xxx.exe ungültiges Bild, bei jedem Versuch ein Programm zu starten, Betriebssystem Windows 7, Avira Antivirus Pro - Update nicht mögl.

Micha679 · 21.06.2017, 10:21

Hallo
ich versuche mich kurz zu halten, denn das erstellen des Themas hat eben schon nicht funktioniert... Ich schiebe das auch auf meinen PC

- ich bekomme nur noch diese Fehlermeldungen: xxx.exe-ungültiges Bild
Ich kann keine Programme zur Erkennung von Schadsoftware installieren, egal ob aus dem Netz oder vom Stick. Ich bekomme dann die Meldung "keine Internetverbindung", obwohl ich im Netz bin. Google Earth funktioniert auch nur über Umwege.

Beim öffnen von Programmen soll ich Nutzername und Initialen angeben, die aber schon drinnen stehen. Geht dann durch Wegklick fort.

Avira macht keine Updates mehr. Fehlende Internetverbindung

Ich bin am Ende und hab keine Ideen mehr. Bitte schlagt Euch doch mit mir und meinem PC rum. Wie erstelle ich denn einen Log mit Fund ?

Die Micha

Hab ich gerade gefunden, ging nicht anders zu kopieren.
Ab hier ging auch kein Update mehr.....

Muster 'W32/Virut.Gen [virus]'
in Datei 'C:\Windows\Temp\tmp000022f4\tmp0000cebd' gefunden.
Durchgeführte Aktion: Zugriff verweigern
Benutzer-SID: S-1-5-18

Muster 'ADWARE/Loadshop.leoxa [adware]'
in Datei 'C:\Windows\Temp\tmp000022f4\tmp000078b9' gefunden.
Durchgeführte Aktion: Datei in Quarantäne verschieben
Benutzer-SID: S-1-5-18
Muster 'ADWARE/Loadshop.leoxa [adware]'
in Datei 'C:\Windows\Temp\tmp000022f4\tmp0000421f' gefunden.
Durchgeführte Aktion: Datei in Quarantäne verschieben
Benutzer-SID: S-1-5-18

Muster 'ADWARE/Loadshop.leoxa [adware]'
in Datei 'C:\Windows\Temp\tmp000022f4\tmp000020c3' gefunden.
Durchgeführte Aktion: Datei in Quarantäne verschieben
Benutzer-SID: S-1-5-18

cosinus · 21.06.2017, 10:33

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Micha679 · 21.06.2017, 11:21

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01
durchgeführt von TWM (Administrator) auf TWM-GRAFIK (21-06-2017 12:04:10)
Gestartet von C:\Users\TWM\Downloads\Neuer Ordner
Geladene Profile: TWM (Verfügbare Profile: TWM)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Digital Care Solutions) C:\Program Files\BDServices\BitDefenderCOM.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\SLManagerEasy\Bufssvr.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\SLManagerEasy\Inputps.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [912768 2017-05-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [29246632 2017-05-30] (Dropbox, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\MountPoints2: {1ab2c73c-d12c-11e2-816c-001f3f0bd5eb} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\MountPoints2: {423c8b24-5fef-11e1-b6b5-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\MountPoints2: {42a8fae3-cd96-11e2-9ee7-001f3f0bd5eb} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\MountPoints2: {4add4876-ae40-11e2-9e55-001f3f0bd5eb} - E:\Startme.exe
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\MountPoints2: {6f95f241-dcfb-11e2-bac3-806e6f6e6963} - E:\Startme.exe
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\MountPoints2: {b508d6a8-3bca-11e2-a7eb-001f1f45f1d8} - F:\pushinst.exe
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\MountPoints2: {bde71f1c-5120-11e2-9d75-001f3f0bd5eb} - F:\Windows\CHECK\DriveNavigator.exe
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\MountPoints2: {d8b77728-da00-11e3-89e6-001f3f0bd5eb} - E:\LGAutoRun.exe
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-05-30]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\MyOSProtect.dll [0 2017-06-09] ()
Winsock: Catalog9 02 C:\Windows\SysWOW64\MyOSProtect.dll [0 2017-06-09] ()
Winsock: Catalog9 03 C:\Windows\SysWOW64\MyOSProtect.dll [0 2017-06-09] ()
Winsock: Catalog9 04 C:\Windows\SysWOW64\MyOSProtect.dll [0 2017-06-09] ()
Winsock: Catalog9 17 C:\Windows\SysWOW64\MyOSProtect.dll [0 2017-06-09] ()
Winsock: Catalog9-x64 01 C:\Windows\system32\MyOSProtect64.dll [350768 2014-09-01] (MyOSCompany)
Winsock: Catalog9-x64 02 C:\Windows\system32\MyOSProtect64.dll [350768 2014-09-01] (MyOSCompany)
Winsock: Catalog9-x64 03 C:\Windows\system32\MyOSProtect64.dll [350768 2014-09-01] (MyOSCompany)
Winsock: Catalog9-x64 04 C:\Windows\system32\MyOSProtect64.dll [350768 2014-09-01] (MyOSCompany)
Winsock: Catalog9-x64 17 C:\Windows\system32\MyOSProtect64.dll [350768 2014-09-01] (MyOSCompany)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{22D3BC2B-4D05-4B75-A28B-DFA9BAB3FD3A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{3367DD27-B4C0-4ABE-8B25-B0ACEBDD6A0B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{437F131D-BC42-472C-A3A0-A8AF1917DE18}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{E0C0A2A0-5E6C-447E-94A6-E84E54AD5CA0}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000 -> {B87E8424-FE80-43E9-8F2D-A0A6D02ADDE0} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: FRITZ!Box Addon BHO -> {C0C86BBE-9509-4296-8459-FDBFDAF4B673} -> C:\Program Files\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll [2012-12-11] (AVM Berlin)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-15] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-15] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\TWM\AppData\Roaming\Mozilla\Firefox\Profiles\Ehn1varw.default [2017-06-20]
FF Extension: (Avira Browser Safety) - C:\Users\TWM\AppData\Roaming\Mozilla\Firefox\Profiles\Ehn1varw.default\Extensions\abs@avira.com [2015-12-29]
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2013-02-14] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3198404451-3515860044-3934060500-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\TWM\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-08-16] (RocketLife, LLP)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.de/","hxxps://webmail.freenet.de/Email/View/MsgEdit?account=klinge2110@freenet.de&folder=INBOX&sentFolder=INBOX.sent&draftsFolder=INBOX.drafts","hxxps://banking.ksk-anhalt-bitterfeld.de/portal/portal/StartenIPSTANDARD?IID=80053722&AID=IPSTANDARD","hxxps://www.youtube.com/","hxxp://www.freenet.de/index.html","hxxp://www.ebay.de/myb/Summary"
CHR Profile: C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default [2017-06-21]
CHR Extension: (Google Präsentationen) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-09]
CHR Extension: (Google Docs) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Google Drive) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google-Suche) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Kalender) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-08]
CHR Extension: (Google Tabellen) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-09]
CHR Extension: (iCloud-Lesezeichen) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-07-28]
CHR Extension: (Avira Browserschutz) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-08]
CHR Extension: (Google Docs Offline) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: („Merken“-Button von Pinterest) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-04-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Outlook.com) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-10-02]
CHR Extension: (Google Mail) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\TWM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1119712 2017-05-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [488920 2017-05-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [488920 2017-05-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1520680 2017-05-04] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [100816 2017-04-21] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S4 BayerHealthcareService; C:\Program Files (x86)\Bayer HealthCare SmartLaunch\bin\BayerHCService.exe [156160 2011-09-19] (Bayer Healthcare LLC) [Datei ist nicht signiert]
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-11-21] (Digital Care Solutions) [Datei ist nicht signiert]
R2 Bufssvr; C:\Program Files (x86)\BUFFALO\SLManagerEasy\Bufssvr.exe [95536 2009-06-17] (BUFFALO INC.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-18] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-18] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-05-30] (Dropbox, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.569\McCHSvc.exe [404376 2017-05-25] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3038864 2015-02-20] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 scan; C:\Program Files\BDServices\scan.dll [627688 2016-11-10] (Bitdefender)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176968 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148104 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG)
S3 bautpw64; C:\Windows\System32\drivers\bautpw64.sys [16000 2009-07-10] (BUFFALO INC.)
S3 btusb64h; C:\Windows\System32\drivers\btusb64h.sys [28728 2009-06-24] (BUFFALO INC.)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-11-10] (BitDefender S.R.L.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-21 12:03 - 2017-06-21 12:04 - 00000000 ____D C:\FRST
2017-06-21 09:43 - 2017-06-21 09:43 - 00000000 ____D C:\ProgramData\Lavasoft
2017-06-20 11:37 - 2017-06-20 11:37 - 00000652 _____ C:\Windows\CompatibilityIssues.txt
2017-06-20 10:50 - 2017-06-20 11:18 - 00000099 _____ C:\Windows\Reimage.ini
2017-06-16 13:52 - 2017-06-16 13:52 - 00123502 _____ C:\Users\TWM\Documents\Wiederholung Angie.pdf
2017-06-16 11:12 - 2017-06-16 11:35 - 00744079 _____ C:\Users\TWM\Documents\Schreiben Anwalt Unterhalt Mai 2017.pdf
2017-06-16 11:09 - 2017-06-16 11:09 - 03159621 _____ C:\Users\TWM\Documents\Arbeitsverträge Klingner.pdf
2017-06-16 10:30 - 2017-06-16 10:30 - 00003544 _____ C:\Windows\System32\Tasks\HP AR Program Upload - a77587706d3b41178ee61ccec06a7cb2c46f7c1c88e14540bfbf20746b833d32
2017-06-14 12:53 - 2017-06-14 12:53 - 00543412 _____ C:\Users\TWM\Documents\Grundbuchauszug.pdf
2017-06-14 06:51 - 2017-06-02 10:28 - 02317824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-14 06:51 - 2017-06-02 10:28 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-14 06:51 - 2017-06-02 10:28 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-06-14 06:51 - 2017-06-02 10:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-06-14 06:51 - 2017-06-02 10:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-06-14 06:51 - 2017-06-02 10:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-06-14 06:51 - 2017-06-02 10:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-14 06:51 - 2017-06-02 10:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-06-14 06:51 - 2017-06-02 10:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-06-14 06:51 - 2017-06-02 10:11 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-14 06:51 - 2017-06-02 10:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-06-14 06:51 - 2017-06-02 10:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-14 06:51 - 2017-06-02 10:10 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-06-14 06:51 - 2017-06-02 10:09 - 01549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-14 06:51 - 2017-06-02 10:09 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-14 06:51 - 2017-06-02 10:09 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-06-14 06:51 - 2017-06-02 10:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-06-14 06:51 - 2017-06-02 10:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-06-14 06:51 - 2017-06-02 10:09 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-06-14 06:51 - 2017-06-02 10:09 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-06-14 06:51 - 2017-06-02 10:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-06-14 06:51 - 2017-06-02 09:58 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-14 06:51 - 2017-06-02 09:58 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-06-14 06:51 - 2017-06-02 09:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-06-14 06:51 - 2017-06-02 09:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-06-14 06:51 - 2017-05-21 06:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-06-14 06:51 - 2017-05-21 06:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-06-14 06:51 - 2017-05-21 06:24 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-06-14 06:51 - 2017-05-21 06:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-06-14 06:51 - 2017-05-21 06:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-06-14 06:51 - 2017-05-21 05:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-06-14 06:51 - 2017-05-21 05:48 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-06-14 06:51 - 2017-05-21 05:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-06-14 06:51 - 2017-05-21 05:48 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-06-14 06:51 - 2017-05-21 05:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-06-14 06:51 - 2017-05-21 05:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-06-14 06:51 - 2017-05-21 05:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-06-14 06:51 - 2017-05-16 20:19 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-14 06:51 - 2017-05-16 19:35 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-14 06:51 - 2017-05-14 22:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-06-14 06:51 - 2017-05-14 22:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-06-14 06:51 - 2017-05-14 22:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-06-14 06:51 - 2017-05-14 22:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-06-14 06:51 - 2017-05-14 22:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-14 06:51 - 2017-05-14 22:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-06-14 06:51 - 2017-05-14 22:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-06-14 06:51 - 2017-05-14 22:24 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-14 06:51 - 2017-05-14 22:19 - 25738752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-14 06:51 - 2017-05-14 22:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-06-14 06:51 - 2017-05-14 22:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-06-14 06:51 - 2017-05-14 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-06-14 06:51 - 2017-05-14 22:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-06-14 06:51 - 2017-05-14 22:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-06-14 06:51 - 2017-05-14 22:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-06-14 06:51 - 2017-05-14 22:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-06-14 06:51 - 2017-05-14 22:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-06-14 06:51 - 2017-05-14 21:57 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-06-14 06:51 - 2017-05-14 21:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-14 06:51 - 2017-05-14 21:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-06-14 06:51 - 2017-05-14 21:47 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-06-14 06:51 - 2017-05-14 21:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-06-14 06:51 - 2017-05-14 21:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-06-14 06:51 - 2017-05-14 21:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-14 06:51 - 2017-05-14 21:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-14 06:51 - 2017-05-14 21:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-06-14 06:51 - 2017-05-14 21:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-06-14 06:51 - 2017-05-14 21:23 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-06-14 06:51 - 2017-05-14 21:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-06-14 06:51 - 2017-05-14 21:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-06-14 06:51 - 2017-05-14 21:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-06-14 06:51 - 2017-05-14 21:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-06-14 06:51 - 2017-05-14 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-06-14 06:51 - 2017-05-14 21:20 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-06-14 06:51 - 2017-05-14 21:19 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-14 06:51 - 2017-05-14 21:18 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-06-14 06:51 - 2017-05-14 21:17 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-14 06:51 - 2017-05-14 21:16 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-06-14 06:51 - 2017-05-14 21:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-06-14 06:51 - 2017-05-14 21:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-06-14 06:51 - 2017-05-14 21:12 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-06-14 06:51 - 2017-05-14 21:11 - 20274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-14 06:51 - 2017-05-14 21:11 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-06-14 06:51 - 2017-05-14 21:10 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-06-14 06:51 - 2017-05-14 21:10 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-14 06:51 - 2017-05-14 21:02 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-06-14 06:51 - 2017-05-14 20:57 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-06-14 06:51 - 2017-05-14 20:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-06-14 06:51 - 2017-05-14 20:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-06-14 06:51 - 2017-05-14 20:54 - 15252992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-14 06:51 - 2017-05-14 20:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-06-14 06:51 - 2017-05-14 20:52 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-06-14 06:51 - 2017-05-14 20:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-14 06:51 - 2017-05-14 20:50 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-14 06:51 - 2017-05-14 20:49 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-06-14 06:51 - 2017-05-14 20:44 - 04549120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-14 06:51 - 2017-05-14 20:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-06-14 06:51 - 2017-05-14 20:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-14 06:51 - 2017-05-14 20:39 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-14 06:51 - 2017-05-14 20:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-06-14 06:51 - 2017-05-14 20:37 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-14 06:51 - 2017-05-14 20:30 - 13664768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-14 06:51 - 2017-05-14 20:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-06-14 06:51 - 2017-05-14 20:15 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-06-14 06:51 - 2017-05-14 20:11 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-14 06:51 - 2017-05-14 20:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-06-14 06:51 - 2017-05-12 20:27 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-06-14 06:51 - 2017-05-12 20:26 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-14 06:51 - 2017-05-12 20:26 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-06-14 06:51 - 2017-05-12 20:26 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-14 06:51 - 2017-05-12 20:24 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:07 - 04001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-06-14 06:51 - 2017-05-12 20:07 - 03945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-06-14 06:51 - 2017-05-12 20:07 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-14 06:51 - 2017-05-12 20:04 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 19:55 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-06-14 06:51 - 2017-05-12 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-06-14 06:51 - 2017-05-12 19:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-06-14 06:51 - 2017-05-12 19:52 - 03222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-06-14 06:51 - 2017-05-12 19:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-06-14 06:51 - 2017-05-12 19:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-06-14 06:51 - 2017-05-12 19:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-06-14 06:51 - 2017-05-12 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-14 06:51 - 2017-05-12 19:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-06-14 06:51 - 2017-05-12 19:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-06-14 06:51 - 2017-05-12 19:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-06-14 06:51 - 2017-05-12 19:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-06-14 06:51 - 2017-05-12 19:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 19:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 19:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 19:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-06-14 06:51 - 2017-05-12 18:25 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-14 06:51 - 2017-05-12 17:58 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-14 06:51 - 2017-05-12 17:58 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-14 06:51 - 2017-05-10 17:33 - 00091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-06-14 06:51 - 2017-05-10 17:29 - 14183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-14 06:51 - 2017-05-10 17:29 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-06-14 06:51 - 2017-05-10 17:29 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-06-14 06:51 - 2017-05-10 17:29 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-06-14 06:51 - 2017-05-10 17:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-06-14 06:51 - 2017-05-10 17:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-06-14 06:51 - 2017-05-10 17:16 - 00091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2017-06-14 06:51 - 2017-05-10 17:14 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-14 06:51 - 2017-05-10 17:13 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-06-14 06:51 - 2017-05-10 17:13 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-06-14 06:51 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-06-14 06:51 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-06-14 06:51 - 2017-05-10 17:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-06-14 06:51 - 2017-05-10 17:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-06-14 06:51 - 2017-05-10 17:12 - 12880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-14 06:51 - 2017-05-10 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-06-14 06:51 - 2017-05-10 17:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-06-14 06:51 - 2017-05-10 17:00 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-06-14 06:51 - 2017-05-10 17:00 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-06-14 06:51 - 2017-05-10 17:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-06-14 06:51 - 2017-05-10 17:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-06-14 06:51 - 2017-05-10 16:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-14 06:51 - 2017-05-09 17:30 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-14 06:51 - 2017-05-09 17:29 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-14 06:51 - 2017-05-09 17:15 - 00071680 _____ C:\Windows\system32\PrintBrmUi.exe
2017-06-14 06:51 - 2017-05-09 17:11 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-06-14 06:51 - 2017-05-07 17:33 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-06-14 06:51 - 2017-05-07 17:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-06-14 06:51 - 2017-04-28 00:50 - 03550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-14 06:51 - 2017-04-12 15:05 - 04296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-14 06:51 - 2017-03-30 17:03 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-06-14 06:51 - 2017-03-30 16:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2017-06-13 06:17 - 2017-06-13 06:17 - 00255558 _____ C:\Users\TWM\Documents\Angebot Stahljoch1.pdf
2017-06-09 02:44 - 2017-06-09 02:44 - 00000000 _____ C:\Windows\SysWOW64\MyOSProtect.dll
2017-06-07 19:06 - 2017-06-07 19:06 - 05107619 _____ C:\Users\TWM\Documents\Versicherungen Kopien.pdf
2017-06-01 02:50 - 2017-06-01 02:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-30 12:22 - 2017-05-30 12:22 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-05-30 11:09 - 2017-05-30 11:09 - 00741729 _____ C:\Users\TWM\Documents\Unterhaltsschreiben 16.05.2017.pdf
2017-05-30 10:43 - 2017-05-30 10:43 - 00658275 _____ C:\Users\TWM\Documents\EÜRechnug 2015.pdf
2017-05-30 10:14 - 2017-05-30 10:14 - 00310738 _____ C:\Users\TWM\Documents\Kaufvertrag Renault Twingo.pdf
2017-05-30 10:03 - 2017-05-30 10:03 - 00641679 _____ C:\Users\TWM\Documents\Kaufvertrag Opel Vectra an Nico.pdf
2017-05-30 09:55 - 2017-05-30 09:55 - 00346217 _____ C:\Users\TWM\Documents\IKK Fam Vers Beitragsfrei.pdf
2017-05-30 08:59 - 2017-05-30 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-05-30 08:59 - 2017-05-30 08:59 - 00000000 ____D C:\ProgramData\McAfee Security Scan

