Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.07.2015, 15:22   #1
luca3546
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



Als ich heute meinen PC gestartet habe hatte ich eine längere Zeit einen schwarzen Bildschirm auf den nach einer Zeit die im Titel genannte Fehlermeldung erschien. Diese erscheint bei mir bei ungefähr 80% der Programme die ich starte.

Hier jetzt die Logs wobei ich sagen muss, dass ich kein Log mit GMER erstellen konnte da ich jedes mal wenn ich mit GMER scanne einen Blue Screen bekomme.

Defogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:36 on 30/07/2015 (****)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von **** (Administrator) auf NETADMIN (30-07-2015 14:38:21)
Gestartet von C:\Users\****\Desktop\trojaner weg
Geladene Profile: **** & Administrator (Verfügbare Profile: **** & Administrator)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser Pfad: "C:\Users\****\AppData\Local\Vivaldi\Application\vivaldi.exe" -- "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(FS) C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.203.736.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112856 2014-04-14] (VMware, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-27] (Geek Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [730416 2015-06-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [37632 2014-01-30] (Overwolf LTD)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [wcfkvx.exe] => C:\Users\****\AppData\Roaming\bugfxa\wcfkvx.exe
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [Cracked Steam Service] => "c:\program files (x86)\cracked steam\Cracked AntiSteam.exe" /SERVICE
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [Google Update] => C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-02] (Google Inc.)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [MAPMAKER" Launcher] => C:\Users\****\Desktop\MapMaker Launcher 2.8.7.7.exe -silent
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [Spotify Web Helper] => C:\Users\****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-20] (Spotify Ltd)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-12-04] ()
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6517160 2014-12-12] (Steganos Software GmbH)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [Spotify] => C:\Users\****\AppData\Roaming\Spotify\Spotify.exe [6701624 2015-03-20] (Spotify Ltd)
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [246080 2014-11-27] ()
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => "C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL" Datei nicht gefunden
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2014-11-18]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-02-15]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:1403;https=127.0.0.1:1403
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
URLSearchHook: [S-1-5-21-2314403856-2824009859-24823230-500] ATTENTION ==> Standard URLSearchHook fehlt
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2314403856-2824009859-24823230-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2314403856-2824009859-24823230-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=21&locale=de_DE&gct=kwd&qsrc=2869
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: youtubeadblocker -> {6884511e-368a-4c51-8e81-7bad72988a3c} -> C:\Program Files (x86)\youtubeadblocker\4SzgjWPifBozkO.x64.dll Keine Datei
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll [2014-09-01] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll [2014-09-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-06] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-06] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2314403856-2824009859-24823230-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0D3339BE-97FE-420F-8A80-15C50715EE1C}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B13453D3-7683-40A3-ADDB-255F33513804}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B9EEEB35-9911-4B69-B7E6-76814888DF09}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{FE254F83-9638-42B8-8947-E1C1134CE33D}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll [2014-02-25] ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-09-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-09-01] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll [2014-02-25] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-2314403856-2824009859-24823230-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2314403856-2824009859-24823230-1001: @talk.google.com/O1DPlugin -> C:\Users\****\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2314403856-2824009859-24823230-1001: @tools.google.com/Google Update;version=3 -> C:\Users\****\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2314403856-2824009859-24823230-1001: @tools.google.com/Google Update;version=9 -> C:\Users\****\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2314403856-2824009859-24823230-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\****\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\searchplugins\trovi-search.xml [2014-10-05]
FF Extension: Firefox OS 2.0 Simulator - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\fxos_2_0_simulator@mozilla.org [2015-02-01]
FF Extension: Firefox OS 2.1 Simulator - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\fxos_2_1_simulator@mozilla.org [2015-02-01]
FF Extension: Firefox OS 2.2 Simulator - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\fxos_2_2_simulator@mozilla.org [2015-04-03]
FF Extension: Mozilla Firefox Hotfixer - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\veggy@veggyAddon.com [2015-03-24]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{09ca032b-423b-a460-505c-3be0233d6d11} [2015-05-20]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{0fd0c47c-7f90-d92e-b29d-b2b5201879ad} [2015-03-10]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{328c0144-2817-0585-11ac-8ba69979846b} [2015-05-27]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{52506c65-92ab-1d17-5dcb-7225eb1fb0e2} [2015-05-22]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{574bc6e9-ffe9-9667-e080-637221010d62} [2015-06-02]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{64be4785-8e92-f6ec-4ca0-6338578aaa3b} [2015-06-11]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{6d22d23c-4162-5b3e-ce9c-d162935ac893} [2015-05-22]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{7d6f078b-acb1-cc1a-6ff0-d51bedb5aea4} [2015-05-22]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{93e739aa-028d-5c23-736a-87676804ff76} [2015-05-27]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{9e2d4b58-1428-9f58-d1c1-f82f02907a12} [2015-06-11]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{ad0c2e6f-a938-2d4d-f896-170173210afb} [2015-06-11]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{b0ba5b91-7dce-3908-b4cf-7b1df5b61970} [2015-05-27]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{b4f3b79f-d1ea-0a96-ddd6-392ccc78c06d} [2015-06-11]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{c1b5deba-26ba-3b2f-c4e0-82948ff9c70d} [2015-05-22]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{ccce9d5c-fe80-b720-752f-f88a7653be6c} [2015-05-27]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{d1eb472f-6982-143e-1935-87555dd27bec} [2015-06-11]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{dbd38648-fbec-ea42-e6c9-f8e9c3155469} [2015-05-22]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{ea240ad1-5851-bbf2-45f7-ec839443a71a} [2015-05-20]
FF Extension: Firebug - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\firebug@software.joehewitt.com.xpi [2015-02-01]
FF Extension: MEGA - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\firefox@mega.co.nz.xpi [2015-02-19]
FF Extension: Web Developer - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-06-13]
FF Extension: Toggle Web Developer Toolbar - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}.xpi [2014-11-03]
FF Extension: Adblock Plus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-21]
FF Extension: OkayFreedom - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2015-01-18]
FF Extension: DownThemAll! - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-11-03]
FF Extension: Greasemonkey - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-02-28]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF

Chrome: 
=======
CHR Profile: C:\Users\****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-29]
CHR Extension: (Google Docs) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-29]
CHR Extension: (Google Drive) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-29]
CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-29]
CHR Extension: (uBlock Origin) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-07-29]
CHR Extension: (Google Search) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-29]
CHR Extension: (Tampermonkey) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-07-29]
CHR Extension: (Google Sheets) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-29]
CHR Extension: (Avira Browser Safety) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-07-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2013-10-24] (ArcSoft, Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827184 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1188360 2015-06-11] (Avira Operations GmbH & Co. KG)
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-06-27] (Microsoft Corporation)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-11-16] (EasyAntiCheat Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [324024 2014-12-12] (Steganos Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-03-25] (Electronic Arts)
S4 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-01-30] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-20] ()
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [685568 2013-11-11] () [Datei ist nicht signiert]
R2 SpyroService; C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe [50688 2012-09-20] (FS) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 vmms; C:\Windows\system32\vmms.exe [13784064 2015-04-01] (Microsoft Corporation)
R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [479824 2013-04-09] (VMware, Inc.)
R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479824 2013-04-09] (VMware, Inc.)
R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479824 2013-04-09] (VMware, Inc.)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-04-14] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-24] (Avira Operations GmbH & Co. KG)
S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [75344 2013-02-22] (VMware, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
R3 DroidCam; C:\Windows\system32\DRIVERS\droidcam.sys [33080 2015-04-19] (Dev47Apps)
R3 DroidCamVideo; C:\Windows\system32\DRIVERS\droidcamvideo.sys [229176 2015-04-19] (Windows (R) Win 7 DDK provider)
R3 GameKB; C:\Windows\system32\drivers\GameKB.sys [27648 2012-05-11] ()
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68960 2014-06-27] (Microsoft Corporation)
S1 kwjflwbc; C:\Windows\system32\drivers\kwjflwbc.sys [55168 2015-07-30] (Microsoft Corporation)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2014-06-27] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2013-07-29] (CACE Technologies, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2014-06-27] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2014-06-27] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-06-27] (Microsoft Corporation)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [32472 2014-04-14] (VMware, Inc.)
R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S1 btrtrvgq; \??\C:\Windows\system32\drivers\btrtrvgq.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 EasyAntiCheatSys; \??\C:\Windows\system32\EasyAntiCheat.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-30 14:38 - 2015-07-30 14:38 - 00000000 ____D C:\FRST
2015-07-30 14:36 - 2015-07-30 14:36 - 00000000 _____ C:\Users\****\defogger_reenable
2015-07-30 14:28 - 2015-07-30 14:39 - 00000000 ____D C:\Users\****\Desktop\trojaner weg
2015-07-30 14:12 - 2015-07-30 14:12 - 00055168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kwjflwbc.sys
2015-07-29 13:06 - 2015-07-29 13:06 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-29 13:06 - 2015-07-29 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-29 12:31 - 2015-07-29 12:31 - 00001136 _____ C:\Users\Public\Desktop\Avira.lnk
2015-07-29 12:29 - 2015-07-29 12:29 - 00000000 ____D C:\Users\****\AppData\Local\CEF
2015-07-29 12:26 - 2015-07-29 13:03 - 06420480 _____ C:\Program Files (x86)\GUT5C5.tmp
2015-07-29 12:26 - 2015-07-29 13:03 - 00000000 ____D C:\Program Files (x86)\GUM16E.tmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-30 14:37 - 2014-05-30 15:46 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-30 14:36 - 2014-02-07 19:32 - 00000000 ____D C:\Users\****
2015-07-30 14:35 - 2014-04-25 14:08 - 00000000 __RDO C:\Users\****\SkyDrive
