbaldib_0.localstorage
c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-10-28 bis 2015-11-30  ))))))))))))))))))))))))))))))
.
.
2015-11-30 23:20 . 2015-11-30 23:20	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-11-30 23:20 . 2015-11-30 23:20	--------	d-----w-	c:\users\Hauptversorgung\AppData\Local\temp
2015-11-30 19:56 . 2015-11-30 19:56	--------	d-----w-	C:\OneDriveTemp
2015-11-30 19:15 . 2015-11-30 23:02	--------	d-----w-	C:\FRST
2015-11-30 19:01 . 2015-11-30 19:01	20160	----a-w-	c:\windows\system32\drivers\GUBootStartup.sys
2015-11-30 19:01 . 2015-11-30 19:01	--------	d-----w-	c:\users\Hauptversorgung\AppData\Roaming\DiskDefrag
2015-11-30 19:01 . 2015-11-30 19:01	--------	d-----w-	c:\users\Hauptversorgung\AppData\Roaming\GlarySoft
2015-11-30 19:01 . 2015-11-30 19:02	--------	d-----w-	c:\program files (x86)\Glary Utilities 5
2015-11-30 18:56 . 2015-11-30 18:56	--------	d-----w-	c:\users\Hauptversorgung\AppData\Roaming\ParetoLogic
2015-11-30 18:56 . 2015-11-30 18:56	--------	d-----w-	c:\users\Hauptversorgung\AppData\Roaming\DriverCure
2015-11-30 18:55 . 2015-11-30 18:55	--------	d-----w-	c:\program files (x86)\Common Files\ParetoLogic
2015-11-30 18:55 . 2015-11-30 18:59	--------	d-----w-	c:\programdata\ParetoLogic
2015-11-21 15:57 . 2015-11-21 15:57	--------	d-----w-	c:\programdata\Ubisoft
2015-11-21 15:56 . 2015-11-21 15:56	189248	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-11-21 15:56 . 2015-11-21 15:56	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2015-11-18 19:15 . 2015-11-18 19:15	--------	d-----w-	c:\programdata\McAfee
2015-11-18 19:15 . 2015-11-18 19:15	--------	d-----w-	c:\users\Hauptversorgung\AppData\Local\Adobe
2015-11-13 10:48 . 2015-11-24 21:48	--------	d-----w-	c:\program files (x86)\Diablo III Public Test
2015-11-12 16:52 . 2015-11-03 17:55	3211264	----a-w-	c:\windows\system32\win32k.sys
2015-11-10 19:41 . 2015-10-13 04:57	950720	----a-w-	c:\windows\system32\drivers\ndis.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-18 20:12 . 2014-05-30 21:27	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-11-18 20:12 . 2014-05-30 21:27	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-30 15:49 . 2015-10-30 15:49	668784	----a-w-	C:\SecurityScanner.dll
2015-10-20 00:45 . 2015-11-10 19:42	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29	875720	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22	869568	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-10-01 18:06 . 2015-10-14 16:21	692672	----a-w-	c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 16:21	616360	----a-w-	c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 16:21	63488	----a-w-	c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 16:21	59392	----a-w-	c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 16:21	32768	----a-w-	c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 16:21	17920	----a-w-	c:\windows\system32\appidcertstorecheck.exe
2015-10-01 18:00 . 2015-10-14 16:21	147456	----a-w-	c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50 . 2015-10-14 16:21	50688	----a-w-	c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 16:21	61440	----a-w-	c:\windows\system32\drivers\appid.sys
2015-09-22 21:36 . 2015-01-27 16:27	74952	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2015-09-22 21:36 . 2015-01-27 16:27	163544	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-09-02 03:04 . 2015-09-12 19:29	41984	----a-w-	c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-12 19:29	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-12 19:29	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-12 19:29	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-12 19:29	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-12 19:29	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-12 19:29	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-12 19:29	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-09-02 01:47 . 2015-09-12 19:29	372736	----a-w-	c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-12 19:29	299520	----a-w-	c:\windows\SysWow64\atmfd.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2015-03-01 15:33	297128	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2015-11-23 37152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DTS Sound"="c:\program files (x86)\DTS" [X]
"Mouse"="c:\program files (x86)\MX-3200 Mouse\DriverST.exe" [2012-08-21 184393]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-11-10 788176]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2015-10-14 66320]
.
c:\users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SoundSwitch.appref-ms [2015-11-13 354]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2013-5-10 2812296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk * 
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"TSleepSrv"="%ProgramFiles(x86)%\TOSHIBA\TOSHIBA" Sleep Utility\TSleepSrv.exe
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Update snipsmart;Update snipsmart;c:\program files (x86)\snipsmart\updatesnipsmart.exe;c:\program files (x86)\snipsmart\updatesnipsmart.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 GalaxyClientService;GalaxyClientService;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe [x]
R3 GalaxyCommunication;GalaxyCommunication;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe [x]
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbezdisplay64;USB Projector;c:\windows\system32\drivers\usbezdisplay64.sys;c:\windows\SYSNATIVE\drivers\usbezdisplay64.sys [x]
R3 X6va029;X6va029;c:\windows\SysWOW64\Drivers\X6va029;c:\windows\SysWOW64\Drivers\X6va029 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 dts_apo_service;DTS APO Service;c:\program files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe;c:\program files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [x]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys;c:\windows\SYSNATIVE\DRIVERS\QIOMem.sys [x]
S3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
S3 subvgaproduct64;subvgaproduct64;c:\windows\system32\DRIVERS\subvga64.sys;c:\windows\SYSNATIVE\DRIVERS\subvga64.sys [x]
S3 subvgaproductmirr64;subvgaproductmirr64;c:\windows\system32\DRIVERS\subvgamirr64.sys;c:\windows\SYSNATIVE\DRIVERS\subvgamirr64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-11 18:55	997704	----a-w-	c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-30 20:12]
.
2015-11-30 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job
- c:\users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 08:27]
.
2015-11-30 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job
- c:\users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 08:27]
.
2015-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26 10:50]
.
2015-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26 10:50]
.
2015-11-30 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2015-11-30 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08 18:55]
.
2015-11-30 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08 18:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2015-03-01 14:10	357376	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-05-13 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-05-13 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-05-13 444400]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2013-01-11 894048]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ie
uDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms}
mDefault_Search_URL = https://search.avira.net/#web/result?source=art&q=
mDefault_Page_URL = https://search.avira.net/#web/result?source=art&q=
mStart Page = https://search.avira.net/#web/result?source=art&q=
mSearch Page = https://search.avira.net/#web/result?source=art&q=
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\HAUPTV~1\AppData\Local\Temp\ie_script.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.137.1
FF - ProfilePath - c:\users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - prefs.js: browser.startup.homepage - hxxps://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ff
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
ShellIconOverlayIdentifiers-{5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
ShellIconOverlayIdentifiers-{A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
Wow6432Node-HKLM-Run-ITSecMng - %ProgramFiles(x86)%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
Wow6432Node-HKLM-Run-mbot_de_196 - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
c:\users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\Hauptversorgung\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
ShellIconOverlayIdentifiers-{5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
ShellIconOverlayIdentifiers-{A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
ShellIconOverlayIdentifiers-{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
ShellIconOverlayIdentifiers-{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
ShellIconOverlayIdentifiers-{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
ShellIconOverlayIdentifiers-{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
HKLM-RunOnce-WinSat - winsat dwm -xml results.xml
AddRemove-Activeris AntiMalware_is1 - c:\program files (x86)\Activeris AntiMalware\unins000.exe
AddRemove-LEGO Rock Raiders - c:\windows\IsUn0407.exe
AddRemove-SOE-PlanetSide 2 - c:\users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\Uninstaller.exe
AddRemove-StormWatch - c:\users\Hauptversorgung\AppData\Local\StormWatch\StormWatchappuninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va029]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va029"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-12-01  00:23:01
ComboFix-quarantined-files.txt  2015-11-30 23:23
.
Vor Suchlauf: 16 Verzeichnis(se), 72.290.897.920 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 75.061.182.464 Bytes frei
.
- - End Of File - - 74F8643DC540429C667A6BEB62C28544
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 01.12.2015, 09:23   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



Hi,

Schritt 1

Bitte deinstalliere folgende Programme:

StormWatch
WindowsMangerProtect20.0.0.1013


Versuche es bei Windows 7 zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
  • Starte die Revouninstaller.exe
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
    Klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3

  • Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 4



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.12.2015, 11:10   #11
Trabor
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



Es scheitert schon an schritt 1 :/ der Uninstaller findet das Programm auch nicht :/

Mit schritt 2 weiter machen?