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-21 12:04 - 2014-10-10 13:30 - 00000000 ____D C:\Users\TWM\Downloads\Neuer Ordner
2017-06-21 12:00 - 2009-07-14 06:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-21 12:00 - 2009-07-14 06:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-21 11:16 - 2016-08-19 19:19 - 00000390 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2017-06-21 09:43 - 2012-02-26 07:26 - 00699432 _____ C:\Windows\system32\perfh007.dat
2017-06-21 09:43 - 2012-02-26 07:26 - 00149572 _____ C:\Windows\system32\perfc007.dat
2017-06-21 09:43 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-21 09:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-06-21 06:32 - 2016-11-29 12:33 - 00000396 _____ C:\Windows\Tasks\PC Health Advisor Defrag.job
2017-06-20 12:17 - 2014-08-03 20:47 - 00000000 ____D C:\Users\TWM\Documents\angie
2017-06-20 11:38 - 2016-03-04 00:01 - 00001908 _____ C:\Windows\diagwrn.xml
2017-06-20 11:38 - 2016-03-04 00:01 - 00001908 _____ C:\Windows\diagerr.xml
2017-06-20 10:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-06-20 10:45 - 2014-06-10 16:29 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2017-06-20 10:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-20 10:44 - 2012-02-28 10:21 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-20 10:37 - 2012-02-25 22:39 - 00000000 ____D C:\Users\TWM
2017-06-20 10:35 - 2014-03-17 21:23 - 00000000 ____D C:\Program Files (x86)\Avira
2017-06-20 10:33 - 2014-03-17 21:23 - 00000000 ____D C:\ProgramData\Avira
2017-06-20 09:40 - 2016-11-29 12:33 - 00000378 _____ C:\Windows\Tasks\PC Health Advisor.job
2017-06-19 15:03 - 2016-05-28 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-06-19 15:03 - 2016-01-18 13:58 - 00000400 _____ C:\Windows\ODBC.INI
2017-06-19 15:03 - 2009-07-14 04:34 - 00000499 _____ C:\Windows\win.ini
2017-06-19 14:44 - 2015-09-08 13:18 - 00000000 ____D C:\Users\TWM\Documents\Steuer
2017-06-18 08:14 - 2016-09-14 10:43 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTWM
2017-06-18 08:14 - 2016-09-14 10:43 - 00000324 _____ C:\Windows\Tasks\HPCeeScheduleForTWM.job
2017-06-17 05:49 - 2016-11-29 12:32 - 00000452 _____ C:\Windows\Tasks\PC Health Advisor Aktualisierung.job
2017-06-15 10:51 - 2009-07-14 06:45 - 03742328 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-15 10:49 - 2013-03-14 04:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-15 10:49 - 2013-03-14 04:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-15 03:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-06-15 03:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-15 03:05 - 2013-03-14 04:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-15 03:04 - 2013-08-01 03:00 - 00000000 ____D C:\Windows\system32\MRT
2017-06-15 03:02 - 2012-03-04 22:12 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-14 12:10 - 2014-11-21 14:12 - 00123392 ___SH C:\Users\TWM\Documents\Thumbs.db
2017-06-13 06:23 - 2013-09-24 10:15 - 00000000 ___RD C:\Users\TWM\Desktop\H&H
2017-06-12 06:56 - 2016-11-17 15:26 - 00000000 ____D C:\Users\TWM\Desktop\Monatserhebungsbogen
2017-06-01 02:51 - 2015-06-16 08:00 - 00000000 ____D C:\Users\TWM\AppData\Local\Dropbox
2017-06-01 02:50 - 2016-05-18 14:42 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-05-30 08:59 - 2015-11-17 15:53 - 00000000 ____D C:\Program Files\McAfee Security Scan