2015-07-30 14:31 - 2015-05-14 12:21 - 00003020 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-07-30 14:31 - 2014-02-07 19:31 - 01505183 _____ C:\Windows\WindowsUpdate.log
2015-07-30 14:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-30 14:29 - 2014-02-07 21:41 - 00000000 ____D C:\Users\****\AppData\Roaming\TS3Client
2015-07-30 14:24 - 2014-04-27 14:03 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-30 14:24 - 2014-02-07 20:01 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2314403856-2824009859-24823230-1001
2015-07-30 14:05 - 2015-02-22 12:45 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-30 14:03 - 2014-04-27 14:03 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-30 14:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-30 14:00 - 2015-02-12 20:09 - 00000000 ____D C:\Users\Administrator
2015-07-30 14:00 - 2014-02-07 19:41 - 01895006 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-30 14:00 - 2013-08-23 01:24 - 00808806 _____ C:\Windows\system32\perfh007.dat
2015-07-30 14:00 - 2013-08-23 01:24 - 00177844 _____ C:\Windows\system32\perfc007.dat
2015-07-30 13:59 - 2014-06-30 17:15 - 27590656 _____ C:\Windows\system32\vmguest.iso
2015-07-30 13:57 - 2014-05-20 19:32 - 00000000 ____D C:\ProgramData\VMware
2015-07-30 13:55 - 2013-08-22 16:46 - 00106207 _____ C:\Windows\setupact.log
2015-07-30 13:55 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-30 13:54 - 2014-02-07 19:46 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-30 13:49 - 2014-02-07 19:16 - 02225528 _____ C:\Windows\PFRO.log
2015-07-29 16:09 - 2015-03-25 17:21 - 00000000 ____D C:\Users\****\AppData\Local\Warframe
2015-07-29 15:41 - 2015-02-22 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2015-07-29 15:41 - 2015-02-22 12:44 - 00000000 ____D C:\Program Files (x86)\mbot_de_528
2015-07-29 15:20 - 2014-10-04 15:55 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2015-07-29 15:09 - 2014-03-01 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DarkComet RAT Legacy
2015-07-29 15:07 - 2015-04-21 14:19 - 00000000 ____D C:\Users\****\AppData\Roaming\UseNeXT
2015-07-29 14:35 - 2015-04-23 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-29 13:40 - 2014-06-02 18:09 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001UA
2015-07-29 13:40 - 2014-06-02 18:09 - 00003698 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001Core
2015-07-29 13:40 - 2014-06-02 18:09 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001UA.job
2015-07-29 13:40 - 2014-06-02 18:09 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001Core.job
2015-07-29 13:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-07-29 13:18 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-29 13:07 - 2014-04-27 14:03 - 00000000 ____D C:\Users\****\AppData\Local\Google
2015-07-29 13:06 - 2014-04-27 14:03 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-29 13:04 - 2014-04-27 14:03 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-29 13:04 - 2014-04-27 14:03 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-29 13:00 - 2015-02-02 15:26 - 00000000 ____D C:\Users\****\Desktop\Root m2
2015-07-29 12:49 - 2015-02-22 12:54 - 00000000 __SHD C:\Users\****\AppData\Local\EmieBrowserModeList
2015-07-29 12:49 - 2014-05-06 17:13 - 00000000 __SHD C:\Users\****\AppData\Local\EmieUserList
2015-07-29 12:49 - 2014-05-06 17:13 - 00000000 __SHD C:\Users\****\AppData\Local\EmieSiteList
2015-07-29 12:31 - 2015-04-23 16:45 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-29 12:31 - 2014-03-21 17:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-05 12:08 - 2014-02-10 19:02 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-29 12:26 - 2015-07-29 13:03 - 6420480 _____ () C:\Program Files (x86)\GUT5C5.tmp
2014-03-12 18:02 - 2014-03-12 19:17 - 1213405855 _____ (InstallShield Software Corporation) C:\Program Files (x86)\S4_League.exe
2014-06-15 14:17 - 2014-08-30 19:59 - 0000132 _____ () C:\Users\****\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-06-08 13:40 - 2014-06-10 14:52 - 0000132 _____ () C:\Users\****\AppData\Roaming\Adobe CS6-Targa-Format - Voreinstellungen
2014-03-08 18:37 - 2014-07-31 16:03 - 0012005 _____ () C:\Users\****\AppData\Roaming\alsoft.ini
2014-05-05 17:33 - 2015-03-21 20:01 - 0000600 _____ () C:\Users\****\AppData\Local\PUTTY.RND
2015-01-25 13:15 - 2015-01-25 13:15 - 0000017 _____ () C:\Users\****\AppData\Local\resmon.resmoncfg
2014-11-10 14:44 - 2014-11-10 14:44 - 0000000 _____ () C:\Users\****\AppData\Local\{A6AC4786-4E59-4667-8DAB-DB440E667991}
2014-05-28 13:51 - 2014-05-28 13:51 - 0000000 _____ () C:\Users\****\AppData\Local\{CCF22136-5DC1-4CF7-8584-B56A6B229720}
2015-04-19 14:35 - 2015-05-03 14:03 - 0000034 _____ () C:\ProgramData\droidcam-settings