Alt 01.12.2015, 11:12   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



Was steht denn oben was Du in diesem Fall machen sollst?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.12.2015, 12:05   #13
Trabor
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



ok hast ja recht

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 01.12.2015
Suchlaufzeit: 11:35
Protokolldatei: mbamlog.txt
Administrator: Nein

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.01.02
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Manu

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 302039
Abgelaufene Zeit: 13 Min., 40 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 82
PUP.Optional.HDVidCodec, HKCU\SOFTWARE\APPDATALOW\SOFTWARE\HDvid-Codec V9.0, In Quarantäne, [d115910ec1ca91a5b4993a5047bc4fb1], 
PUP.Optional.HQPro, HKCU\SOFTWARE\APPDATALOW\SOFTWARE\HQ-V-Pro-v1.8, In Quarantäne, [e204c3dc9eed72c4e144167519ea3cc4], 
PUP.Optional.MediaPlayerPlus, HKCU\SOFTWARE\APPDATALOW\SOFTWARE\Media_Play_AIR+, In Quarantäne, [8c5af5aa593241f55de8c6ccb35040c0], 
PUP.Optional.PlusHD, HKCU\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.7, In Quarantäne, [17cf3867721942f4e19ddebd9f64e020], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0F212658-AC46-4DB4-A651-F2E3F5D38859}, In Quarantäne, [3caa28770c7fda5c8e6c0e71d72c8e72], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{108D8067-8643-4CF1-AD3B-101D25E768BF}, In Quarantäne, [d313831cbfcced4927d4c0bf2dd68b75], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{178E9451-E9D4-4381-971F-AD9530306779}, In Quarantäne, [578f6f302368e3539a62ed92e1228080], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{243121BC-100C-4AD0-BD27-1171FA11535A}, In Quarantäne, [28be9708701bfc3a58a47e01d72c817f], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29BBDDF8-DD97-45DD-AF9B-C79232B8E5FB}, In Quarantäne, [6482c1de0784ed49dc20b4cbfa09d729], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A50A943-F295-4327-9A13-8A6FDE603887}, In Quarantäne, [f3f3d7c874172610cc30a9d6ec177b85], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2C6E88B5-E812-4915-8F98-7DEDCA968096}, In Quarantäne, [23c3a9f62b608baba8547708758e19e7], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3201F3BF-442C-44D9-941C-DED57D9E39F9}, In Quarantäne, [05e1ced1c0cb56e08b7093ec0af926da], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{32079536-D419-4EC5-9595-458584C51E73}, In Quarantäne, [6284a7f8751695a1ba42acd33cc7946c], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{32FF15BB-1746-4465-9D49-5BD934F0ABE6}, In Quarantäne, [16d05e415239122469920b74b64d0df3], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{347244E5-8DC2-410F-891A-CBAFFA5B9B58}, In Quarantäne, [f8eee8b7f59661d5e21ab7c8c1423ac6], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{370C4882-3678-4934-B3F8-365577ED1916}, In Quarantäne, [f9ed425d1774d660bf3ded9261a2a060], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{38A03796-445B-4B91-8357-38D3F71D8A4E}, In Quarantäne, [796da9f65e2d6bcb0eeee09fe81b59a7], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3CF1FF4B-591A-4D7D-9ECE-C4AA701DAEC9}, In Quarantäne, [9e48544b632833030eeeed92c93aa759], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3DE2F41F-43B2-447D-8F27-94872AF29849}, In Quarantäne, [7670dbc4b8d350e6ac50b5cadb28837d], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4241BAA4-98E3-4220-AD22-8EEDCCA3A57F}, In Quarantäne, [796d801f8a017db9ed0ebfc08f74738d], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4339F59A-23EE-44A2-BDA0-2BF2F2F635AC}, In Quarantäne, [5c8a2e7119720432ea118ef1a85b23dd], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{448AC77C-BC55-4305-BA96-A1DFAD8F58E6}, In Quarantäne, [38ae3b64bad13df9817a4b347093ae52], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{45B71231-D71B-49F0-91AE-8BBED0D8E54D}, In Quarantäne, [3da938672269c670f902add245be857b], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{470C2232-DF1D-42F1-AA50-4712B8B1C5BD}, In Quarantäne, [8d591e81810a7cba6497daa550b30cf4], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4B605DC8-1160-4B90-BA69-D9D94681ACDA}, In Quarantäne, [ecfaffa07d0ec571b547aad5a063aa56], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4F6B9E16-DA67-4E0F-94D1-F9F7F9E7D2F6}, In Quarantäne, [21c52b74414a54e2be3e225dee1501ff], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5284F595-4519-4416-A4F4-78E1667984ED}, In Quarantäne, [07dfd6c9018a95a1ed0f94eb4db6728e], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{58897D74-1416-4284-8677-5CF215122361}, In Quarantäne, [c323d9c658332f076c8fb5cac73c50b0], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A4D0888-7C66-49BB-98EE-AB8F90668E66}, In Quarantäne, [677ffea11a717abcc23aee915da6fb05], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C8D1436-87D2-41F9-BC5E-B612F2FA569F}, In Quarantäne, [e40236696229fb3bb546ec93ae5505fb], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E6B95C4-65C3-4396-9DAE-1EB81EF3CAD5}, In Quarantäne, [8066950a99f291a588731c6362a1ff01], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5ED96D22-A363-4CCE-801A-D431BAA677FE}, In Quarantäne, [63832778e5a68caa28d49de2877c10f0], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6049520A-E37D-493A-A1CB-F3CA1E53F6BC}, In Quarantäne, [42a46b34107b3df948b4ccb33bc8d32d], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6305ACDF-10FA-44FD-B790-B3A9737D46C2}, In Quarantäne, [eef8a9f6cdbe1b1b5aa183fc44bfdc24], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68DA9E74-2753-4D16-A5F2-3789ACD8C0F2}, In Quarantäne, [bc2aa9f69feccb6bdf1d8ef19d669769], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6900D7FA-7A60-44B7-84E8-2B13651799EF}, In Quarantäne, [24c29b04d2b975c1fffc3847ef148977], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F52208F-2C52-446A-919D-19B389CCFA74}, In Quarantäne, [1ccae3bca6e5d5617686ea9526dd8f71], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{71484CBA-6D1C-4D14-93D6-9E7FEC8EB217}, In Quarantäne, [cd198f1098f33afc00fb611eb05341bf], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{73174BA1-463A-4E33-856C-B0A9768C7188}, In Quarantäne, [7b6b950a1279c373be3ec6b9db281ae6], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{76FF8EE5-6E5A-4091-95F8-72D892EBAD3C}, In Quarantäne, [9254d7c85e2d44f29e5d7d024db69f61], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{782CE1D4-815E-4CEB-A9D0-232BBFA05820}, In Quarantäne, [697d29761279310509f2dca360a3c040], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7906FE99-9B73-45DA-802C-9E3ECF643A69}, In Quarantäne, [e7ff772896f5989ea8545a25e2219d63], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BE1335F-830A-42BC-85BC-77C31F19403D}, In Quarantäne, [984e6936711ae35300fb0a758c777888], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7D692592-F455-445A-BFD7-14F23E53D31F}, In Quarantäne, [7b6b6837c8c30b2bd328d8a76c978878], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{819B9182-3E54-4952-98DD-1DF84CDFF528}, In Quarantäne, [2fb7e9b6236886b0e01b275831d24ab6], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{83D3BB6C-230D-44D7-A635-28F73188E2F9}, In Quarantäne, [3ea8f6a9345769cd906b0a75ae5501ff], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89FC5209-C785-4891-A1D2-6291E24EB3B4}, In Quarantäne, [02e4bde20d7eae88e715c1be2fd4ff01], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A04DFF9F-25C6-4DC4-A9ED-F0483D4536C8}, In Quarantäne, [be28940b0a81999dcd2ed3ac4fb444bc], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB5E15E1-881C-45ED-99BE-127269A81FCB}, In Quarantäne, [05e10798117a94a26497344b4fb413ed], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2394958-C484-429A-B6D9-2120192DCC79}, In Quarantäne, [e7ff207f92f943f3cd2f96e9c340c23e], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2F7A7C3-B14A-4DAC-A3FD-70385B51DAF3}, In Quarantäne, [c71ffda2b0dbf3437f7d245bf50e1be5], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B558CA57-2A92-4F63-8B80-F3C6E0A5DEAE}, In Quarantäne, [6f77930cd0bbd0665ba16c13e71c9a66], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B95AFDF4-305B-4BE0-B92F-F6227FEABD4F}, In Quarantäne, [5e88811eee9d4aecaf4cdaa5c83b9a66], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BDA297CF-2BBB-463D-9D51-24FF29791355}, In Quarantäne, [499d900fd9b2dc5a11ebd6a960a3b24e], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C0603216-89C4-4200-BEC8-E99F299E87E8}, In Quarantäne, [cc1ac8d7ed9e7abc18e4156aa55e38c8], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C08F6C81-FD88-4311-B8DA-7F5DCB5CD9AB}, In Quarantäne, [c5211689c9c2ba7c619b92edf013738d], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C1F76434-8480-44B4-974F-2C335171ECAC}, In Quarantäne, [cb1b900fb3d80f27da22b5ca36cd639d], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C2BA08AD-9479-42CB-B47E-9828521D9498}, In Quarantäne, [4d999a054c3f75c10af1116e1ae9c937], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5913AD0-989C-41E4-A1A8-8BAC6C777C13}, In Quarantäne, [cd19930c751633037b811a657291ee12], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7163553-28E8-44B5-B432-1832BCB6ED79}, In Quarantäne, [fde9dac51a7150e61ede532c16ed3ac6], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA614061-DC8C-45B4-9619-732AF86F522E}, In Quarantäne, [bc2ac7d88cff92a40dee83fc50b3916f], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D08752A0-F26A-4EF8-BF17-E1BC442DCDE1}, In Quarantäne, [c81e356abdce64d2ef0d95ea56adcb35], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D227944D-474C-4B1B-A9AF-CE76B4F47D6A}, In Quarantäne, [5393a4fbf8935ed8dc2086f9ac573cc4], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2A9E610-7EFF-47A2-BA87-5A9D71C29B79}, In Quarantäne, [8462d1ce4348cf6711eb37486d96f808], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DCD1AEA9-4558-4D5A-B6CD-8D928B369BB0}, In Quarantäne, [7b6b18874249d95df00c3847847fd927], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DCFE8F93-FA8E-42A7-8E4A-1DE8B5368CBD}, In Quarantäne, [c91d0b94127941f539c21669f3108977], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6D65DD2-C9FF-46A1-A690-BB754A2D2234}, In Quarantäne, [21c54956c3c8f6407883314e8d76db25], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E7805AEC-22CA-447F-A8A6-7EC7E77070A9}, In Quarantäne, [4c9a6b347b10c6704cafadd24cb73ec2], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA617D50-E068-4C1D-AE95-F6E6AF98E524}, In Quarantäne, [bf27732c8cff79bd07f482fdeb180ef2], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EE3F1BE3-9026-4411-94C0-6275F5D04962}, In Quarantäne, [39ad1a85d6b5ba7c7784dba442c1738d], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F254CE75-9F5A-4339-95D3-C425FB9D2FA3}, In Quarantäne, [76703b64f7945adc4bb037488a791ce4], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2F2CECB-4057-45D7-9099-DBA4A389EDA3}, In Quarantäne, [0adc306f3754fc3a29d3bfc0ab5820e0], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F63CB3CD-DFB0-48EF-B2D7-FEE9CDB66E41}, In Quarantäne, [1bcb6837ddae56e00cf0532c63a059a7], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F88A048B-94CB-47D1-849C-D6DED33C423F}, In Quarantäne, [d313b0efdcafb18546b695eab94aab55], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9BD8476-7ED1-47C5-AC74-4D343134A95A}, In Quarantäne, [a73f4f509bf0e551e6155e212bd84fb1], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA438C90-32B9-4258-85D8-D35DBF4AC826}, In Quarantäne, [fbeb4758f7945adc6596e19ee91a34cc], 
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FCE608D2-31D8-4F88-8853-E471C5AE4D18}, In Quarantäne, [be28ffa04b40eb4b9e5da6d959aaf709], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F05661C7-1D8D-4DCA-9CCD-38B1D14B90C6}, Löschen bei Neustart, [cd1928775833c86e5bc2562ae122bc44], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F508FD0F-A0B9-4FA6-9671-D508E2630CBB}, Löschen bei Neustart, [20c6900f6a213ff7fe1ddda33ac99f61], 
PUP.Optional.MediaPlayerPlus, HKLM\SOFTWARE\WOW6432NODE\Media_Play_AIR+, Löschen bei Neustart, [d70fddc2048755e184c9a4ee996a53ad], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F05661C7-1D8D-4DCA-9CCD-38B1D14B90C6}, Löschen bei Neustart, [64822e719cefa096a974bec27c87a759], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F508FD0F-A0B9-4FA6-9671-D508E2630CBB}, Löschen bei Neustart, [cc1a5d42a5e6f83e48d36020de2526da], 