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-24 13:08 - 2014-09-24 13:16 - 175124976 _____ () C:\Program Files (x86)\avira_antivirus_pro_de.exe
2015-09-28 17:26 - 2015-09-28 17:26 - 0000305 _____ () C:\Users\TWM\AppData\Roaming\adxloader.dll.manifest
2015-05-20 12:55 - 2015-05-20 12:55 - 0000247 _____ () C:\Users\TWM\AppData\Roaming\Excel-Tools.url
2015-11-05 17:04 - 2015-11-05 17:04 - 0593877 _____ () C:\Users\TWM\AppData\Roaming\SmartTools Monatskalender für Excel.pdf
2013-10-14 04:58 - 2013-10-14 04:58 - 0000305 _____ () C:\Users\TWM\AppData\Roaming\STP_XL-MONATSKALENDER.lic
2013-01-22 20:40 - 2016-09-10 14:58 - 0040448 _____ () C:\Users\TWM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-19 10:14 - 2016-05-19 10:14 - 0004096 ____H () C:\Users\TWM\AppData\Local\keyfile3.drm
2017-04-20 13:07 - 2017-04-20 13:07 - 0001494 _____ () C:\Users\TWM\AppData\Local\recently-used.xbel
2015-01-28 19:55 - 2015-01-28 19:55 - 0000000 _____ () C:\Users\TWM\AppData\Local\{2DA02A43-5869-4AF6-A510-E15BFA49EFA5}
2014-08-03 07:21 - 2014-08-03 07:21 - 0000000 _____ () C:\Users\TWM\AppData\Local\{3B4C1157-6E73-48CF-816A-55D0362793F4}
2015-06-12 14:01 - 2015-06-12 14:01 - 0000000 _____ () C:\Users\TWM\AppData\Local\{7DD71F28-CE3D-462C-B241-992B5F175DE8}
2015-05-07 16:10 - 2015-05-07 16:10 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-02-27 22:15 - 2016-10-30 08:04 - 0007513 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
2016-08-16 09:48 - 2016-08-16 09:48 - 0488960 _____ () C:\Users\TWM\AppData\Local\Temp\sqlite3.exe

Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\MyOSProtect.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-02-18 01:23

==================== Ende von FRST.txt ============================

Micha679 · 21.06.2017, 13:39

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-06-2017 01
durchgefÃ¼hrt von TWM (21-06-2017 12:04:42)
Gestartet von C:\Users\TWM\Downloads\Neuer Ordner
Windows 7 Professional Service Pack 1 (X64) (2012-02-25 20:39:15)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3198404451-3515860044-3934060500-500 - Administrator - Disabled)
Gast (S-1-5-21-3198404451-3515860044-3934060500-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3198404451-3515860044-3934060500-1002 - Limited - Enabled)
Micha (S-1-5-21-3198404451-3515860044-3934060500-1024 - Limited - Enabled)
Test 1 (S-1-5-21-3198404451-3515860044-3934060500-1023 - Limited - Disabled)
TWM (S-1-5-21-3198404451-3515860044-3934060500-1000 - Administrator - Enabled) => C:\Users\TWM

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Out of date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Out of date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 15.11 beta (x64) (HKLM\...\7-Zip) (Version: 15.11 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Ashampoo Office 2010 (HKLM-x32\...\{8EBB8452-274B-465D-8324-00B0832FBB00}) (Version: 10.0.584 - ashampoo GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.26.48 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{897e4d08-9554-48e9-ba07-ce6040867fa3}) (Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{A4DF9D2A-AB95-4F30-9CA4-2F49662BA39D}) (Version: 2.0.2.27024 - Avira Operations GmbH & Co. KG)
AVM FRITZ!Box AddOn (IE) (x64) (HKLM\...\{EC3671D7-98AC-4951-8FFD-5556BE066137}) (Version: 1.7.0 - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BUFFALO eco Manager for HD (HKLM-x32\...\UN080616) (Version:  - )
BUFFALO SecureLockManagerEasy for HD (HKLM-x32\...\UN090430) (Version:  - )
BUFFALO TurboUSB for FLASH/HDD (HKLM-x32\...\UN070618) (Version:  - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.7.0.11 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.10 (HKLM-x32\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.2.1.13 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 27.4.22 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GLUCOFACTSÂ® Deluxe Smart Launch (HKLM-x32\...\{C7D7CD34-A0E1-48E8-A654-840DC3026BFA}) (Version: 1.14.01 - Bayer HealthCare)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HP Officejet Pro 8620 - Grundlegende Software fÃ¼r das GerÃ¤t (HKLM\...\{3553E197-7E1A-4B30-B6F0-68507850DDB3}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Photo Creations (HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\HP Photo Creations) (Version: 1.0.0.22032 - HP)
HP Support Assistant (HKLM-x32\...\{56D27851-B9A6-430F-875A-E2D7A3802C7B}) (Version: 8.3.34.7 - HP Inc.)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.569.1 - McAfee, Inc.)
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
meinHausplaner (HKLM-x32\...\meinHausplaner) (Version:  - )
Memeo Backup (HKLM-x32\...\{82B2DB92-98CA-4a0e-B1BD-18B6E2D320CB}) (Version:  - Memeo Inc.)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA nView 146.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 146.33 - NVIDIA Corporation)
NVIDIA WMI 2.20.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.20.0 - NVIDIA Corporation)
ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.2.4.0 - ParetoLogic, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
Sony PC Companion 2.10.245 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.245 - Sony)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update fÃ¼r Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update fÃ¼r Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update fÃ¼r Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\TWM\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\TWM\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\TWM\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\TWM\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\TWM\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0BBE7593-CD64-4D69-827B-68413DB44DAC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-18] (Dropbox, Inc.)
Task: {0CD802E4-652B-41A3-A4C0-9260D8AD4577} - System32\Tasks\Microsoft\Windows\PLA\System\{E4D5643C-794C-498D-AAB0-63B211DEA87E}_System Diagnostics => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "system\System Diagnostics" "$(Arg0)"
Task: {145273E1-1C87-4C63-904D-4D2817B74719} - System32\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-4 => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-4.exe <==== ACHTUNG
Task: {1615AE9B-4134-4658-9577-0131C5767EA7} - System32\Tasks\{79790CDF-9A00-41BD-BFBB-EDDF78E3D910} => D:\Windows_7_Vista_XP_x64\setup.exe
Task: {227577A1-20AF-4319-B880-D0CDC2D9BF1D} - System32\Tasks\HP AR Program Upload - a77587706d3b41178ee61ccec06a7cb2c46f7c1c88e14540bfbf20746b833d32 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {2704C542-961B-4A7B-B796-18471B5C0651} - System32\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-1 => C:\Program Files (x86)\videos+Media+Players\videos+Media+Players-codedownloader.exe <==== ACHTUNG
Task: {296EFC30-20EF-4DB5-8033-F48C8514EF4C} - System32\Tasks\{FCCE5891-F9BF-4059-A946-597122BE2486} => pcalua.exe -a D:\setup.exe -d D:\
Task: {2F218F8E-6CEE-4547-BA21-9189C93803FC} - System32\Tasks\{979F5672-777A-4AF1-B2EB-9B2DAD345081} => pcalua.exe -a D:\Windows_7_Vista_XP_x64\client\instwcli.exe -d D:\Windows_7_Vista_XP_x64\client
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {3B7C3A86-1F9F-4FAD-BC6F-71EF56EB7353} - System32\Tasks\{2127DC6C-E259-4074-A559-CF0AE2BC2EC2} => pcalua.exe -a C:\Users\TWM\AVM_Driver\FWLAN\setup.exe -d C:\Users\TWM\AVM_Driver\FWLAN
Task: {45821291-CD75-4E61-8EF2-47D283CE3FE9} - System32\Tasks\PC Health Advisor Aktualisierung => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2016-11-23] (ParetoLogic) <==== ACHTUNG
Task: {4721B991-97E9-49E4-A263-5149F1DD448B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {49796332-E49D-4807-B858-88A29B50BF91} - System32\Tasks\{6FEBAA14-B203-4619-B618-5F092539DEAE} => pcalua.exe -a "E:\GLUCOFACTS Deluxe Smart Launch - Win.exe" -d E:\
Task: {5072B7B4-CB94-4093-9894-B16D841F8892} - System32\Tasks\{80A61DD8-F660-486E-8086-D8F6A7C29389} => C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE [2007-05-31] (Microsoft Corporation)
Task: {523D9170-1CEF-4E82-8419-E551FF503F9D} - System32\Tasks\{4F08D4FA-7EAB-4D91-B95A-BADB14E21F13} => C:\Program Files (x86)\avmwlanstick\WLanGUI.exe [2010-10-22] (AVM Berlin)
Task: {58BFD19D-CC5A-4B04-AC42-B90EAE489005} - System32\Tasks\{17833267-04B0-41A5-B566-E69F273EF69D} => C:\Program Files\HP\HP Officejet Pro 8620\Bin\hpqDTSS.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {5A976AA8-8D65-4DB9-B322-141D11001A4C} - System32\Tasks\HP Photo Creations Communicator => C:\Users\TWM\AppData\Roaming\HP Photo Creations\Communicator.exe [2016-10-13] ()
Task: {5C0384B8-019B-4C98-B8C4-3A671375B453} - System32\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-11 => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-11.exe <==== ACHTUNG
Task: {5FD5D07D-0C89-499F-AC83-E90E4CA5B4B0} - System32\Tasks\{A8FF8F1A-90C0-4FC5-8F75-64785BC4A516} => pcalua.exe -a C:\Users\TWM\AVM_Driver\FWLAN\pushinst.exe -d C:\Users\TWM\AVM_Driver\FWLAN
Task: {613EEDA8-01EE-472B-96E2-676B6465DA02} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Keine Datei <==== ACHTUNG
Task: {6909A8FE-3687-4D19-A6AB-3E072D7CA947} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
Task: {6BA2CA05-226A-415B-9719-F44649D76E12} - System32\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5_user => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5.exe <==== ACHTUNG
Task: {7B3B0195-46B1-4BC4-BA74-A9F7DF245E13} - System32\Tasks\ScanToPCActivationApp.exe_{419C7EC8-04C8-4993-AA74-98C2C14D635B} => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {7E30BC3F-9F8A-4DD3-B5B0-0FBFEACCD220} - System32\Tasks\HP AR Program Upload - d8ab0ec8bfd94271a892b50c2348e4232b684d346bb54525a71ce453801aa972 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {829C19BE-F899-471E-831B-F579D012F8B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {8E7AE715-D798-4625-8517-54EA9454A3AD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {927C5E7C-C039-48B9-9CF4-86EC312D0085} - System32\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-2 => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-2.exe <==== ACHTUNG
Task: {94466910-25BF-418C-9610-608A5CE1EF3D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {9E4C7966-3AB2-4F04-B96C-D98CF6234D84} - System32\Tasks\{CC7B2FD0-BBD5-4661-A019-031021441417} => C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE [2007-05-31] (Microsoft Corporation)
Task: {A1883EDE-9EC1-4B1B-A31D-35517F888226} - System32\Tasks\HP AR Program Upload - 5b40295b300042c2af6465fc40c7bb14988b2977f00c442cb3ed8218fe923f98 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {A5D31D5A-B287-4341-AE96-0F58F0EA1668} - System32\Tasks\HP AR Program Upload - 0eafe6a3444446a1aa5b7703d86ef385de5167da1b0941739b9ac101d7b0db5d => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {A912CCC1-82D4-4603-90F8-A7F0D4375B0D} - System32\Tasks\{C2388A28-B5AC-4960-A87B-07C04FD3CDB0} => C:\Program Files (x86)\avmwlanstick\WLanGUI.exe [2010-10-22] (AVM Berlin)
Task: {A9223E09-B613-4251-93D4-200F4FAB62D0} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2016-11-23] (ParetoLogic) <==== ACHTUNG
Task: {A9C6CD6D-AEF8-4561-A309-9E1FC22C08AE} - System32\Tasks\{64E7D99F-6CF1-4421-AD0B-56F34BCE3FE4} => C:\Program Files (x86)\FRITZ!\FriFax32.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {AC844829-A448-4DD8-A8EF-950939D99DE0} - System32\Tasks\{F15EE905-CC18-43CF-AF00-6D9C071F7019} => pcalua.exe -a C:\Users\TWM\Downloads\irfanview_plugins_437_setup.exe -d C:\Users\TWM\Desktop
Task: {AD6A4B74-12AA-49D0-82F5-E61DC93DD766} - System32\Tasks\HPCeeScheduleForTWM => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {B0377174-8DFA-42CE-96CF-092308DC79A3} - System32\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-6 => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-6.exe <==== ACHTUNG
Task: {B7CB8B32-756C-4FD3-82B8-304A718E1061} - System32\Tasks\{FE433D25-B1A0-45E6-958D-F0092A88B108} => pcalua.exe -a C:\Windows\TEMP\avast_ash\IrfanView\iview436_setup.exe -d "C:\Program Files\AVAST Software\Avast" <==== ACHTUNG
Task: {B9ACDB66-0523-4C5A-BA0B-CE49DF3EC082} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2016-11-23] (ParetoLogic) <==== ACHTUNG
Task: {B9B1F7AF-811D-454B-B76E-3A6DEC916D40} - System32\Tasks\7c37cba4-4d78-4d6b-9692-269e2ea547e0 => C:\Program Files (x86)\videos+Media+Players\7c37cba4-4d78-4d6b-9692-269e2ea547e0.exe <==== ACHTUNG
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Keine Datei <==== ACHTUNG
Task: {D4A9C230-07BA-44B6-AF3D-F6A2D2ECED4C} - System32\Tasks\{326690A8-AE0F-42CF-AE88-FE4192F50EB4} => pcalua.exe -a F:\Windows\TOOL\USB\TurboUSB\bubdinst.exe -d F:\Windows\TOOL\USB\TurboUSB
Task: {D4EC9A22-FB8C-482C-88D8-3DAA354996F9} - System32\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-3 => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-3.exe <==== ACHTUNG
Task: {D592D314-6AEC-4E9C-A1A7-D5D0B9FCC011} - System32\Tasks\HP AR Program Upload - cf761f60de2042ebb1a35b115c52b477c06fca82565145b0be84c214ca404f8e => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {D6EB8D60-7696-46A0-9CA4-C9B1C99CFDDD} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ACHTUNG
Task: {D9A5E5A6-DFB0-4178-880F-832A2FA9C5B7} - System32\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-7 => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-7.exe <==== ACHTUNG
Task: {DA9DAF94-DA7B-4A2A-AF9E-85E2F8996D23} - System32\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5 => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5.exe <==== ACHTUNG
Task: {E0BD3517-F69D-4A69-91A3-8FF7BC02BDF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {E3F0235D-3CE8-487C-B44C-A9338833A4E1} - System32\Tasks\GoogleUpdateTaskMachineCore1d1abfc37ae41d8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E51D8F5E-C467-4487-BCB7-E60DBA51B9C9} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Keine Datei <==== ACHTUNG
Task: {E998FDBF-36A5-45CA-8090-1A8BB20E99E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {E9F35B68-9841-4108-8D99-796131D5130D} - System32\Tasks\{72345CE4-F2FE-459A-AB83-5EF5942ABBE3} => pcalua.exe -a "C:\Program Files (x86)\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe" -c /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
Task: {EAC52138-E1A4-421D-8A8D-5454666C0130} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-10-21] (Apple Inc.)
Task: {F18B299E-F326-41F9-869F-1A03FC602E57} - System32\Tasks\GoogleUpdateTaskMachineUA1d1abfc38323768 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Keine Datei <==== ACHTUNG
Task: {FF938166-9716-452B-AE98-C9109AC5A258} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-18] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-1.job => C:\Program Files (x86)\videos+Media+Players\videos+Media+Players-codedownloader.exe <==== ACHTUNG
Task: C:\Windows\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-11.job => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-11.exe <==== ACHTUNG
Task: C:\Windows\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-2.job => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-2.exe <==== ACHTUNG
Task: C:\Windows\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-3.job => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-3.exe <==== ACHTUNG
Task: C:\Windows\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-4.job => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-4.exe <==== ACHTUNG
Task: C:\Windows\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5.job => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5.exe <==== ACHTUNG
Task: C:\Windows\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5_user.job => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5.exe <==== ACHTUNG
Task: C:\Windows\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-6.job => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-6.exe <==== ACHTUNG
Task: C:\Windows\Tasks\49d8c509-24c2-4c20-9811-4b0788a2dbc9-7.job => C:\Program Files (x86)\videos+Media+Players\49d8c509-24c2-4c20-9811-4b0788a2dbc9-7.exe <==== ACHTUNG
Task: C:\Windows\Tasks\7c37cba4-4d78-4d6b-9692-269e2ea547e0.job => C:\Program Files (x86)\videos+Media+Players\7c37cba4-4d78-4d6b-9692-269e2ea547e0.exe È˜/agentregpath='videos+Media+Players' /appid=64969 /srcid='002082' /subid='verticals-Intext,Shopping,ads' /zdata='0' /bic=FA19C09D31224E7ABE2CF39BE8183EBDIE /verifier=039fb977dfc78e798070aec9b5b3f55f /installerversion=1_35_09_16 /installationtime=1411679086 /statsdomain=hxxp:/stats.newclientstaticsrv.com /errorsdomain=hxxp:/errors.newclientstaticsrv.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,184-0 /monetizationdomain=hxxp:/logs.newclientstaticsrv.com <==== ACHTUNG
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\Users\TWM\AppData\Roaming\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTWM.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PC Health Advisor Aktualisierung.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ACHTUNG
Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ACHTUNG
Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ACHTUNG