Einige Dateien in TEMP:
====================
C:\Users\****\AppData\Local\Temp\avgnt.exe
C:\Users\****\AppData\Local\Temp\ChangeIcon.exe
C:\Users\****\AppData\Local\Temp\D588.exe
C:\Users\****\AppData\Local\Temp\d70KLrQfgdEMhtVoyEiV7.exe
C:\Users\****\AppData\Local\Temp\devcon64.exe
C:\Users\****\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\****\AppData\Local\Temp\dsp_ipp.dll
C:\Users\****\AppData\Local\Temp\EAD16C3.exe
C:\Users\****\AppData\Local\Temp\EAD9E54.exe
C:\Users\****\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\****\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\****\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\****\AppData\Local\Temp\lowproc.exe
C:\Users\****\AppData\Local\Temp\mirc732.exe
C:\Users\****\AppData\Local\Temp\ose00000.exe
C:\Users\****\AppData\Local\Temp\SPSetup.exe
C:\Users\****\AppData\Local\Temp\stubhelper.dll
C:\Users\****\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\****\AppData\Local\Temp\swt-win32-3550-64.dll
C:\Users\****\AppData\Local\Temp\tmpUPX.exe
C:\Users\****\AppData\Local\Temp\UninstallEADM.dll
C:\Users\****\AppData\Local\Temp\UnityWebPlayer4075706568655706697.exe
C:\Users\****\AppData\Local\Temp\xmlUpdater.exe
C:\Users\****\AppData\Local\Temp\_is5AEF.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-06-11 13:54