Registrierungswerte: 77
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0f212658-ac46-4db4-a651-f2e3f5d38859}|AppName, HDvid-Codec V9.0-bg.exe, In Quarantäne, [3caa28770c7fda5c8e6c0e71d72c8e72]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{108D8067-8643-4CF1-AD3B-101D25E768BF}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [d313831cbfcced4927d4c0bf2dd68b75]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{178E9451-E9D4-4381-971F-AD9530306779}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [578f6f302368e3539a62ed92e1228080]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{243121BC-100C-4AD0-BD27-1171FA11535A}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [28be9708701bfc3a58a47e01d72c817f]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29BBDDF8-DD97-45DD-AF9B-C79232B8E5FB}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [6482c1de0784ed49dc20b4cbfa09d729]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A50A943-F295-4327-9A13-8A6FDE603887}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [f3f3d7c874172610cc30a9d6ec177b85]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2C6E88B5-E812-4915-8F98-7DEDCA968096}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [23c3a9f62b608baba8547708758e19e7]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3201F3BF-442C-44D9-941C-DED57D9E39F9}|AppName, 0ee6de5f-3a06-4b03-90c8-26d4cf9d4b0a-2.exe-buttonutil.exe, In Quarantäne, [05e1ced1c0cb56e08b7093ec0af926da]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{32079536-D419-4EC5-9595-458584C51E73}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [6284a7f8751695a1ba42acd33cc7946c]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{32FF15BB-1746-4465-9D49-5BD934F0ABE6}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [16d05e415239122469920b74b64d0df3]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{347244E5-8DC2-410F-891A-CBAFFA5B9B58}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [f8eee8b7f59661d5e21ab7c8c1423ac6]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{370C4882-3678-4934-B3F8-365577ED1916}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-codedownloader.exe, In Quarantäne, [f9ed425d1774d660bf3ded9261a2a060]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{38A03796-445B-4B91-8357-38D3F71D8A4E}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [796da9f65e2d6bcb0eeee09fe81b59a7]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3CF1FF4B-591A-4D7D-9ECE-C4AA701DAEC9}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [9e48544b632833030eeeed92c93aa759]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3DE2F41F-43B2-447D-8F27-94872AF29849}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [7670dbc4b8d350e6ac50b5cadb28837d]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4241BAA4-98E3-4220-AD22-8EEDCCA3A57F}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [796d801f8a017db9ed0ebfc08f74738d]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4339F59A-23EE-44A2-BDA0-2BF2F2F635AC}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [5c8a2e7119720432ea118ef1a85b23dd]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{448AC77C-BC55-4305-BA96-A1DFAD8F58E6}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [38ae3b64bad13df9817a4b347093ae52]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{45B71231-D71B-49F0-91AE-8BBED0D8E54D}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [3da938672269c670f902add245be857b]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{470C2232-DF1D-42F1-AA50-4712B8B1C5BD}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [8d591e81810a7cba6497daa550b30cf4]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4B605DC8-1160-4B90-BA69-D9D94681ACDA}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [ecfaffa07d0ec571b547aad5a063aa56]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4F6B9E16-DA67-4E0F-94D1-F9F7F9E7D2F6}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-codedownloader.exe, In Quarantäne, [21c52b74414a54e2be3e225dee1501ff]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5284F595-4519-4416-A4F4-78E1667984ED}|AppName, 87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-2.exe-codedownloader.exe, In Quarantäne, [07dfd6c9018a95a1ed0f94eb4db6728e]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{58897D74-1416-4284-8677-5CF215122361}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-buttonutil.exe, In Quarantäne, [c323d9c658332f076c8fb5cac73c50b0]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A4D0888-7C66-49BB-98EE-AB8F90668E66}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [677ffea11a717abcc23aee915da6fb05]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C8D1436-87D2-41F9-BC5E-B612F2FA569F}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [e40236696229fb3bb546ec93ae5505fb]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E6B95C4-65C3-4396-9DAE-1EB81EF3CAD5}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [8066950a99f291a588731c6362a1ff01]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5ED96D22-A363-4CCE-801A-D431BAA677FE}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [63832778e5a68caa28d49de2877c10f0]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6049520A-E37D-493A-A1CB-F3CA1E53F6BC}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [42a46b34107b3df948b4ccb33bc8d32d]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6305ACDF-10FA-44FD-B790-B3A9737D46C2}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [eef8a9f6cdbe1b1b5aa183fc44bfdc24]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68DA9E74-2753-4D16-A5F2-3789ACD8C0F2}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [bc2aa9f69feccb6bdf1d8ef19d669769]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6900D7FA-7A60-44B7-84E8-2B13651799EF}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [24c29b04d2b975c1fffc3847ef148977]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F52208F-2C52-446A-919D-19B389CCFA74}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [1ccae3bca6e5d5617686ea9526dd8f71]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{71484CBA-6D1C-4D14-93D6-9E7FEC8EB217}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-buttonutil.exe, In Quarantäne, [cd198f1098f33afc00fb611eb05341bf]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{73174BA1-463A-4E33-856C-B0A9768C7188}|AppName, 0ee6de5f-3a06-4b03-90c8-26d4cf9d4b0a-2.exe-codedownloader.exe, In Quarantäne, [7b6b950a1279c373be3ec6b9db281ae6]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{76FF8EE5-6E5A-4091-95F8-72D892EBAD3C}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [9254d7c85e2d44f29e5d7d024db69f61]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{782CE1D4-815E-4CEB-A9D0-232BBFA05820}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [697d29761279310509f2dca360a3c040]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7906FE99-9B73-45DA-802C-9E3ECF643A69}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [e7ff772896f5989ea8545a25e2219d63]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BE1335F-830A-42BC-85BC-77C31F19403D}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [984e6936711ae35300fb0a758c777888]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7D692592-F455-445A-BFD7-14F23E53D31F}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [7b6b6837c8c30b2bd328d8a76c978878]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{819B9182-3E54-4952-98DD-1DF84CDFF528}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [2fb7e9b6236886b0e01b275831d24ab6]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{83D3BB6C-230D-44D7-A635-28F73188E2F9}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [3ea8f6a9345769cd906b0a75ae5501ff]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89FC5209-C785-4891-A1D2-6291E24EB3B4}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [02e4bde20d7eae88e715c1be2fd4ff01]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A04DFF9F-25C6-4DC4-A9ED-F0483D4536C8}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [be28940b0a81999dcd2ed3ac4fb444bc]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB5E15E1-881C-45ED-99BE-127269A81FCB}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [05e10798117a94a26497344b4fb413ed]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2394958-C484-429A-B6D9-2120192DCC79}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [e7ff207f92f943f3cd2f96e9c340c23e]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2F7A7C3-B14A-4DAC-A3FD-70385B51DAF3}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [c71ffda2b0dbf3437f7d245bf50e1be5]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B558CA57-2A92-4F63-8B80-F3C6E0A5DEAE}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [6f77930cd0bbd0665ba16c13e71c9a66]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B95AFDF4-305B-4BE0-B92F-F6227FEABD4F}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [5e88811eee9d4aecaf4cdaa5c83b9a66]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BDA297CF-2BBB-463D-9D51-24FF29791355}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [499d900fd9b2dc5a11ebd6a960a3b24e]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C0603216-89C4-4200-BEC8-E99F299E87E8}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [cc1ac8d7ed9e7abc18e4156aa55e38c8]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C08F6C81-FD88-4311-B8DA-7F5DCB5CD9AB}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [c5211689c9c2ba7c619b92edf013738d]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c1f76434-8480-44b4-974f-2c335171ecac}|AppName, HDvid-Codec V9.0-codedownloader.exe, In Quarantäne, [cb1b900fb3d80f27da22b5ca36cd639d]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C2BA08AD-9479-42CB-B47E-9828521D9498}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [4d999a054c3f75c10af1116e1ae9c937]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5913AD0-989C-41E4-A1A8-8BAC6C777C13}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [cd19930c751633037b811a657291ee12]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7163553-28E8-44B5-B432-1832BCB6ED79}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [fde9dac51a7150e61ede532c16ed3ac6]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA614061-DC8C-45B4-9619-732AF86F522E}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [bc2ac7d88cff92a40dee83fc50b3916f]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D08752A0-F26A-4EF8-BF17-E1BC442DCDE1}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [c81e356abdce64d2ef0d95ea56adcb35]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D227944D-474C-4B1B-A9AF-CE76B4F47D6A}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [5393a4fbf8935ed8dc2086f9ac573cc4]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2A9E610-7EFF-47A2-BA87-5A9D71C29B79}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-codedownloader.exe, In Quarantäne, [8462d1ce4348cf6711eb37486d96f808]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DCD1AEA9-4558-4D5A-B6CD-8D928B369BB0}|AppName, 0ee6de5f-3a06-4b03-90c8-26d4cf9d4b0a-2.exe-codedownloader.exe, In Quarantäne, [7b6b18874249d95df00c3847847fd927]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DCFE8F93-FA8E-42A7-8E4A-1DE8B5368CBD}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [c91d0b94127941f539c21669f3108977]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e6d65dd2-c9ff-46a1-a690-bb754a2d2234}|AppName, HDvid-Codec V9.0-buttonutil.exe, In Quarantäne, [21c54956c3c8f6407883314e8d76db25]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E7805AEC-22CA-447F-A8A6-7EC7E77070A9}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [4c9a6b347b10c6704cafadd24cb73ec2]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA617D50-E068-4C1D-AE95-F6E6AF98E524}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-buttonutil.exe, In Quarantäne, [bf27732c8cff79bd07f482fdeb180ef2]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EE3F1BE3-9026-4411-94C0-6275F5D04962}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [39ad1a85d6b5ba7c7784dba442c1738d]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F254CE75-9F5A-4339-95D3-C425FB9D2FA3}|AppName, 87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-2.exe-buttonutil.exe, In Quarantäne, [76703b64f7945adc4bb037488a791ce4]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2F2CECB-4057-45D7-9099-DBA4A389EDA3}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [0adc306f3754fc3a29d3bfc0ab5820e0]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F63CB3CD-DFB0-48EF-B2D7-FEE9CDB66E41}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-codedownloader.exe, In Quarantäne, [1bcb6837ddae56e00cf0532c63a059a7]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F88A048B-94CB-47D1-849C-D6DED33C423F}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [d313b0efdcafb18546b695eab94aab55]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9BD8476-7ED1-47C5-AC74-4D343134A95A}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [a73f4f509bf0e551e6155e212bd84fb1]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA438C90-32B9-4258-85D8-D35DBF4AC826}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-buttonutil.exe, In Quarantäne, [fbeb4758f7945adc6596e19ee91a34cc]
PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FCE608D2-31D8-4F88-8853-E471C5AE4D18}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [be28ffa04b40eb4b9e5da6d959aaf709]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f05661c7-1d8d-4dca-9ccd-38b1d14b90c6}|AppName, Media_Play_AIR+-codedownloader.exe, Löschen bei Neustart, [cd1928775833c86e5bc2562ae122bc44]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f508fd0f-a0b9-4fa6-9671-d508e2630cbb}|AppName, Media_Play_AIR+-bg.exe, Löschen bei Neustart, [20c6900f6a213ff7fe1ddda33ac99f61]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f05661c7-1d8d-4dca-9ccd-38b1d14b90c6}|AppName, Media_Play_AIR+-codedownloader.exe, Löschen bei Neustart, [64822e719cefa096a974bec27c87a759]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f508fd0f-a0b9-4fa6-9671-d508e2630cbb}|AppName, Media_Play_AIR+-bg.exe, Löschen bei Neustart, [cc1a5d42a5e6f83e48d36020de2526da]