==================== VerknÃ¼pfungen & WMI ========================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)


Shortcut: C:\Users\TWM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Meine Websites auf MSN\target.lnk -> hxxp://www.msnusers.co

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-11-23 11:08 - 2015-02-20 01:44 - 03038864 _____ () C:\Windows\system32\nvwmi64.exe
2012-11-19 04:07 - 2015-02-05 21:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-21 10:47 - 2006-02-23 12:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2016-08-26 20:25 - 2016-08-26 20:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2017-05-12 01:26 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-12 01:26 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-06-01 02:49 - 2017-05-30 12:19 - 00775488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-06-01 02:49 - 2017-05-30 12:19 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2016-05-18 14:47 - 2017-05-12 04:25 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-05-18 14:47 - 2017-05-12 04:25 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-05-18 14:47 - 2017-05-12 04:25 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-05-18 14:47 - 2017-05-30 12:21 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-05-18 14:47 - 2017-05-12 04:25 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-05-18 14:47 - 2017-05-12 04:25 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-06-01 02:49 - 2017-05-12 04:25 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-06-01 02:49 - 2017-05-12 04:25 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-06-01 02:49 - 2017-05-12 04:25 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-05-18 14:47 - 2017-05-12 04:27 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-06 10:01 - 2017-05-30 12:22 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-06-01 02:49 - 2017-05-12 04:25 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-06-01 02:49 - 2017-05-12 04:27 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-05-18 14:47 - 2017-05-30 12:21 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-06 10:01 - 2017-05-30 12:22 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-17 22:49 - 2017-05-30 12:22 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2016-05-18 14:47 - 2017-05-30 12:22 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-05-18 14:47 - 2017-05-12 04:25 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-02-28 09:28 - 2017-05-30 12:22 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-01-24 01:07 - 2017-05-30 12:22 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-01-24 01:07 - 2017-05-30 12:22 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 01:07 - 2017-05-30 12:22 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 01:07 - 2017-05-30 12:22 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-05-18 14:47 - 2017-05-12 04:27 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-05-18 14:47 - 2017-05-30 12:22 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-06-01 02:49 - 2017-05-30 12:21 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-06-01 02:49 - 2017-05-12 04:20 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-06-01 02:49 - 2017-05-30 12:21 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-12 06:42 - 2017-05-30 12:21 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-06-01 02:49 - 2017-05-12 04:30 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-06-01 02:49 - 2017-05-12 04:30 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-08-06 10:01 - 2017-05-30 12:22 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2015-10-13 06:46 - 2015-10-13 06:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\TWM\Desktop\Exel Kundendatei:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\TWM\Documents\2016-01-05 12.31.56.jpg:com.dropbox.attributes [1014]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7777 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7777 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2009-07-14 04:34 - 2012-12-11 17:53 - 00444830 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	www.10sek.com
127.0.0.1	10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	www.123fporn.info
127.0.0.1	123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15268 zusÃ¤tzliche EintrÃ¤ge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TWM\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

MSCONFIG\startupreg: (default) => 
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: EPSON Stylus DX4200 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAEE.EXE /F "C:\Windows\TEMP\E_S9675.tmp" /EF "HKLM"
MSCONFIG\startupreg: EPSON Stylus DX4800 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIADE.EXE /F "C:\Windows\TEMP\E_S5CA.tmp" /EF "HKLM"
MSCONFIG\startupreg: mbot_de_107 => 
MSCONFIG\startupreg: nwiz => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{B91FE04E-5114-4D53-B225-8CDB1459E906}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{BD74D6D3-5F67-48C0-88F2-0773DCBA8C14}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{88EF0A51-6307-4F24-8895-A376A8D2C9E2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{85E0CD24-A627-466C-BA16-FD23A63D1FFC}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{919B532E-E666-42DC-8BF3-841449584E4F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{83B8334E-E64E-43E6-883E-E65740F9B99D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{7FF65D91-2FA6-4DC7-8481-A22D11AAFFFC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{879D3878-9CF1-400E-80B4-7B53D4B30981}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E24CC750-2593-4EA3-B221-6A5220BFE430}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{2A7486C3-7F87-4917-961E-EE82304D5B40}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{EC563ECB-E033-43CB-94E4-0899D4859BD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{2ADB085A-E6B8-4ED5-BD68-0D10FDFB27B3}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{92B2E2CF-0C9E-4694-A203-58B4CCEBCBC8}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{3AF2F758-EE5C-40CF-9CDE-F9E745D880D3}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{B6538530-79F3-4005-9CF5-EC9C50DE4EC8}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{9CD3555B-1DDF-4811-B376-37F1AD8024AB}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{C097D98F-DD11-4724-9188-9B75DED1DB23}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{FF92D6A7-8523-492E-B63B-CC6648DA952D}] => (Allow) LPort=5031
FirewallRules: [{E6A635A6-345C-40FD-9EEC-2DA8AABEDA8E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BCC98187-5286-404B-922D-88F8216D3558}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{343B9E04-7048-4704-8DF7-315362C6C1A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{34F69827-5642-4E9D-8DDF-5973F18BE6EF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1B030D37-4140-4ECA-B53C-B24E51506334}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{BF2E0666-0F45-420F-B3E2-2B226F6304A0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{F83D6847-384F-4F52-85C6-8C8F38305DF8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe
FirewallRules: [{D83C7E39-64B0-43BB-91FD-EF99F8ABEA99}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe
FirewallRules: [{D8E72271-72CA-478B-BFB7-A984D2244A50}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe
FirewallRules: [{0CA86830-814F-434D-B25A-9EF2CFA76CFE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe
FirewallRules: [{41574400-A341-498E-B788-2A1175D39C6A}] => (Allow) LPort=5357
FirewallRules: [{0A0C1205-4234-495C-822A-BE35EC179514}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{BD988D53-1BCF-4FFB-AB8F-1609E34EF577}C:\users\twm\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\twm\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7BA9EBD4-9409-41B8-96E4-109EA2810D0F}C:\users\twm\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\twm\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{D84D8C69-3ADB-4ECB-9065-623A3FF700BE}C:\program files (x86)\fritz!\friver32.exe] => (Allow) C:\program files (x86)\fritz!\friver32.exe
FirewallRules: [UDP Query User{03087E99-B455-40ED-9031-29C7B8941B11}C:\program files (x86)\fritz!\friver32.exe] => (Allow) C:\program files (x86)\fritz!\friver32.exe
FirewallRules: [{7179BA59-3C57-42C9-B97B-9631C83BDD6E}] => (Block) C:\program files (x86)\fritz!\friver32.exe
FirewallRules: [{C290966D-D8BD-401E-9754-97354DFF9D0F}] => (Block) C:\program files (x86)\fritz!\friver32.exe
FirewallRules: [{3B63F083-53BD-45DD-806F-A30C2E02E34F}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS3AA8\HPDiagnosticCoreUI.exe
FirewallRules: [{343C83FC-10AE-477D-9D4E-351A97D9CDCF}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS3AA8\HPDiagnosticCoreUI.exe
FirewallRules: [{56DCD6A6-15BC-46E0-9FEA-C03490D20DA9}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS0C5F\HPDiagnosticCoreUI.exe
FirewallRules: [{94C8A6E9-1A67-4027-BB4C-9DB93C65A13E}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS0C5F\HPDiagnosticCoreUI.exe
FirewallRules: [{741E50E5-216D-46B6-9ED7-CDBE112F05B1}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS4AA2\HPDiagnosticCoreUI.exe
FirewallRules: [{66D76E27-EFFC-4E3C-AFE2-9B9D37F15AFB}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS4AA2\HPDiagnosticCoreUI.exe
FirewallRules: [{2272E7B3-F053-49EF-B9B4-17A832B51736}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS5943\HPDiagnosticCoreUI.exe
FirewallRules: [{A10A7BBC-D8FF-4A88-9AEA-58F141F952FD}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS5943\HPDiagnosticCoreUI.exe
FirewallRules: [{8E54BED3-FBEE-4EC8-9F21-3EDA896EA96C}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS2299\HPDiagnosticCoreUI.exe
FirewallRules: [{488CAB3C-12FE-4ED4-9144-1CEA0CEBA879}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS2299\HPDiagnosticCoreUI.exe
FirewallRules: [{E0AF62F4-FE2C-4CC3-9A2E-DB7A39CD0D76}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS24F9\HPDiagnosticCoreUI.exe
FirewallRules: [{E4D1626E-0034-4475-92D6-22A2D4A1DB1C}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS24F9\HPDiagnosticCoreUI.exe
FirewallRules: [{6B3A8F50-083C-46CE-8F7D-469749CFD3F3}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS255E\HPDiagnosticCoreUI.exe
FirewallRules: [{FDACCF66-D2FA-4B84-82F2-5CFF7D6C9A1E}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS255E\HPDiagnosticCoreUI.exe
FirewallRules: [{2F24933C-5D06-4BD5-801C-59D53EFE48CE}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS4187\HPDiagnosticCoreUI.exe
FirewallRules: [{9DD17FE5-F3AE-44C8-ADF5-077AAFF21B02}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS4187\HPDiagnosticCoreUI.exe
FirewallRules: [{75486000-2DF9-406D-BEEB-87FED51800A8}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS1CD8\HPDiagnosticCoreUI.exe
FirewallRules: [{F12D8498-48E8-4F07-A61F-F1BAEE7F0B4B}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS1CD8\HPDiagnosticCoreUI.exe
FirewallRules: [{B04F4F59-C81D-46EF-8A3E-59B0C6436982}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS1F1A\HPDiagnosticCoreUI.exe
FirewallRules: [{016B662B-52C1-4C5C-85EF-09B199B488E8}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS1F1A\HPDiagnosticCoreUI.exe
FirewallRules: [{CA4878B9-BB9E-4B93-8735-1AF02846E4AC}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS6BF4\HPDiagnosticCoreUI.exe
FirewallRules: [{2C1EB447-A5E9-4786-B0A8-E6F046C91D7A}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS6BF4\HPDiagnosticCoreUI.exe
FirewallRules: [{8A4F68D6-E2AB-43FE-9234-FC5E4384DBCE}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS12A7\HPDiagnosticCoreUI.exe
FirewallRules: [{81331B20-AC7C-43B0-AA06-6A5DCB28C6B7}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS12A7\HPDiagnosticCoreUI.exe
FirewallRules: [{8D53E66D-C90E-4716-811A-1245AE2BB7A4}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS12F5\HPDiagnosticCoreUI.exe
FirewallRules: [{4E0BF00D-89EB-42E0-9263-10FA43BF2E6D}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS12F5\HPDiagnosticCoreUI.exe
FirewallRules: [{DA658C41-C68F-4E5B-A95B-A4AE27A08F0A}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS176C\HPDiagnosticCoreUI.exe
FirewallRules: [{11E92633-A62C-46C2-8B28-505502AEA421}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS176C\HPDiagnosticCoreUI.exe
FirewallRules: [{25167FB9-1724-44C5-831B-A4A91E6A9618}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS2E38\HPDiagnosticCoreUI.exe
FirewallRules: [{80CDDD7C-C9D9-4EDB-BB7E-477664DA8D88}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS2E38\HPDiagnosticCoreUI.exe
FirewallRules: [{8675C16C-F9E5-420F-92EF-D1FEDFE275F9}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS31BA\HPDiagnosticCoreUI.exe
FirewallRules: [{6B0F4F58-E789-4C8F-8874-7DD7415B60FE}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS31BA\HPDiagnosticCoreUI.exe
FirewallRules: [{C3B320F3-EBB0-488C-BCCF-1601028B3E29}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS3757\HPDiagnosticCoreUI.exe
FirewallRules: [{965BC515-D070-41F6-A438-FA5F6D9F2631}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS3757\HPDiagnosticCoreUI.exe
FirewallRules: [{760696EC-8040-46BC-B104-EDCF581B94B7}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS66DB\HPDiagnosticCoreUI.exe
FirewallRules: [{3D3BC505-1963-42DF-9029-6EAE0B679A2C}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS66DB\HPDiagnosticCoreUI.exe
FirewallRules: [{F89BC758-5043-4F22-8538-9BD96D1F768E}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS69F8\HPDiagnosticCoreUI.exe
FirewallRules: [{561C4A52-646A-4AD2-AECA-753867E20224}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS69F8\HPDiagnosticCoreUI.exe
FirewallRules: [{B2DFD578-784D-42C1-9DDE-2F1BE6BC7C9A}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS6A3D\HPDiagnosticCoreUI.exe
FirewallRules: [{8FA50EC7-6C1D-462C-9121-014A229B51FA}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS6A3D\HPDiagnosticCoreUI.exe
FirewallRules: [{8EFC3595-B8CA-46B7-A457-DEC82CB30C6A}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS04EF\HPDiagnosticCoreUI.exe
FirewallRules: [{488234C7-2FFD-4138-888F-08DD347B23F9}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS04EF\HPDiagnosticCoreUI.exe
FirewallRules: [{D1A680FE-7E3D-44EF-A0CE-3B10FCC27FA2}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS053A\HPDiagnosticCoreUI.exe
FirewallRules: [{3C66B1E1-B390-4FE5-8945-2EF356EFE1A0}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS053A\HPDiagnosticCoreUI.exe
FirewallRules: [{387DA2A5-90EA-4E4E-A355-6CB770A11561}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS0A0A\HPDiagnosticCoreUI.exe
FirewallRules: [{EB6D58BE-10E8-4D3E-86CC-F36F06FFA136}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS0A0A\HPDiagnosticCoreUI.exe
FirewallRules: [{F88574F3-A410-41C1-940A-D7B3EE23CFC1}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS5023\HPDiagnosticCoreUI.exe
FirewallRules: [{810EE59F-B0F0-472B-A5D9-32E764EC0552}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS5023\HPDiagnosticCoreUI.exe
FirewallRules: [{BD76E2F2-F900-4CB7-84A8-9901B357505B}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS22ED\HPDiagnosticCoreUI.exe
FirewallRules: [{F3A68AF0-4961-49D4-B35C-9717CCBD9F6B}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS22ED\HPDiagnosticCoreUI.exe
FirewallRules: [{5F5B8694-C440-4847-8FD5-7DB337ECA611}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS2B9D\HPDiagnosticCoreUI.exe
FirewallRules: [{8B4A8AC5-B26F-4104-AFF3-A388AE728F62}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS2B9D\HPDiagnosticCoreUI.exe
FirewallRules: [{19DF172D-4C53-4BE0-9C45-C95E40780C94}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS30C5\HPDiagnosticCoreUI.exe
FirewallRules: [{09C7FF81-8344-4EAA-83B9-1B310FF05281}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS30C5\HPDiagnosticCoreUI.exe
FirewallRules: [{0190D43C-3D92-48C7-A778-57E0048F001F}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS3781\HPDiagnosticCoreUI.exe
FirewallRules: [{1F7AF529-22E4-4F22-A147-E8AA3827F4AA}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS3781\HPDiagnosticCoreUI.exe
FirewallRules: [{A28B9E73-48D0-405E-B096-438F9A42E881}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS3B68\HPDiagnosticCoreUI.exe
FirewallRules: [{8AF54E2E-0970-4B3F-B606-599C950BA269}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS3B68\HPDiagnosticCoreUI.exe
FirewallRules: [{7E15ECDF-11EF-47AB-A0C7-F9981A9D3B5E}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS4297\HPDiagnosticCoreUI.exe
FirewallRules: [{1E06A9CA-E35C-425B-AA7B-59B6C825BF5F}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS4297\HPDiagnosticCoreUI.exe
FirewallRules: [{B5343556-DD33-40BC-9847-3ABF6790F386}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS35CD\HPDiagnosticCoreUI.exe
FirewallRules: [{8A475983-638B-4BE1-8366-6EB0BFE13714}] => (Allow) C:\Users\TWM\AppData\Local\Temp\7zS35CD\HPDiagnosticCoreUI.exe
FirewallRules: [{8B280A93-6049-4F04-B0E8-BFDFA8BCCA52}] => (Allow) C:\Users\TWM\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2AE37BD7-0F3C-4E5D-87B2-623B91E17799}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D73DD1CF-ACF1-42E5-9412-CEE31F232145}] => (Allow) LPort=2869
FirewallRules: [{76B2D877-EAF2-4D52-BE09-DF25454CF066}] => (Allow) LPort=1900
FirewallRules: [{A3B41EF5-F8E7-40AF-BD9F-D240E67E3F31}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{10933B74-A1B9-4BB8-9434-E4D14F9FC72E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C96E5D8B-E78F-400A-80B2-981D3C47705F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{47F696F8-7FCA-4D7E-B6C9-97ECDE7B3DA3}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\AviraSoftwareUpdater.exe
FirewallRules: [{A3EA784C-2D5D-4F5E-8BAB-C8F26C641559}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\AviraSoftwareUpdater.exe
FirewallRules: [{408A2E1C-8D44-462E-9813-776E1C0D992F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\AviraSoftwareUpdater.exe
FirewallRules: [{033B468E-FB89-4FED-B12F-33BC12BB0132}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\AviraSoftwareUpdater.exe
FirewallRules: [{A7AC2F55-9B9A-42E8-AC40-E0EB29C601F0}] => (Allow) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
FirewallRules: [{15A1DBC4-D1B3-43CC-B8E6-03FB07E37DEF}] => (Allow) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
FirewallRules: [{48E5DA60-4FBF-404C-B72C-48E3C8A73659}] => (Allow) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
FirewallRules: [{357DE9DC-D551-4AAE-9218-200E39CF54C5}] => (Allow) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
FirewallRules: [{902C6AE0-82DA-4588-8264-066E4395164B}] => (Allow) C:\Users\TWM\Downloads\Neuer Ordner\ReimageRepair.exe
FirewallRules: [{05188BCB-67B7-4327-97B9-CC3D9A83A126}] => (Allow) C:\Users\TWM\Downloads\Neuer Ordner\ReimageRepair.exe
FirewallRules: [{405F87C3-54D0-487A-8AA2-84D42ACED450}] => (Allow) C:\Users\TWM\Downloads\Neuer Ordner\ReimageRepair.exe
FirewallRules: [{6ACBA679-32BD-483A-A5B5-2EE049537D7B}] => (Allow) C:\Users\TWM\Downloads\Neuer Ordner\ReimageRepair.exe

==================== Wiederherstellungspunkte =========================

14-06-2017 03:00:45 Windows Update
15-06-2017 03:00:27 Windows Update
19-06-2017 14:42:00 PC Health Advisor Backup

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============

Name: AVM FRITZ!WLAN USB Stick v1.1
Description: AVM FRITZ!WLAN USB Stick v1.1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AVM GmbH
Service: FWLANUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: PS/2-kompatible Maus
Description: PS/2-kompatible Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/21/2017 10:21:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AviraSoftwareUpdater.exe, Version: 2.0.2.27024, Zeitstempel: 0x58fa000e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x07e6b737
ID des fehlerhaften Prozesses: 0x1aac
Startzeit der fehlerhaften Anwendung: 0x01d2ea674d6ad5a6
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\SoftwareUpdater\AviraSoftwareUpdater.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: a9b2f82a-565a-11e7-b29c-001f3f0bd5eb

Error: (06/21/2017 10:21:44 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AviraSoftwareUpdater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei Avira.SoftwareUpdater.Core.Utils.Tracker.Finalize()

Error: (06/21/2017 07:17:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003

Error: (06/21/2017 07:17:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8003

Error: (06/21/2017 07:17:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/21/2017 07:17:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7005

Error: (06/21/2017 07:17:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7005

Error: (06/21/2017 07:17:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/21/2017 07:17:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006

Error: (06/21/2017 07:17:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6006


Systemfehler:
=============
Error: (06/20/2017 10:48:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (06/20/2017 10:47:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (06/20/2017 10:47:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 10000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (06/20/2017 10:46:55 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-19) fÃ¼r Benutzer NT-AUTORITÃ„T\LOKALER DIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) fÃ¼r die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (06/20/2017 10:46:18 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) fÃ¼r Benutzer NT-AUTORITÃ„T\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) fÃ¼r die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (06/20/2017 10:45:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Net.Tcp-Portfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (06/20/2017 10:45:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Tcp-Portfreigabedienst erreicht.