Registrierungsdaten: 1
PUP.Optional.SimplyTech, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|newtab, %appdata%\SimplyTech\home\home.htm, Gut: (www.google.com), Schlecht: (%appdata%\SimplyTech\home\home.htm),Löschen bei Neustart,[af377e21f99281b55bda0a659c68cb35]

Ordner: 1
PUP.Optional.ProtectedSearch, C:\Windows\System32\Tasks\ProtectedSearch, In Quarantäne, [aa3c86196c1fd363afc694f30df58d73], 

Dateien: 2
PUP.Optional.WebInstr, C:\Windows\System32\drivers\Msft_Kernel_webinstrNew_01009.Wdf, Löschen bei Neustart, [b333dcc3187376c0be1e0fa05aa91fe1], 
PUP.Optional.ProtectedSearch, C:\Windows\System32\Tasks\ProtectedSearch\Protected Search, In Quarantäne, [aa3c86196c1fd363afc694f30df58d73], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

Code:
ATTFilter
# AdwCleaner v5.023 - Bericht erstellt am 01/12/2015 um 11:20:31
# Aktualisiert am 30/11/2015 von Xplode
# Datenbank : 2015-11-30.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Hauptversorgung - MANUSPC
# Gestartet von : C:\Users\Manu\Downloads\AdwCleaner_5.023.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : Update snipsmart

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\ParetoLogic
[-] Ordner Gelöscht : C:\ProgramData\ParetoLogic
[-] Ordner Gelöscht : C:\ProgramData\ytd video downloader
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Ordner Gelöscht : C:\Users\Hauptversorgung\AppData\Local\MalwareProtectionLive
[-] Ordner Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\DriverCure
[-] Ordner Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\ParetoLogic
[-] Ordner Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Systweak
[-] Ordner Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér
[!] Ordner Nicht Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér
[-] Ordner Gelöscht : C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\astrmndant
[-] Ordner Gelöscht : C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\{8dc5c42e-9204-2a64-8b97-fa94ff8a241f}
[-] Ordner Gelöscht : C:\Windows\SysNative\Tasks\Browser Updater
[-] Ordner Gelöscht : C:\Windows\SysNative\Tasks\SystemSockets

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
[-] Datei Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk
[-] Datei Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi
[-] Datei Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi
[-] Datei Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi
[-] Datei Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\searchplugins\yahoo_ff.xml
[-] Datei Gelöscht : C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi
[-] Datei Gelöscht : C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Aufgabenplanung Gelöscht : ASP
[-] Aufgabenplanung Gelöscht : paretologic registration3
[-] Aufgabenplanung Gelöscht : paretologic update version3
[-] Aufgabenplanung Gelöscht : ParetoLogic Update Version3 Startup Task

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\uus3url-pl
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel Gelöscht : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update snipsmart
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [C:\Program Files (x86)\Plus-HD-9.7\Plus-HD-9.7-nova.exe]
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EC77D09-02CB-4E1F-E3C4-FB141B2610B3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\ParetoLogic
[-] Schlüssel Gelöscht : HKCU\Software\StormWatchApp
[-] Schlüssel Gelöscht : HKCU\Software\StormWatch
[-] Schlüssel Gelöscht : HKCU\Software\snipsmart
[-] Schlüssel Gelöscht : HKCU\Software\OB
[-] Schlüssel Gelöscht : HKCU\Software\Reg\Clean
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Mozilla\Extends
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\re-markit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\webssearchesSoftware
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Taronja
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Reg\Clean
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Activeris AntiMalware_is1
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\Supra Savings
[-] Schlüssel Gelöscht : HKU\S-1-5-19\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel Gelöscht : HKU\S-1-5-20\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel Gelöscht : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Softonic
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\suprasavings
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\AppDataLow\Software\Supra Savings
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\AppDataLow\Software\suprasavings
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\AppDataLow\Software\re-markit
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI []
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl []
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchURI []
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURI []
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BCDA714C-8505-4B2F-8D95-183C58730C77}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\astromenda.com

***** [ Internetbrowser ] *****

[-] [C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\prefs.js] [Preference] Gelöscht : user_pref("keyword.URL", "hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=");
[-] [C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxps://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ff");
[-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultenginename", "Astromenda");
[-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "Astromenda");
[-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=ast_cmi_14_43_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBzz0B0EyEyE0CtD0E0BtN0D0Tzu0StCtDtBzytN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDy[...]
[-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=ast_cmi_14_43_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBzz0B0EyEyE0CtD0E0BtN0D0Tzu0StCtDtBzytN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzyt[...]
[-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda");
[-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda");
[-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=ast_cmi_14_43_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBzz0B0EyEyE0CtD0E0BtN0D0Tzu0StCtDtBzytN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBz[...]
[-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : astromenda.com
[-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : feed.snapdo.com
[-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : default-search.net
[-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : istart.webssearches.com
[-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : webssearches
[-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Gelöscht : hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX
[-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms}
[-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : ibnjmihbbanannlbobkbmnmckjnmdnom
[-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX
[-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : feed.snapdo.com
[-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : ibnjmihbbanannlbobkbmnmckjnmdnom
[-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : kfgaibfbmkjgmimhbbaikfnpkkjkpoan
[-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : nhjnmokdaalmckkikjklibeakholpham
[-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : pfkfdlcdbajamklbneflfbcmfgddmpae
[-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://search.conduit.com/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=MCD9BAB08-7ABA-4542-874F-FC143CF15558&SearchSource=55&CUI=&UM=5&UP=SPA12563DE-28B5-4BD1-8429-E6959CE85A73&SSPV=

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - \AdwCleaner\AdwCleaner[C2].txt - [15481 Bytes] ##########
         

Alt 01.12.2015, 12:06   #14
Trabor
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-11-2015
durchgeführt von Hauptversorgung (2015-12-01 12:01:32)
Gestartet von C:\Users\Manu\Downloads\Hilfe
Windows 7 Professional Service Pack 1 (X64) (2014-04-20 22:13:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1029605971-2717496707-4219619431-500 - Administrator - Disabled)
Gast (S-1-5-21-1029605971-2717496707-4219619431-501 - Limited - Disabled)
Hauptversorgung (S-1-5-21-1029605971-2717496707-4219619431-1000 - Administrator - Enabled) => C:\Users\Hauptversorgung
HomeGroupUser$ (S-1-5-21-1029605971-2717496707-4219619431-1003 - Limited - Enabled)
Manu (S-1-5-21-1029605971-2717496707-4219619431-1001 - Limited - Enabled) => C:\Users\Manu

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version:  - Ubisoft Montreal)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 2.0.0.9 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.11.1440 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.11(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.52.52 - Conexant)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
Debut Videorekorder (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Debut) (Version: 1.95 - NCH Software)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.11 - Electronic Arts)
Dropbox (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
DTS Sound (HKLM-x32\...\{791692AD-63B2-4A87-A097-4E8DD3CE4BC9}) (Version: 1.00.0078 - DTS, Inc.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.)
Free Studio version 6.5.0.301 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.)
Free WEBM Player (HKLM-x32\...\Free WEBM Player_is1) (Version: 1.0 - Free Converting)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.102.12020 (HKLM-x32\...\{571E58E4-608E-B7A6-50FF-4B531B424F5B}) (Version: 2.16.102.12020 - Sony)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.1 (x86 de)) (Version: 33.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team)
NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.23.2817 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PhotoFiltre 7 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\PhotoFiltre 7) (Version:  - )
Picopix Viewer 2 (HKLM-x32\...\{6022800B-A1E1-4CA9-9B74-6E4F599AC42C}) (Version: 1.0.0.7 - PHILIPS)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version:  - Crytek)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.14.201410081526 - Sony Mobile Communications AB)
Sony PC Companion 2.10.297 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.297 - Sony)
SoundSwitch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\5e9d4b807286f8d3) (Version: 2.4.1.4 - Jeroen Pelgrims)
Spotify (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.12 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 5.00.04.00 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.27.3201 - Toshiba Corporation)
UninstallMX-3200 Mouse (HKLM-x32\...\{41CC9883-5B20-4F62-98CB-034D10240708}}_is1) (Version:  - MX-3200 Mouse Driver)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