Error: (06/20/2017 10:45:22 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist von folgendem Dienst abhÃ¤ngig: was. Dieser Dienst ist eventuell nicht installiert.

Error: (06/20/2017 10:45:22 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Net.Pipe-Listeneradapter" ist von folgendem Dienst abhÃ¤ngig: was. Dieser Dienst ist eventuell nicht installiert.

Error: (06/20/2017 10:45:22 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Net.Msmq-Listeneradapter" ist von folgendem Dienst abhÃ¤ngig: msmq. Dieser Dienst ist eventuell nicht installiert.


CodeIntegrity:
===================================
  Date: 2014-12-12 22:51:49.748
  Description: Die AbbildintegritÃ¤t der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht Ã¼berprÃ¼ft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 22:50:53.884
  Description: Die AbbildintegritÃ¤t der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht Ã¼berprÃ¼ft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 11:40:26.846
  Description: Die AbbildintegritÃ¤t der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht Ã¼berprÃ¼ft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 11:40:26.762
  Description: Die AbbildintegritÃ¤t der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht Ã¼berprÃ¼ft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 11:39:55.993
  Description: Die AbbildintegritÃ¤t der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht Ã¼berprÃ¼ft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-17 06:47:25.043
  Description: Die AbbildintegritÃ¤t der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht Ã¼berprÃ¼ft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 23:03:29.288
  Description: Die AbbildintegritÃ¤t der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht Ã¼berprÃ¼ft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 23:03:29.215
  Description: Die AbbildintegritÃ¤t der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht Ã¼berprÃ¼ft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 23:03:29.140
  Description: Die AbbildintegritÃ¤t der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht Ã¼berprÃ¼ft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 23:03:29.066
  Description: Die AbbildintegritÃ¤t der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht Ã¼berprÃ¼ft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E31270 @ 3.40GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 16340.9 MB
Verfügbarer physikalischer RAM: 13027.91 MB
Summe virtueller Speicher: 32679.98 MB
Verfügbarer virtueller Speicher: 28596.86 MB

==================== Laufwerke ================================

Drive c: (83+#) (Fixed) (Total:930.74 GB) (Free:786.3 GB) NTFS
Drive d: (W7SP1_PROFESSIONAL) (CDROM) (Total:5.23 GB) (Free:0 GB) UDF
Drive e: () (Removable) (Total:7.48 GB) (Free:7.16 GB) FAT32
Drive f: (RECOVERY) (Fixed) (Total:0.73 GB) (Free:0.46 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 423EE1EB)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 52629378)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

ich versteh von dem Text nicht viel.... , ist wohl ziemlich verkorkst....

cosinus · 21.06.2017, 13:58

Zitat:

durchgeführt von TWM (Administrator) auf TWM-GRAFIK
Prozessor: Intel(R) Xeon(R) CPU E31270 @ 3.40GHz

TWM-Grafik? Intel Xeon CPU?

Das ist doch ein gewerblich genutzter Rechner oder nicht? Unsere Regeln dazu hast du gelesen?

Micha679 · 21.06.2017, 14:05

Ja hab ich,

wir haben den PC von einem Freund gekauft der ausgewandert ist.
Er hat uns alle CD s hier gelassen und auch das Windows so drauf gelassen. Er wird nicht mehr gewerblich genutzt.

Hatte bis jetzt keine Probleme damit. Was brauch ich denn um das zu ändern ? Ich hab noch Kontakt zu Ihm. Ich dachte nicht das es daran liegt. Wir haben Ihn nun schon so lange.

cosinus · 21.06.2017, 14:25

Meine Güte, es geht darum, dass gewerbliche genutzte Rechner allerhand sensible Kundendaten haben können und dass der Admin der Firma sich um die Rechner kümmern muss.

Dass der Rechner einfach so irgendwo privat hingestellt wird kann ja nun niemand einfach so hellsehen. Oder meinste ich frag das aus Spaß?

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Micha679 · 21.06.2017, 14:54

Schon ok...
War sicher nicht böse gemeint von mir.

Habe ich auf m Desktop gespeichert, nur geht das Update nicht Failed: DNS error

Und vorher schon wieder die Fehlermeldung: mbar.exe- ungültiges Bild

cosinus · 21.06.2017, 15:46

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Avira Antivirus
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Danach Rechner neu starten und MBAR nochmal probieren

Micha679 · 21.06.2017, 16:21

nerv nerv nerv....
er will einfach nicht... immer noch DNS error und die Fehlermeldung bevor sich das Programm öffnen lässt.

Avira ist alles runter und PC habe ich neu gestartet

ich hab noch MCAfee und Pareto Logic PC Health Advisor drauf, soll das auch lieber runter?

cosinus · 21.06.2017, 22:09

hau runter. wenn das danach nicht läuft:

Malwarebytes Version 3

Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

cosinus · 21.06.2017, 22:09

hau runter. wenn das danach nicht läuft:

Malwarebytes Version 3

Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Micha679 · 21.06.2017, 23:26

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 21.06.17
Scan-Zeit: 23:56
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.141
Version des Aktualisierungspakets: 1.0.2202
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: TWM-GRAFIK\TWM

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 384235
Erkannte Bedrohungen: 348
In die Quarantäne verschobene Bedrohungen: 348
Abgelaufene Zeit: 4 Min., 58 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 15
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202