01-12-2015 11:11:40 Revo Uninstaller's restore point - System Checkup 3.5

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-12-01 00:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02B218BB-B0BE-40B5-880B-669D3D989018} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {36CC9A75-FF2F-453A-A08C-3DF6DA05C672} - System32\Tasks\{DC9E7E91-893F-4F34-8078-1E9598CD3A6A} => pcalua.exe -a "C:\Program Files (x86)\Media_Play_AIR+\Uninstall.exe" -c /fcp=1
Task: {41F2AC6B-6E34-4814-A9F1-95BCAD745482} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {65E73BDE-6998-4EF4-B2F2-BE1C22C01D89} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {80BF3CDD-F884-4F26-AF87-90928C62F92B} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-08-25] (Avira Operations GmbH & Co. KG)
Task: {84FB224D-0E25-44C3-9193-28B6C475FFF8} - \Browser Updater\Browser Updater -> Keine Datei <==== ACHTUNG
Task: {89F4AD92-E3AC-49CB-AE69-8C756DECBC63} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {9C074F6C-8604-4152-8DD2-2F5AA246BCEE} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {AEBD5690-7CB0-4CF6-A0A6-8F09C7EA5158} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B375BCBF-15A7-44DD-94EB-F3C4B8E56AB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B6CFCE72-B725-4A8C-9FED-D67829945A5A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B78AA8BB-2BFC-449F-A1C3-6882B976C7F6} - \ProtectedSearch\Protected Search -> Keine Datei <==== ACHTUNG
Task: {C213B827-FF0C-44DD-BC69-8F567D29E2D0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {E1B00C93-5703-46DE-8C3B-9C36F51FC3B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-18] (Adobe Systems Incorporated)
Task: {FDE43669-62CB-4041-B6BE-0F4463347814} - \SystemSockets\SystemSockets -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-30 14:32 - 2013-05-30 14:32 - 00016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-11-21 16:56 - 2015-11-21 16:56 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-18 15:30 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-08-15 10:05 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-08-15 10:05 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-08-22 14:59 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 13:54 - 2011-07-07 13:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-08-22 14:59 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2015-03-23 18:19 - 2015-03-23 18:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2014-08-22 14:59 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-04-10 10:26 - 2015-04-10 10:26 - 00669696 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2013-06-11 08:31 - 2013-06-11 08:31 - 00090112 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2012-04-04 13:33 - 2012-04-04 13:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2013-01-08 16:02 - 2013-01-08 16:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2012-07-26 10:51 - 2012-07-26 10:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2012-05-07 10:55 - 2012-05-07 10:55 - 00178104 _____ () C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosGatt.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\sony.com -> sony.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{695E765D-1888-4123-A8A0-77C1063C4600}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{7334B691-407C-4F7A-B1CD-649227889648}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{E7E0FB69-5014-4EDF-9346-E3CE354F890F}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{5B4215D7-629E-4CD1-8A9F-7AFD98D92516}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [TCP Query User{FD221C7B-2323-43AA-87F2-FA60B3CDAEA1}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe
FirewallRules: [UDP Query User{5F9E9BCD-E65A-458B-AB31-90F74F32492F}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe
FirewallRules: [{150BEBFA-06AC-446C-88AE-DC455F13C92E}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{3399C967-52AC-436B-AAA4-B0B033265B07}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{5FDAC454-596C-4093-9C44-386654845929}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FEEA1814-0AA6-446C-9AD6-58158DCB8366}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{77BA2580-97DA-42E3-A7C9-1F538BF6303F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{ED613459-72D8-489D-A965-6CA4C593548B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2A4B1D99-1D5D-4E69-83C2-3F4F14468DDC}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{BE5FB37C-92A8-4E65-AFCD-64328F901131}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{704239C9-60B8-4CEF-8368-FFCD03FB8C52}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{5C0AF49E-EDDB-4910-883A-243E86BE809E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{3F5AAD94-95FA-4D8C-A604-CEBE0D5B08EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5DC7C6FB-C9AC-4FC7-8B78-ACCB784808B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{69570EC4-3BA9-42AE-8B38-A551373CD101}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [UDP Query User{2D222F44-2F5E-4A05-AA89-969DA903E654}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [{15121F45-5065-4408-99AC-2987AE1F5E06}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{22715FA6-D188-4B64-B47F-9F17BC93A0A1}] => (Allow) LPort=2869
FirewallRules: [{761C75ED-7C81-436D-9038-00175947154E}] => (Allow) LPort=1900
FirewallRules: [{46FCDBBA-0F5D-402A-8D61-93295691B05B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{02A45172-C4DC-4C66-9133-20D4402B1DE0}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{08C48F49-058C-47BC-BC2D-E62AA9A6075D}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{AFA97030-0BDF-4923-AF83-25BD945A08DB}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3D3B09D3-A583-4625-BF68-11B0D1A88119}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{840649AA-4555-4A11-B44E-4941DFC38C88}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0B9FD96F-1A10-447B-BCFE-16A13A05EE85}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A415C068-196E-4E51-9D69-D23BB7851B93}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [UDP Query User{EF96EDDE-B1D2-494D-BA50-4AB950322CE2}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [TCP Query User{E4410D65-CD93-4D6B-9DDB-4C6D4740CD18}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{CE3168AC-A80B-41EA-9CA1-91147D7CF6B6}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{414CE259-0899-45A2-A87C-2781BE7F02E1}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe
FirewallRules: [UDP Query User{44979A6C-3837-4A68-BB24-6B09A7301BFB}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe
FirewallRules: [{BE758AE4-C60D-45DB-A9FA-6FBD285A667D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{D995E6C6-683C-4C6B-AC70-D0725B7E0A77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{5F307FEF-1FF6-4DCA-B0FA-97A5FAE437F5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{76B7ADE8-DACE-488D-970F-AD727A24E894}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93B38BA5-37F1-48A0-AE0C-83C315B45BEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{57697E62-A9AB-4CE8-B1EA-6386C3870037}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{B7713B6E-B5B4-4911-A3A2-567180FB102C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{912EE4F4-E9A8-49AE-AAA1-8FF0CC88BE3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{576CC5FE-A1BA-46B2-AC3B-D4D2C16C4E43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{7293FCF4-1A73-4502-B6BB-AE16B30B6A8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{11AB4B45-A653-49B8-B7EB-C71728E81216}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{6BFA2B02-35C6-4D26-8982-C6AD7F2AA929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{50C1150E-8695-472D-B1D7-E8415E876784}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe
FirewallRules: [{A36BF8F6-70A8-43B9-9C8A-202BB09D3CAF}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe
FirewallRules: [{ADD2C6A6-D26B-438F-B6B8-E7CFE514D766}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe
FirewallRules: [{FE84DAB2-AD69-4C7C-8133-5110540C7E70}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe
FirewallRules: [{42B8BE23-325D-4373-9F18-7A1586E3866D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{DA58110C-A453-4FA7-B3DB-452E2FF21E07}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{A290E011-B1D3-4675-B8F0-5FBBBCD69709}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{03FB4EEC-A900-45DB-A1F8-8FF8B632F1C2}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{14A24841-2449-4206-A1CD-52AF3D61ADCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{65E9204B-24D1-4616-9A10-8DEADD1D67CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6BCE2702-E6E8-49B9-B3B6-94DD8EB038B0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{885CC5DF-D215-47FD-860F-4A0947C1A479}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{AD749031-A1F6-43ED-9745-C0C26A72B9A6}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{61C6A1A6-E6A9-4AA6-BA3C-E4610C04530F}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{DA2525F1-DEB7-49F1-87A5-E61C7C38C59A}] => (Allow) C:\Users\Hauptversorgung\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{06C9F0A8-346F-4C0C-9B55-E653DF945D1D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{5EC3F0A6-9028-4498-9532-48EB0D0BE5E5}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{759BB140-F194-4985-9DDD-51A587D41EFE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{3293E2EB-2B90-461B-B2F5-ED2F77688E29}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0C6B17EA-CC2D-4EB4-87CB-846DF40EA8D9}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E6867034-8D86-4988-B6BE-5BDEC70F0D46}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3B7CBB1B-3F82-4E3C-8B68-EDEA086B2524}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C7E6BF53-0DA0-45AF-87AF-20579A896855}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe
FirewallRules: [UDP Query User{23324BB8-18D3-4304-B06C-A6718AB5EBB2}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe
FirewallRules: [TCP Query User{89CD0DE0-F2BF-430A-8A2C-2C452D71EBDF}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{727384BD-E278-4DFD-B9EA-1311169FCAB9}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{D28DA4D8-870A-4874-9A0A-07F998B654BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{9FA4D48B-86A8-4ECB-9297-F3ECDCE18FB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{1721AEB4-BA9D-4560-B96C-7EE39595B642}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{38E0F69F-9AC7-484C-9A66-23EFA9468806}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{365A8F52-5F7C-4D87-86E7-80471F9A22F2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{A9F2616C-8D6A-465D-803B-87412F96BE39}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{B85217BD-BF90-42FC-AC38-7E5329156401}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [UDP Query User{E1286947-A9B0-44BC-84FF-68C2BB8D86EB}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [{A34A4B2C-606F-4038-AA6E-BB2B980968F4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{A5DBA105-740F-4B0D-87E7-B712BC30A2C0}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{BD0440F7-5665-4B79-B226-1B3B86011CE8}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3D01D709-80EE-4CFF-B5AD-40033A43DADA}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{93877362-D359-4E3D-A3B9-EDC17E18EF50}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [{502EBF67-EDE6-4D14-98AE-860EB5C0D972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{EE0D5ABB-6FE7-4C6F-84A1-1C966530FA22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [TCP Query User{A88E8258-F561-44ED-9219-315BF1367CE0}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{EF807ECB-443B-431A-92EF-AE5620078C33}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [{E1ACAAB5-BF44-4C1D-827C-28743106A93E}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{511EA237-B5C6-4CD6-BBB6-1E18C6A3E827}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{E01C9A8D-F268-4334-8811-FB33F15CF691}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{47CA75A6-CF9A-4B52-8D13-395D6CE50ECA}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [TCP Query User{1E9E3768-7706-461F-BCCD-D45B7B429FC6}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4A92A064-0E08-424B-B185-77F82C728675}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{86226233-512F-4C66-AD95-004871ADEC8D}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{75CF4D54-4682-4D94-899F-FC1267F2B1E8}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A599D2BC-B153-43AD-9A54-0B3454E92695}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C9F7AB7D-CA57-4D28-9554-9B4A1FD6287D}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [{46C43241-26E4-43C9-A5D1-CA513B7CF971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{4D434C33-EA00-404E-A6E3-DE4D4B3BD158}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [UDP Query User{C108A8C9-73CE-425C-AF89-B2A6A9030AF8}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [{C313866D-3332-4B60-82CB-8657E7806570}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{325C35F4-85F1-4F48-A0C0-BCB9415E0234}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{04511432-AE04-49EC-A4FA-CB5D5D8454BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5A9125A0-77C9-46D5-B6AB-53C7B1B8FBCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D1516845-6E21-4850-8D47-03BBA9BE16EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{74EE8792-45C4-4D90-94C6-0C7D1B86868E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DF066418-9661-412A-9365-1349110E6823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{F1525B84-1D69-42B3-9C34-88CC394EC190}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{063B437B-D699-484F-BEA0-920D3B769F09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{4BB81FE2-D083-4AF1-8B61-1BF0E3C141E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{BF07CEF3-AECC-4D06-BE76-9F33F3E57C84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{2B02CD39-DBA6-4AE6-8BCA-6CB6638BD9B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C85F2749-3ED8-414E-83E0-4C1BBCEECB25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{AAF532D2-C9F1-4534-BB2B-62537D62DBD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{4ECE19A5-0346-49ED-9A23-1B1944DA5A9C}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B650DFB5-09BD-4A88-ADBF-8CB6A828E18B}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8BD15219-0F0E-4756-B9E6-6FF735F8E49B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{6D719EC0-A7BE-44B8-BCE1-57DC879FF14F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 3D-Videocontroller
Description: 3D-Videocontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6240

Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6240

Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5241

Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5241

Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4243

Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4243

Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/01/2015 07:39:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3229


Systemfehler:
=============
Error: (12/01/2015 11:25:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1070

Error: (12/01/2015 11:25:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Email-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1070

Error: (12/01/2015 11:24:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.

Error: (12/01/2015 11:21:00 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TOSHIBA Bluetooth Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-12-01 00:19:50.079
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-12-01 00:19:50.044
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:22:54.493
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:22:54.472
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:21:01.882
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:21:01.858
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 12216.36 MB
Verfügbarer physikalischer RAM: 9543.68 MB
Summe virtueller Speicher: 24430.93 MB
Verfügbarer virtueller Speicher: 21695.37 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:503.32 GB) (Free:64.78 GB) NTFS
Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:2068.82 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 9E560E8A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=06)
Partition 3: (Not Active) - (Size=503.3 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== Ende von Addition.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-11-2015
durchgeführt von Hauptversorgung (2015-12-01 12:01:32)
Gestartet von C:\Users\Manu\Downloads\Hilfe
Windows 7 Professional Service Pack 1 (X64) (2014-04-20 22:13:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1029605971-2717496707-4219619431-500 - Administrator - Disabled)
Gast (S-1-5-21-1029605971-2717496707-4219619431-501 - Limited - Disabled)
Hauptversorgung (S-1-5-21-1029605971-2717496707-4219619431-1000 - Administrator - Enabled) => C:\Users\Hauptversorgung
HomeGroupUser$ (S-1-5-21-1029605971-2717496707-4219619431-1003 - Limited - Enabled)
Manu (S-1-5-21-1029605971-2717496707-4219619431-1001 - Limited - Enabled) => C:\Users\Manu

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version:  - Ubisoft Montreal)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 2.0.0.9 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.11.1440 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.11(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.52.52 - Conexant)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
Debut Videorekorder (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Debut) (Version: 1.95 - NCH Software)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.11 - Electronic Arts)
Dropbox (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
DTS Sound (HKLM-x32\...\{791692AD-63B2-4A87-A097-4E8DD3CE4BC9}) (Version: 1.00.0078 - DTS, Inc.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.)
Free Studio version 6.5.0.301 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.)
Free WEBM Player (HKLM-x32\...\Free WEBM Player_is1) (Version: 1.0 - Free Converting)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.102.12020 (HKLM-x32\...\{571E58E4-608E-B7A6-50FF-4B531B424F5B}) (Version: 2.16.102.12020 - Sony)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.1 (x86 de)) (Version: 33.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team)
NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.23.2817 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PhotoFiltre 7 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\PhotoFiltre 7) (Version:  - )
Picopix Viewer 2 (HKLM-x32\...\{6022800B-A1E1-4CA9-9B74-6E4F599AC42C}) (Version: 1.0.0.7 - PHILIPS)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version:  - Crytek)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.14.201410081526 - Sony Mobile Communications AB)
Sony PC Companion 2.10.297 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.297 - Sony)
SoundSwitch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\5e9d4b807286f8d3) (Version: 2.4.1.4 - Jeroen Pelgrims)
Spotify (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.12 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 5.00.04.00 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.27.3201 - Toshiba Corporation)
UninstallMX-3200 Mouse (HKLM-x32\...\{41CC9883-5B20-4F62-98CB-034D10240708}}_is1) (Version:  - MX-3200 Mouse Driver)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

01-12-2015 11:11:40 Revo Uninstaller's restore point - System Checkup 3.5

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-12-01 00:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02B218BB-B0BE-40B5-880B-669D3D989018} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {36CC9A75-FF2F-453A-A08C-3DF6DA05C672} - System32\Tasks\{DC9E7E91-893F-4F34-8078-1E9598CD3A6A} => pcalua.exe -a "C:\Program Files (x86)\Media_Play_AIR+\Uninstall.exe" -c /fcp=1
Task: {41F2AC6B-6E34-4814-A9F1-95BCAD745482} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {65E73BDE-6998-4EF4-B2F2-BE1C22C01D89} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {80BF3CDD-F884-4F26-AF87-90928C62F92B} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-08-25] (Avira Operations GmbH & Co. KG)
Task: {84FB224D-0E25-44C3-9193-28B6C475FFF8} - \Browser Updater\Browser Updater -> Keine Datei <==== ACHTUNG
Task: {89F4AD92-E3AC-49CB-AE69-8C756DECBC63} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {9C074F6C-8604-4152-8DD2-2F5AA246BCEE} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {AEBD5690-7CB0-4CF6-A0A6-8F09C7EA5158} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B375BCBF-15A7-44DD-94EB-F3C4B8E56AB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B6CFCE72-B725-4A8C-9FED-D67829945A5A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B78AA8BB-2BFC-449F-A1C3-6882B976C7F6} - \ProtectedSearch\Protected Search -> Keine Datei <==== ACHTUNG
Task: {C213B827-FF0C-44DD-BC69-8F567D29E2D0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {E1B00C93-5703-46DE-8C3B-9C36F51FC3B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-18] (Adobe Systems Incorporated)
Task: {FDE43669-62CB-4041-B6BE-0F4463347814} - \SystemSockets\SystemSockets -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-30 14:32 - 2013-05-30 14:32 - 00016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-11-21 16:56 - 2015-11-21 16:56 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-18 15:30 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-08-15 10:05 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-08-15 10:05 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-08-22 14:59 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 13:54 - 2011-07-07 13:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-08-22 14:59 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2015-03-23 18:19 - 2015-03-23 18:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2014-08-22 14:59 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-04-10 10:26 - 2015-04-10 10:26 - 00669696 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2013-06-11 08:31 - 2013-06-11 08:31 - 00090112 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2012-04-04 13:33 - 2012-04-04 13:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2013-01-08 16:02 - 2013-01-08 16:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2012-07-26 10:51 - 2012-07-26 10:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2012-05-07 10:55 - 2012-05-07 10:55 - 00178104 _____ () C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosGatt.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\sony.com -> sony.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{695E765D-1888-4123-A8A0-77C1063C4600}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{7334B691-407C-4F7A-B1CD-649227889648}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{E7E0FB69-5014-4EDF-9346-E3CE354F890F}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{5B4215D7-629E-4CD1-8A9F-7AFD98D92516}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [TCP Query User{FD221C7B-2323-43AA-87F2-FA60B3CDAEA1}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe
FirewallRules: [UDP Query User{5F9E9BCD-E65A-458B-AB31-90F74F32492F}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe
FirewallRules: [{150BEBFA-06AC-446C-88AE-DC455F13C92E}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{3399C967-52AC-436B-AAA4-B0B033265B07}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{5FDAC454-596C-4093-9C44-386654845929}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FEEA1814-0AA6-446C-9AD6-58158DCB8366}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{77BA2580-97DA-42E3-A7C9-1F538BF6303F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{ED613459-72D8-489D-A965-6CA4C593548B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2A4B1D99-1D5D-4E69-83C2-3F4F14468DDC}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{BE5FB37C-92A8-4E65-AFCD-64328F901131}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{704239C9-60B8-4CEF-8368-FFCD03FB8C52}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{5C0AF49E-EDDB-4910-883A-243E86BE809E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{3F5AAD94-95FA-4D8C-A604-CEBE0D5B08EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5DC7C6FB-C9AC-4FC7-8B78-ACCB784808B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{69570EC4-3BA9-42AE-8B38-A551373CD101}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [UDP Query User{2D222F44-2F5E-4A05-AA89-969DA903E654}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [{15121F45-5065-4408-99AC-2987AE1F5E06}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{22715FA6-D188-4B64-B47F-9F17BC93A0A1}] => (Allow) LPort=2869
FirewallRules: [{761C75ED-7C81-436D-9038-00175947154E}] => (Allow) LPort=1900
FirewallRules: [{46FCDBBA-0F5D-402A-8D61-93295691B05B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{02A45172-C4DC-4C66-9133-20D4402B1DE0}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{08C48F49-058C-47BC-BC2D-E62AA9A6075D}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{AFA97030-0BDF-4923-AF83-25BD945A08DB}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3D3B09D3-A583-4625-BF68-11B0D1A88119}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{840649AA-4555-4A11-B44E-4941DFC38C88}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0B9FD96F-1A10-447B-BCFE-16A13A05EE85}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A415C068-196E-4E51-9D69-D23BB7851B93}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [UDP Query User{EF96EDDE-B1D2-494D-BA50-4AB950322CE2}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [TCP Query User{E4410D65-CD93-4D6B-9DDB-4C6D4740CD18}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{CE3168AC-A80B-41EA-9CA1-91147D7CF6B6}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{414CE259-0899-45A2-A87C-2781BE7F02E1}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe
FirewallRules: [UDP Query User{44979A6C-3837-4A68-BB24-6B09A7301BFB}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe
FirewallRules: [{BE758AE4-C60D-45DB-A9FA-6FBD285A667D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{D995E6C6-683C-4C6B-AC70-D0725B7E0A77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{5F307FEF-1FF6-4DCA-B0FA-97A5FAE437F5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{76B7ADE8-DACE-488D-970F-AD727A24E894}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93B38BA5-37F1-48A0-AE0C-83C315B45BEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{57697E62-A9AB-4CE8-B1EA-6386C3870037}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{B7713B6E-B5B4-4911-A3A2-567180FB102C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{912EE4F4-E9A8-49AE-AAA1-8FF0CC88BE3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{576CC5FE-A1BA-46B2-AC3B-D4D2C16C4E43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{7293FCF4-1A73-4502-B6BB-AE16B30B6A8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{11AB4B45-A653-49B8-B7EB-C71728E81216}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{6BFA2B02-35C6-4D26-8982-C6AD7F2AA929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{50C1150E-8695-472D-B1D7-E8415E876784}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe
FirewallRules: [{A36BF8F6-70A8-43B9-9C8A-202BB09D3CAF}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe
FirewallRules: [{ADD2C6A6-D26B-438F-B6B8-E7CFE514D766}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe
FirewallRules: [{FE84DAB2-AD69-4C7C-8133-5110540C7E70}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe
FirewallRules: [{42B8BE23-325D-4373-9F18-7A1586E3866D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{DA58110C-A453-4FA7-B3DB-452E2FF21E07}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{A290E011-B1D3-4675-B8F0-5FBBBCD69709}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{03FB4EEC-A900-45DB-A1F8-8FF8B632F1C2}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{14A24841-2449-4206-A1CD-52AF3D61ADCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{65E9204B-24D1-4616-9A10-8DEADD1D67CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6BCE2702-E6E8-49B9-B3B6-94DD8EB038B0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{885CC5DF-D215-47FD-860F-4A0947C1A479}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{AD749031-A1F6-43ED-9745-C0C26A72B9A6}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{61C6A1A6-E6A9-4AA6-BA3C-E4610C04530F}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{DA2525F1-DEB7-49F1-87A5-E61C7C38C59A}] => (Allow) C:\Users\Hauptversorgung\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{06C9F0A8-346F-4C0C-9B55-E653DF945D1D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{5EC3F0A6-9028-4498-9532-48EB0D0BE5E5}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{759BB140-F194-4985-9DDD-51A587D41EFE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{3293E2EB-2B90-461B-B2F5-ED2F77688E29}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0C6B17EA-CC2D-4EB4-87CB-846DF40EA8D9}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E6867034-8D86-4988-B6BE-5BDEC70F0D46}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3B7CBB1B-3F82-4E3C-8B68-EDEA086B2524}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C7E6BF53-0DA0-45AF-87AF-20579A896855}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe
FirewallRules: [UDP Query User{23324BB8-18D3-4304-B06C-A6718AB5EBB2}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe
FirewallRules: [TCP Query User{89CD0DE0-F2BF-430A-8A2C-2C452D71EBDF}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{727384BD-E278-4DFD-B9EA-1311169FCAB9}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{D28DA4D8-870A-4874-9A0A-07F998B654BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{9FA4D48B-86A8-4ECB-9297-F3ECDCE18FB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{1721AEB4-BA9D-4560-B96C-7EE39595B642}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{38E0F69F-9AC7-484C-9A66-23EFA9468806}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{365A8F52-5F7C-4D87-86E7-80471F9A22F2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{A9F2616C-8D6A-465D-803B-87412F96BE39}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{B85217BD-BF90-42FC-AC38-7E5329156401}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [UDP Query User{E1286947-A9B0-44BC-84FF-68C2BB8D86EB}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe
FirewallRules: [{A34A4B2C-606F-4038-AA6E-BB2B980968F4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{A5DBA105-740F-4B0D-87E7-B712BC30A2C0}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{BD0440F7-5665-4B79-B226-1B3B86011CE8}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3D01D709-80EE-4CFF-B5AD-40033A43DADA}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{93877362-D359-4E3D-A3B9-EDC17E18EF50}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [{502EBF67-EDE6-4D14-98AE-860EB5C0D972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{EE0D5ABB-6FE7-4C6F-84A1-1C966530FA22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [TCP Query User{A88E8258-F561-44ED-9219-315BF1367CE0}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{EF807ECB-443B-431A-92EF-AE5620078C33}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [{E1ACAAB5-BF44-4C1D-827C-28743106A93E}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{511EA237-B5C6-4CD6-BBB6-1E18C6A3E827}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{E01C9A8D-F268-4334-8811-FB33F15CF691}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{47CA75A6-CF9A-4B52-8D13-395D6CE50ECA}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [TCP Query User{1E9E3768-7706-461F-BCCD-D45B7B429FC6}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4A92A064-0E08-424B-B185-77F82C728675}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{86226233-512F-4C66-AD95-004871ADEC8D}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{75CF4D54-4682-4D94-899F-FC1267F2B1E8}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A599D2BC-B153-43AD-9A54-0B3454E92695}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C9F7AB7D-CA57-4D28-9554-9B4A1FD6287D}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe
FirewallRules: [{46C43241-26E4-43C9-A5D1-CA513B7CF971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{4D434C33-EA00-404E-A6E3-DE4D4B3BD158}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [UDP Query User{C108A8C9-73CE-425C-AF89-B2A6A9030AF8}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [{C313866D-3332-4B60-82CB-8657E7806570}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{325C35F4-85F1-4F48-A0C0-BCB9415E0234}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{04511432-AE04-49EC-A4FA-CB5D5D8454BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5A9125A0-77C9-46D5-B6AB-53C7B1B8FBCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D1516845-6E21-4850-8D47-03BBA9BE16EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{74EE8792-45C4-4D90-94C6-0C7D1B86868E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DF066418-9661-412A-9365-1349110E6823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{F1525B84-1D69-42B3-9C34-88CC394EC190}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{063B437B-D699-484F-BEA0-920D3B769F09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{4BB81FE2-D083-4AF1-8B61-1BF0E3C141E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{BF07CEF3-AECC-4D06-BE76-9F33F3E57C84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{2B02CD39-DBA6-4AE6-8BCA-6CB6638BD9B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C85F2749-3ED8-414E-83E0-4C1BBCEECB25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{AAF532D2-C9F1-4534-BB2B-62537D62DBD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{4ECE19A5-0346-49ED-9A23-1B1944DA5A9C}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B650DFB5-09BD-4A88-ADBF-8CB6A828E18B}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8BD15219-0F0E-4756-B9E6-6FF735F8E49B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{6D719EC0-A7BE-44B8-BCE1-57DC879FF14F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 3D-Videocontroller
Description: 3D-Videocontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6240

Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6240

Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5241

Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5241

Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4243

Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4243

Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/01/2015 07:39:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3229


Systemfehler:
=============
Error: (12/01/2015 11:25:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1070

Error: (12/01/2015 11:25:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Email-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1070

Error: (12/01/2015 11:24:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.

Error: (12/01/2015 11:21:00 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TOSHIBA Bluetooth Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-12-01 00:19:50.079
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-12-01 00:19:50.044
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:22:54.493
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:22:54.472
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:21:01.882
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 22:21:01.858
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 12216.36 MB
Verfügbarer physikalischer RAM: 9543.68 MB
Summe virtueller Speicher: 24430.93 MB
Verfügbarer virtueller Speicher: 21695.37 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:503.32 GB) (Free:64.78 GB) NTFS
Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:2068.82 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 9E560E8A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=06)
Partition 3: (Not Active) - (Size=503.3 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== Ende von Addition.txt =====================================================
         

Alt 01.12.2015, 18:13   #15
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Standard

Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".



FRST.txt fehlt. Dafür ist die Addition.txt zweimal da...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".
antivirus, avira, converter, cpu, defender, desktop, downloader, explorer, failed, fehlermeldung, firefox, firewall, flash player, helper, installation, internet, internet explorer, modul, onedrive, problem, registry, regsvr32, scan, server, software, temp, teredo, udp, usb



Ähnliche Themen: Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".


  1. Windows 7: "Fehler beim Laden des Moduls" - RegSvr32
    Log-Analyse und Auswertung - 13.07.2015 (10)
  2. RegSvr32, Fehler beim Laden des Moduls " "
    Log-Analyse und Auswertung - 11.05.2015 (11)
  3. "RegSvr32 Fehler beim Laden des Moduls..." Windows 8
    Log-Analyse und Auswertung - 18.12.2014 (10)
  4. RegSvr32 Fehler beim Laden des Moduls "", nach Virenscan mit Avira
    Log-Analyse und Auswertung - 18.09.2014 (13)
  5. RegSvr32, Fehler beim Laden des Moduls " "
    Plagegeister aller Art und deren Bekämpfung - 17.09.2014 (11)
  6. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls
    Log-Analyse und Auswertung - 01.09.2014 (13)
  7. Win7: RegSvr32 - Fehler beim Laden des Moduls ""
    Log-Analyse und Auswertung - 28.08.2014 (15)
  8. Trojaner entfernt: RegSvr32 Fehler beim Laden des Moduls ""
    Plagegeister aller Art und deren Bekämpfung - 25.08.2014 (11)
  9. RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...)
    Log-Analyse und Auswertung - 21.08.2014 (6)
  10. "RegSvr32 - Fehler beim Laden des Moduls "
    Plagegeister aller Art und deren Bekämpfung - 17.08.2014 (12)
  11. Fehlermeldung bei Systemstart von WINDOWS 7 64-bit: RegSvr32 "Fehler beim Laden des Moduls ""."
    Log-Analyse und Auswertung - 17.08.2014 (10)
  12. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls ""."
    Alles rund um Windows - 12.08.2014 (18)
  13. regsvr32 fehler beim laden des moduls ""
    Log-Analyse und Auswertung - 06.08.2014 (9)
  14. Regsvr32 "Fehler beim Laden des Moduls" - Win 7
    Plagegeister aller Art und deren Bekämpfung - 04.08.2014 (13)
  15. RegSvr32 - Fehler beim Laden des Moduls "". (Windows 7 64bit)
    Plagegeister aller Art und deren Bekämpfung - 19.06.2014 (13)
  16. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls ""."
    Log-Analyse und Auswertung - 16.06.2014 (11)
  17. Meldung "regsvr32 - fehler beim laden des moduls"
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (15)

Zum Thema Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". - Hallo Leute, mein Problem ist wie dem Titel schon zu entnehmen, dass jedes mal wenn ich meinen Laptop starte, nach der Anmeldung diese Fehlermeldung bekomme: Zitat: Regsvr32 Fehlermeldung beim laden - Fehlermeldung: RegSvr32 Fehler beim laden des Moduls""....
Archiv
Du betrachtest: Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.