Registrierungsschlüssel: 161
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\APPID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}, In Quarantäne, [779], [169672],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}, In Quarantäne, [779], [169672],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}, In Quarantäne, [779], [169672],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, In Quarantäne, [779], [169685],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, In Quarantäne, [779], [169685],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}, In Quarantäne, [779], [169675],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}, In Quarantäne, [779], [169675],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\APPID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}, In Quarantäne, [779], [169675],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [779], [169674],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [779], [169674],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [779], [169674],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, In Quarantäne, [779], [169687],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, In Quarantäne, [779], [169687],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [779], [169684],1.0.2202
PUP.Optional.VideosMediaPlayers, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\APPDATALOW\SOFTWARE\videos+Media+Players, In Quarantäne, [7501], [244509],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\enter, In Quarantäne, [242], [237403],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655495569}, In Quarantäne, [242], [324197],1.0.2202
PUP.Optional.WebSearches.ShrtCln, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\SupHpUISoft, In Quarantäne, [11832], [190053],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11DF68FB-FBFA-41DA-8CC6-2ABE2A5067F6}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1333C925-CCF2-4154-98F0-6689879A938D}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{15B27A3A-D44D-4E43-927F-CCD6E8F147B5}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1963F098-37EB-49FB-99AE-34728F3078F3}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D2C4D71-BDC7-401D-BC24-7D4B638427D7}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20D269FD-7819-4D50-A2C3-143382B7EC56}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2171B682-CF9C-4C56-A4C7-21DD4C7EC724}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2832540C-263E-41F2-9F7E-38324D904282}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{28C30ED0-A6D9-4284-ABDB-A570B44AFECF}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2BA35FFA-7D7E-4F56-9E91-911DE9B0B0EF}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2BFD3701-2CCB-4C0C-9FBC-3FAB2844A64C}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2CB4E48C-7697-4A6F-8718-2FECCCCE8C30}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2E3C7C24-F0A3-45F6-B5D3-513110BA63D2}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{30FF2B56-275B-4A0D-834F-2EED8C90ADCE}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3135A7F0-4CB1-401C-8EA7-1780739CDB11}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{316da5c1-253b-41eb-88e2-dc33649cbade}, In Quarantäne, [242], [237486],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{342C62C4-8496-4F8D-B852-B990D247A7B7}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{34E26E95-D45E-495D-8199-DC39C8B186EE}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{39A5CAAF-6357-4130-9290-C056989428E4}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3B388831-B155-4D89-B2CE-AA9071B7B216}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C48F48B-AD5C-4009-9CC1-A03ED7F6C455}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40DC14FA-D502-4CE5-918D-412959E274F6}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40F4831B-FB7E-47AB-AF3C-D977CF8DCA51}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{43A9CBB8-677F-4EB1-86BA-2DF819C5F6C2}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{462A7B71-FC55-48B5-A285-EED8298364D4}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{486F43C6-CFE9-4C63-B01D-CB7A16FF6CAB}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{48767E55-3CB8-4765-B9E9-DDD7F4CD8A32}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{49853D28-6077-4459-AC3A-DAE56A3C2ED3}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{49D1AD07-D9CB-4517-BD4B-54A852915DB7}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4A768D1C-D1F9-4B11-AF23-192E50AAD2B5}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4C5A4404-6CE8-46D2-942E-8BABEFAFD9F1}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4EED9F20-8402-4F8B-B0C3-A1421A7B7D69}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{549327E2-769E-4A0D-B463-F2DE9E605B57}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5BDFDA2E-F72A-49D2-9E53-63BAEE7E81D0}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D8E852D-EE82-4A39-907B-D57A8F4B418D}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5df1eeac-b04e-4c6d-966a-e107805d0201}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{608AF8CB-ADB7-44A4-957D-BBF62C8FB118}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63E922C7-7957-41AD-B643-9BB94980D579}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6BAFD010-BC33-44F6-A787-46496972A77A}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CE517BC-70F5-4BC0-9D17-E612C368A8F3}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6D3071CF-A0AD-49BD-BCB4-3BFDC85615FC}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6D8D1105-AD62-4488-B1A1-5DA12CC6778D}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6DD54BF9-6F0D-4FD8-9B68-987A29CA55AD}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7294B3EC-3EA1-43A8-A5E9-EE6E4FEF5DC7}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7A4D20CB-BD82-4784-A3FB-9CE2A7C87F84}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7AA6E1A4-B1F8-4195-AA52-C9E16C1D6738}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7B512FEB-69A2-405C-89FB-6C2C57B4B4AB}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C7EBB63-1F0E-47F1-BB78-76DDABA6FB93}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7E5277B5-776D-4EE3-ABD6-EF6448D6D5D5}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7FA8BB07-39E5-4B04-9EBB-56A5EB774E72}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{82DB3AFE-D5C9-4201-86CE-FAE7D0EA1C1E}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{839F984C-C971-46B8-9645-95DC2F66F013}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{83E34D76-24AD-4F22-BAB1-47CAAFF4DCD3}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8540A181-C4A6-42BA-83ED-3F6987934672}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{88B8B239-A702-487F-8A9B-95F97E8DCCE9}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8977C993-7F9A-4F5B-BA82-C8B8D350AAB3}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8C9BCAA9-3836-48BD-AD42-8583B88F6A93}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8D888314-5173-44F7-B7A3-E6EF82416E28}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8E3C17EB-C8E7-4E6C-B159-8CB1CBD8EEFB}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8F2C5F34-7BAF-4069-BF5E-F8F76B80DD7F}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8F5F46CB-67B7-4E22-A624-ADCA27BCEEC3}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FE8C5D0-AC6D-40FB-9E51-54F754E637BA}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{909F366D-1CEF-49BA-AA2E-77D61D4EB2A0}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9396A996-A155-419D-A3E2-6ABCD1BAC9EA}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9418CCE7-DB3D-4BEF-B1B2-E420ADA7495D}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{99C59F74-BB4B-4692-B6D5-1F7AB122FC96}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9D4003A8-8C6E-46AB-8F12-429FE1F5798A}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9D8BF311-D39B-4F12-8935-E1DB6DB78F65}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1033800-7C65-4B74-97E4-65436120C446}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1C9D7FC-191C-48D2-946E-1E7D837F2B45}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A3603C12-1C55-4606-AE71-29B4188CF735}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A7B59F99-7D91-4560-A7CC-9F66487ED4DF}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A897F919-C4C4-4D4C-ACD8-1FE17BD0E4C5}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AAD877C7-6D52-4B18-AC35-9FAD33E815A0}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B423D3E3-C85A-45AF-AAFE-7F15CEC6422B}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B4DA4FE9-2017-470A-86E8-5E3E5FF728D0}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B7192EFB-134C-4313-A2D1-8D49D9476BFE}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B7835292-420A-42F2-95AB-11AFB84A76C7}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BA84510A-FFAF-47F6-88CE-3B3ECE4570DD}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BABD7D62-1EE0-477F-B0B5-A4F26FA2C129}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BC6E4447-DFF9-4A36-ACD0-D2FBBFD020A9}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BCFA0FAF-7F0E-4EE0-9F3C-5BD8FCA0CFB5}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BE32A5B2-46EC-47BB-9216-15739AD7C2E1}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BE5BB63E-51C6-432D-B215-F45396CB6741}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C04CC003-151D-42EB-84A5-93DA83BBE2FD}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C0EE1CF0-AA7D-44C3-A816-8D6A3818D4D7}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C48366DD-F315-425D-A533-2AD4C3394AB2}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5EDC46C-ADAE-4BE8-AE2B-8CCF5CDCB77D}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6958BFA-17BD-4119-AAA2-3D6E25707395}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C84087A1-E793-4D3F-B076-1267EEFBCCCD}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C926CB3D-CC07-4685-BEE6-3DC0481428D7}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CE7D39ED-32C6-40EF-9B95-E7C2BA497585}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CEB97865-9EEB-48C2-92AA-D57FC471DCE6}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D33337C5-9CD7-40E1-A541-3246BB75B116}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D60C6E80-C0DF-4F4E-9056-F3CA7C5A7CE7}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9B26600-2B65-4CD5-8969-87C53DDBD426}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA410D32-7D0D-443E-9670-252EF730952F}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DB2E6278-261F-416B-BCD9-55B9544F3DD1}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DBEB3C39-6A90-4422-8D32-3BF05B603E28}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DDC63116-28E0-40F1-BC7D-39AD30FF3D72}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DF34CA4F-6088-42C6-8489-E5B99DFD345A}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E076DF14-B270-4A0A-97A3-DFF192137D6A}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E164C234-79D9-4683-8B2A-6A2DA3D5CB36}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E33DE569-DB85-4D64-97B3-EE697691D59B}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E748735F-3178-451D-922E-C4354EAB5F28}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EC8B7B38-5468-4759-B059-FEFD128A30B8}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2152F4F-7430-4E33-9AE5-81FA6118545A}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FEE631A4-E031-4FD4-A7CA-E6F556E174BF}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FEEC9B29-BB51-40AC-9035-CCC3623A6968}, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FF1C1F35-266A-46AC-B53F-2B627F8FD17D}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FFF70C1E-C789-426F-AA26-795BB9372B5F}, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.ParetoLogic, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\PARETOLOGIC\PC Health Advisor, In Quarantäne, [2110], [366347],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{316DA5C1-253B-41EB-88E2-DC33649CBADE}, In Quarantäne, [242], [237508],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{316da5c1-253b-41eb-88e2-dc33649cbade}, In Quarantäne, [242], [237508],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5DF1EEAC-B04E-4C6D-966A-E107805D0201}, In Quarantäne, [242], [237510],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5df1eeac-b04e-4c6d-966a-e107805d0201}, In Quarantäne, [242], [237510],1.0.2202
PUP.Optional.VideosMediaPlayers, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\videos+Media+Players, In Quarantäne, [7501], [244509],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{145273E1-1C87-4C63-904D-4D2817B74719}, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2704C542-961B-4A7B-B796-18471B5C0651}, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5C0384B8-019B-4C98-B8C4-3A671375B453}, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6BA2CA05-226A-415B-9719-F44649D76E12}, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{927C5E7C-C039-48B9-9CF4-86EC312D0085}, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B0377174-8DFA-42CE-96CF-092308DC79A3}, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D4EC9A22-FB8C-482C-88D8-3DAA354996F9}, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D6EB8D60-7696-46A0-9CA4-C9B1C99CFDDD}, In Quarantäne, [243], [315079],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D9A5E5A6-DFB0-4178-880F-832A2FA9C5B7}, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DA9DAF94-DA7B-4A2A-AF9E-85E2F8996D23}, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\Reimage Repair, In Quarantäne, [1072], [336077],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655495569}, In Quarantäne, [242], [324197],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [779], [238777],1.0.2202
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [779], [238776],1.0.2202
PUP.Optional.ParetoLogic, HKLM\SOFTWARE\WOW6432NODE\PARETOLOGIC\PC Health Advisor, In Quarantäne, [2110], [366346],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{55555555-5555-5555-5555-550655495569}, In Quarantäne, [242], [324197],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\49d8c509-24c2-4c20-9811-4b0788a2dbc9-1, In Quarantäne, [242], [237511],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\49d8c509-24c2-4c20-9811-4b0788a2dbc9-11, In Quarantäne, [242], [237511],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\49d8c509-24c2-4c20-9811-4b0788a2dbc9-2, In Quarantäne, [242], [237511],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\49d8c509-24c2-4c20-9811-4b0788a2dbc9-3, In Quarantäne, [242], [237511],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\49d8c509-24c2-4c20-9811-4b0788a2dbc9-4, In Quarantäne, [242], [237511],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5, In Quarantäne, [242], [237511],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5_user, In Quarantäne, [242], [237511],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\49d8c509-24c2-4c20-9811-4b0788a2dbc9-6, In Quarantäne, [242], [237511],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\49d8c509-24c2-4c20-9811-4b0788a2dbc9-7, In Quarantäne, [242], [237511],1.0.2202
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\LaunchSignup, In Quarantäne, [243], [315080],1.0.2202

Registrierungswert: 129
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655495569}|, In Quarantäne, [242], [324197],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11DF68FB-FBFA-41DA-8CC6-2ABE2A5067F6}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1333C925-CCF2-4154-98F0-6689879A938D}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{15B27A3A-D44D-4E43-927F-CCD6E8F147B5}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1963F098-37EB-49FB-99AE-34728F3078F3}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D2C4D71-BDC7-401D-BC24-7D4B638427D7}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20D269FD-7819-4D50-A2C3-143382B7EC56}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2171B682-CF9C-4C56-A4C7-21DD4C7EC724}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2832540C-263E-41F2-9F7E-38324D904282}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{28C30ED0-A6D9-4284-ABDB-A570B44AFECF}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2BA35FFA-7D7E-4F56-9E91-911DE9B0B0EF}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2BFD3701-2CCB-4C0C-9FBC-3FAB2844A64C}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2CB4E48C-7697-4A6F-8718-2FECCCCE8C30}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2E3C7C24-F0A3-45F6-B5D3-513110BA63D2}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{30FF2B56-275B-4A0D-834F-2EED8C90ADCE}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3135A7F0-4CB1-401C-8EA7-1780739CDB11}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{316da5c1-253b-41eb-88e2-dc33649cbade}|APPNAME, In Quarantäne, [242], [237486],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{342C62C4-8496-4F8D-B852-B990D247A7B7}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{34E26E95-D45E-495D-8199-DC39C8B186EE}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{39A5CAAF-6357-4130-9290-C056989428E4}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3B388831-B155-4D89-B2CE-AA9071B7B216}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C48F48B-AD5C-4009-9CC1-A03ED7F6C455}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40DC14FA-D502-4CE5-918D-412959E274F6}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40F4831B-FB7E-47AB-AF3C-D977CF8DCA51}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{43A9CBB8-677F-4EB1-86BA-2DF819C5F6C2}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{462A7B71-FC55-48B5-A285-EED8298364D4}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{486F43C6-CFE9-4C63-B01D-CB7A16FF6CAB}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{48767E55-3CB8-4765-B9E9-DDD7F4CD8A32}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{49853D28-6077-4459-AC3A-DAE56A3C2ED3}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{49D1AD07-D9CB-4517-BD4B-54A852915DB7}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4A768D1C-D1F9-4B11-AF23-192E50AAD2B5}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4C5A4404-6CE8-46D2-942E-8BABEFAFD9F1}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4EED9F20-8402-4F8B-B0C3-A1421A7B7D69}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{549327E2-769E-4A0D-B463-F2DE9E605B57}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5BDFDA2E-F72A-49D2-9E53-63BAEE7E81D0}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D8E852D-EE82-4A39-907B-D57A8F4B418D}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5df1eeac-b04e-4c6d-966a-e107805d0201}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{608AF8CB-ADB7-44A4-957D-BBF62C8FB118}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63E922C7-7957-41AD-B643-9BB94980D579}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6BAFD010-BC33-44F6-A787-46496972A77A}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CE517BC-70F5-4BC0-9D17-E612C368A8F3}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6D3071CF-A0AD-49BD-BCB4-3BFDC85615FC}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6D8D1105-AD62-4488-B1A1-5DA12CC6778D}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6DD54BF9-6F0D-4FD8-9B68-987A29CA55AD}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7294B3EC-3EA1-43A8-A5E9-EE6E4FEF5DC7}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7A4D20CB-BD82-4784-A3FB-9CE2A7C87F84}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7AA6E1A4-B1F8-4195-AA52-C9E16C1D6738}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7B512FEB-69A2-405C-89FB-6C2C57B4B4AB}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C7EBB63-1F0E-47F1-BB78-76DDABA6FB93}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7E5277B5-776D-4EE3-ABD6-EF6448D6D5D5}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7FA8BB07-39E5-4B04-9EBB-56A5EB774E72}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{82DB3AFE-D5C9-4201-86CE-FAE7D0EA1C1E}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{839F984C-C971-46B8-9645-95DC2F66F013}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{83E34D76-24AD-4F22-BAB1-47CAAFF4DCD3}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8540A181-C4A6-42BA-83ED-3F6987934672}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{88B8B239-A702-487F-8A9B-95F97E8DCCE9}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8977C993-7F9A-4F5B-BA82-C8B8D350AAB3}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8C9BCAA9-3836-48BD-AD42-8583B88F6A93}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8D888314-5173-44F7-B7A3-E6EF82416E28}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8E3C17EB-C8E7-4E6C-B159-8CB1CBD8EEFB}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8F2C5F34-7BAF-4069-BF5E-F8F76B80DD7F}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8F5F46CB-67B7-4E22-A624-ADCA27BCEEC3}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FE8C5D0-AC6D-40FB-9E51-54F754E637BA}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{909F366D-1CEF-49BA-AA2E-77D61D4EB2A0}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9396A996-A155-419D-A3E2-6ABCD1BAC9EA}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9418CCE7-DB3D-4BEF-B1B2-E420ADA7495D}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{99C59F74-BB4B-4692-B6D5-1F7AB122FC96}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9D4003A8-8C6E-46AB-8F12-429FE1F5798A}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9D8BF311-D39B-4F12-8935-E1DB6DB78F65}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1033800-7C65-4B74-97E4-65436120C446}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1C9D7FC-191C-48D2-946E-1E7D837F2B45}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A3603C12-1C55-4606-AE71-29B4188CF735}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A7B59F99-7D91-4560-A7CC-9F66487ED4DF}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A897F919-C4C4-4D4C-ACD8-1FE17BD0E4C5}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AAD877C7-6D52-4B18-AC35-9FAD33E815A0}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B423D3E3-C85A-45AF-AAFE-7F15CEC6422B}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B4DA4FE9-2017-470A-86E8-5E3E5FF728D0}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B7192EFB-134C-4313-A2D1-8D49D9476BFE}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B7835292-420A-42F2-95AB-11AFB84A76C7}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BA84510A-FFAF-47F6-88CE-3B3ECE4570DD}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BABD7D62-1EE0-477F-B0B5-A4F26FA2C129}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BC6E4447-DFF9-4A36-ACD0-D2FBBFD020A9}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BCFA0FAF-7F0E-4EE0-9F3C-5BD8FCA0CFB5}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BE32A5B2-46EC-47BB-9216-15739AD7C2E1}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BE5BB63E-51C6-432D-B215-F45396CB6741}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C04CC003-151D-42EB-84A5-93DA83BBE2FD}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C0EE1CF0-AA7D-44C3-A816-8D6A3818D4D7}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C48366DD-F315-425D-A533-2AD4C3394AB2}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5EDC46C-ADAE-4BE8-AE2B-8CCF5CDCB77D}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6958BFA-17BD-4119-AAA2-3D6E25707395}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C84087A1-E793-4D3F-B076-1267EEFBCCCD}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C926CB3D-CC07-4685-BEE6-3DC0481428D7}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CE7D39ED-32C6-40EF-9B95-E7C2BA497585}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CEB97865-9EEB-48C2-92AA-D57FC471DCE6}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D33337C5-9CD7-40E1-A541-3246BB75B116}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D60C6E80-C0DF-4F4E-9056-F3CA7C5A7CE7}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9B26600-2B65-4CD5-8969-87C53DDBD426}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA410D32-7D0D-443E-9670-252EF730952F}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DB2E6278-261F-416B-BCD9-55B9544F3DD1}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DBEB3C39-6A90-4422-8D32-3BF05B603E28}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DDC63116-28E0-40F1-BC7D-39AD30FF3D72}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DF34CA4F-6088-42C6-8489-E5B99DFD345A}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E076DF14-B270-4A0A-97A3-DFF192137D6A}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E164C234-79D9-4683-8B2A-6A2DA3D5CB36}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E33DE569-DB85-4D64-97B3-EE697691D59B}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E748735F-3178-451D-922E-C4354EAB5F28}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EC8B7B38-5468-4759-B059-FEFD128A30B8}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2152F4F-7430-4E33-9AE5-81FA6118545A}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FEE631A4-E031-4FD4-A7CA-E6F556E174BF}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FEEC9B29-BB51-40AC-9035-CCC3623A6968}|APPNAME, In Quarantäne, [242], [237487],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FF1C1F35-266A-46AC-B53F-2B627F8FD17D}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKU\S-1-5-21-3198404451-3515860044-3934060500-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FFF70C1E-C789-426F-AA26-795BB9372B5F}|APPNAME, In Quarantäne, [242], [237488],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{316da5c1-253b-41eb-88e2-dc33649cbade}|APPNAME, In Quarantäne, [242], [237508],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5df1eeac-b04e-4c6d-966a-e107805d0201}|APPNAME, In Quarantäne, [242], [237510],1.0.2202
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|VIDEOS+MEDIA+PLAYERS-BG.EXE, In Quarantäne, [1005], [260099],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{316da5c1-253b-41eb-88e2-dc33649cbade}|APPNAME, In Quarantäne, [242], [237508],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5df1eeac-b04e-4c6d-966a-e107805d0201}|APPNAME, In Quarantäne, [242], [237510],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{145273E1-1C87-4C63-904D-4D2817B74719}|PATH, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2704C542-961B-4A7B-B796-18471B5C0651}|PATH, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5C0384B8-019B-4C98-B8C4-3A671375B453}|PATH, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6BA2CA05-226A-415B-9719-F44649D76E12}|PATH, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{927C5E7C-C039-48B9-9CF4-86EC312D0085}|PATH, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B0377174-8DFA-42CE-96CF-092308DC79A3}|PATH, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D4EC9A22-FB8C-482C-88D8-3DAA354996F9}|PATH, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D6EB8D60-7696-46A0-9CA4-C9B1C99CFDDD}|PATH, In Quarantäne, [243], [315079],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D9A5E5A6-DFB0-4178-880F-832A2FA9C5B7}|PATH, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DA9DAF94-DA7B-4A2A-AF9E-85E2F8996D23}|PATH, In Quarantäne, [242], [259199],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655495569}|, In Quarantäne, [242], [324197],1.0.2202
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{55555555-5555-5555-5555-550655495569}|, In Quarantäne, [242], [324197],1.0.2202

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 11
Rogue.Multiple, C:\PROGRAMDATA\374311380, In Quarantäne, [4143], [170100],1.0.2202
PUP.Optional.ParetoLogic, C:\USERS\TWM\APPDATA\ROAMING\ParetoLogic\PC Health Advisor, In Quarantäne, [2110], [366052],1.0.2202
PUP.Optional.VideosMediaPlayers, C:\PROGRAM FILES (X86)\videos+Media+Players, In Quarantäne, [7501], [180281],1.0.2202
PUP.Optional.FastPlayer, C:\Users\TWM\AppData\Local\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q\1.0.0.1, In Quarantäne, [3726], [177098],1.0.2202
PUP.Optional.FastPlayer, C:\USERS\TWM\APPDATA\LOCAL\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q, In Quarantäne, [3726], [177098],1.0.2202
Adware.ChinAd, C:\Users\TWM\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\24f738ddc4670a2187c126351a11513f, In Quarantäne, [1157], [375557],1.0.2202
Adware.ChinAd, C:\Users\TWM\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\d53c4a89b1dbd587bbd0884e6f887fa3, In Quarantäne, [1157], [375557],1.0.2202
Adware.ChinAd, C:\Users\TWM\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1, In Quarantäne, [1157], [375557],1.0.2202
Adware.ChinAd, C:\Users\TWM\AppData\Local\Temp\DMR\Downloads, In Quarantäne, [1157], [375557],1.0.2202
Adware.ChinAd, C:\USERS\TWM\APPDATA\LOCAL\TEMP\DMR, In Quarantäne, [1157], [375557],1.0.2202
PUP.Optional.InetStat, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\INETSTAT, In Quarantäne, [3984], [239506],1.0.2202

Datei: 32
PUP.Optional.VideosMediaPlayers, C:\Program Files (x86)\videos+Media+Players\1293297481.mxaddon, In Quarantäne, [7501], [180281],1.0.2202
PUP.Optional.VideosMediaPlayers, C:\Program Files (x86)\videos+Media+Players\background.html, In Quarantäne, [7501], [180281],1.0.2202
PUP.Optional.VideosMediaPlayers, C:\Program Files (x86)\videos+Media+Players\bgNova.html, In Quarantäne, [7501], [180281],1.0.2202
PUP.Optional.VideosMediaPlayers, C:\Program Files (x86)\videos+Media+Players\videos+Media+Players.ico, In Quarantäne, [7501], [180281],1.0.2202
PUP.Optional.FastPlayer, C:\Users\TWM\AppData\Local\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q\1.0.0.1\user.config, In Quarantäne, [3726], [177098],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSWOW64\MYOSPROTECT.DLL, In Quarantäne, [2695], [250673],1.0.2202
PUP.Optional.MyOSProtect, C:\WINDOWS\SYSWOW64\MYOSPROTECT.INI, In Quarantäne, [14908], [241036],1.0.2202
Adware.DownloadSponsor, C:\USERS\TWM\APPDATA\LOCAL\TEMP\DMR\DMR_72.EXE, In Quarantäne, [2149], [358371],1.0.2202
Adware.ChinAd, C:\USERS\TWM\APPDATA\LOCAL\TEMP\DMR\WPDMSDAAYAZYJDZB.DAT, In Quarantäne, [1157], [375557],1.0.2202
Adware.ChinAd, C:\Users\TWM\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\d53c4a89b1dbd587bbd0884e6f887fa3\WcInstaller.exe, In Quarantäne, [1157], [375557],1.0.2202
PUP.Optional.SpeedItUp, C:\WINDOWS\REIMAGE.INI, In Quarantäne, [1167], [329423],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\TASKS\49D8C509-24C2-4C20-9811-4B0788A2DBC9-3.JOB, In Quarantäne, [242], [235119],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\TASKS\49D8C509-24C2-4C20-9811-4B0788A2DBC9-11.JOB, In Quarantäne, [242], [235119],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\TASKS\49D8C509-24C2-4C20-9811-4B0788A2DBC9-6.JOB, In Quarantäne, [242], [235119],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\TASKS\49D8C509-24C2-4C20-9811-4B0788A2DBC9-4.JOB, In Quarantäne, [242], [235119],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\TASKS\49D8C509-24C2-4C20-9811-4B0788A2DBC9-1.JOB, In Quarantäne, [242], [235119],1.0.2202
PUP.Optional.CrossRider.Generic, C:\WINDOWS\TASKS\49D8C509-24C2-4C20-9811-4B0788A2DBC9-5_USER.JOB, In Quarantäne, [1005], [307240],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\SYSTEM32\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-1, In Quarantäne, [242], [235118],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\SYSTEM32\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-11, In Quarantäne, [242], [235118],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\SYSTEM32\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-2, In Quarantäne, [242], [235118],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\SYSTEM32\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-3, In Quarantäne, [242], [235118],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\SYSTEM32\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-4, In Quarantäne, [242], [235118],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\SYSTEM32\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5, In Quarantäne, [242], [235118],1.0.2202
PUP.Optional.CrossRider.Generic, C:\WINDOWS\SYSTEM32\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5_user, In Quarantäne, [1005], [307239],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\SYSTEM32\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-6, In Quarantäne, [242], [235118],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\SYSTEM32\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-7, In Quarantäne, [242], [235118],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-2.job, In Quarantäne, [242], [235119],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-5.job, In Quarantäne, [242], [235119],1.0.2202
PUP.Optional.CrossRider, C:\WINDOWS\TASKS\49d8c509-24c2-4c20-9811-4b0788a2dbc9-7.job, In Quarantäne, [242], [235119],1.0.2202
PUP.Optional.InetStat, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\INETSTAT\INETSTAT.LNK, In Quarantäne, [3984], [239506],1.0.2202
PUP.Optional.MyPCBackup, C:\WINDOWS\SYSTEM32\TASKS\LAUNCHSIGNUP, In Quarantäne, [243], [315082],1.0.2202
PUP.Optional.Winsock.WnskRST, C:\WINDOWS\SYSTEM32\MYOSPROTECT64.DLL, In Quarantäne, [2695], [250674],1.0.2202

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Das hat geklappt. Jetzt ist der PC sehr langsam, aber bis jetzt keine Fehlermeldung.
Danke erstmal dafür. Was kannst du nun daraus erlesen? Was kann ich besser machen?
Bzw was war falsch? Ich möcht ja auch aus den Fehlern lernen... ;-)

cosinus · 22.06.2017, 08:18

Bitte nochmal MBAR probieren.

Micha679 · 22.06.2017, 09:49

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.06.22.05
  rootkit: v2017.05.27.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18697
TWM :: TWM-GRAFIK [administrator]

22.06.2017 10:33:10
mbar-log-2017-06-22 (10-33-10).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 325924
Time elapsed: 16 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Sieht gut aus :-))))) oder?

22.06.2017, 08:18	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	xxx.exe ungültiges Bild, bei jedem Versuch ein Programm zu starten, Betriebssystem Windows 7, Avira Antivirus Pro - Update nicht mögl. Bitte nochmal MBAR probieren. __________________ Logfiles bitte immer in CODE-Tags posten

xxx.exe ungültiges Bild, bei jedem Versuch ein Programm zu starten, Betriebssystem Windows 7, Avira Antivirus Pro - Update nicht mögl.

Plagegeister aller Art und deren Bekämpfung: xxx.exe ungültiges Bild, bei jedem Versuch ein Programm zu starten, Betriebssystem Windows 7, Avira Antivirus Pro - Update nicht mögl.