==================== Ende von log ============================
         
Die Addition.txt kann ich wenn nötig noch in einem extra post nachschicken.

Geändert von luca3546 (30.07.2015 um 15:30 Uhr)

Alt 30.07.2015, 15:38   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



Hi,
Zitat:
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe
[Cracked Steam Service] => "c:\program files (x86)\cracked steam\Cracked AntiSteam.exe" /SERVICE
Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________

__________________

Alt 30.07.2015, 15:46   #3
luca3546
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



So hab beides jetzt gelöscht und Nochmal neu gescannt.
FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von **** (Administrator) auf NETADMIN (30-07-2015 15:42:21)
Gestartet von C:\Users\****\Desktop\trojaner weg
Geladene Profile: **** & Administrator (Verfügbare Profile: **** & Administrator)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser Pfad: "C:\Users\****\AppData\Local\Vivaldi\Application\vivaldi.exe" -- "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(FS) C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.203.736.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112856 2014-04-14] (VMware, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-27] (Geek Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [730416 2015-06-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [37632 2014-01-30] (Overwolf LTD)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [wcfkvx.exe] => C:\Users\****\AppData\Roaming\bugfxa\wcfkvx.exe
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [Google Update] => C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-02] (Google Inc.)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [MAPMAKER" Launcher] => C:\Users\****\Desktop\MapMaker Launcher 2.8.7.7.exe -silent
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [Spotify Web Helper] => C:\Users\****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-20] (Spotify Ltd)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-12-04] ()
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6517160 2014-12-12] (Steganos Software GmbH)
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Run: [Spotify] => C:\Users\****\AppData\Roaming\Spotify\Spotify.exe [6701624 2015-03-20] (Spotify Ltd)
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [246080 2014-11-27] ()
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => "C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL" Datei nicht gefunden
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2014-11-18]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-02-15]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:1403;https=127.0.0.1:1403
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
URLSearchHook: [S-1-5-21-2314403856-2824009859-24823230-500] ATTENTION ==> Standard URLSearchHook fehlt
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2314403856-2824009859-24823230-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2314403856-2824009859-24823230-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=21&locale=de_DE&gct=kwd&qsrc=2869
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: youtubeadblocker -> {6884511e-368a-4c51-8e81-7bad72988a3c} -> C:\Program Files (x86)\youtubeadblocker\4SzgjWPifBozkO.x64.dll Keine Datei
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll [2014-09-01] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll [2014-09-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-06] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-06] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2314403856-2824009859-24823230-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0D3339BE-97FE-420F-8A80-15C50715EE1C}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B13453D3-7683-40A3-ADDB-255F33513804}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B9EEEB35-9911-4B69-B7E6-76814888DF09}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{FE254F83-9638-42B8-8947-E1C1134CE33D}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll [2014-02-25] ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-09-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-09-01] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll [2014-02-25] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-2314403856-2824009859-24823230-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2314403856-2824009859-24823230-1001: @talk.google.com/O1DPlugin -> C:\Users\****\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2314403856-2824009859-24823230-1001: @tools.google.com/Google Update;version=3 -> C:\Users\****\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2314403856-2824009859-24823230-1001: @tools.google.com/Google Update;version=9 -> C:\Users\****\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2314403856-2824009859-24823230-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\****\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\searchplugins\trovi-search.xml [2014-10-05]
FF Extension: Firefox OS 2.0 Simulator - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\fxos_2_0_simulator@mozilla.org [2015-02-01]
FF Extension: Firefox OS 2.1 Simulator - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\fxos_2_1_simulator@mozilla.org [2015-02-01]
FF Extension: Firefox OS 2.2 Simulator - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\fxos_2_2_simulator@mozilla.org [2015-04-03]
FF Extension: Mozilla Firefox Hotfixer - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\veggy@veggyAddon.com [2015-03-24]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{09ca032b-423b-a460-505c-3be0233d6d11} [2015-05-20]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{0fd0c47c-7f90-d92e-b29d-b2b5201879ad} [2015-03-10]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{328c0144-2817-0585-11ac-8ba69979846b} [2015-05-27]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{52506c65-92ab-1d17-5dcb-7225eb1fb0e2} [2015-05-22]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{574bc6e9-ffe9-9667-e080-637221010d62} [2015-06-02]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{64be4785-8e92-f6ec-4ca0-6338578aaa3b} [2015-06-11]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{6d22d23c-4162-5b3e-ce9c-d162935ac893} [2015-05-22]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{7d6f078b-acb1-cc1a-6ff0-d51bedb5aea4} [2015-05-22]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{93e739aa-028d-5c23-736a-87676804ff76} [2015-05-27]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{9e2d4b58-1428-9f58-d1c1-f82f02907a12} [2015-06-11]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{ad0c2e6f-a938-2d4d-f896-170173210afb} [2015-06-11]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{b0ba5b91-7dce-3908-b4cf-7b1df5b61970} [2015-05-27]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{b4f3b79f-d1ea-0a96-ddd6-392ccc78c06d} [2015-06-11]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{c1b5deba-26ba-3b2f-c4e0-82948ff9c70d} [2015-05-22]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{ccce9d5c-fe80-b720-752f-f88a7653be6c} [2015-05-27]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{d1eb472f-6982-143e-1935-87555dd27bec} [2015-06-11]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{dbd38648-fbec-ea42-e6c9-f8e9c3155469} [2015-05-22]
FF Extension: Zoom It - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{ea240ad1-5851-bbf2-45f7-ec839443a71a} [2015-05-20]
FF Extension: Firebug - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\firebug@software.joehewitt.com.xpi [2015-02-01]
FF Extension: MEGA - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\firefox@mega.co.nz.xpi [2015-02-19]
FF Extension: Web Developer - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-06-13]
FF Extension: Toggle Web Developer Toolbar - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}.xpi [2014-11-03]
FF Extension: Adblock Plus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-21]
FF Extension: OkayFreedom - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2015-01-18]
FF Extension: DownThemAll! - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-11-03]
FF Extension: Greasemonkey - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\lilx2re2.default-1402395754761\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-02-28]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF

Chrome: 
=======
CHR Profile: C:\Users\****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-29]
CHR Extension: (Google Docs) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-29]
CHR Extension: (Google Drive) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-29]
CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-29]
CHR Extension: (uBlock Origin) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-07-29]
CHR Extension: (Google Search) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-29]
CHR Extension: (Tampermonkey) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-07-29]
CHR Extension: (Google Sheets) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-29]
CHR Extension: (Avira Browser Safety) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-07-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2013-10-24] (ArcSoft, Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827184 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1188360 2015-06-11] (Avira Operations GmbH & Co. KG)
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-06-27] (Microsoft Corporation)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-11-16] (EasyAntiCheat Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [324024 2014-12-12] (Steganos Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-03-25] (Electronic Arts)
S4 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-01-30] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-20] ()
R2 SpyroService; C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe [50688 2012-09-20] (FS) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 vmms; C:\Windows\system32\vmms.exe [13784064 2015-04-01] (Microsoft Corporation)
R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [479824 2013-04-09] (VMware, Inc.)
R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479824 2013-04-09] (VMware, Inc.)
R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479824 2013-04-09] (VMware, Inc.)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-04-14] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-24] (Avira Operations GmbH & Co. KG)
S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [75344 2013-02-22] (VMware, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
R3 DroidCam; C:\Windows\system32\DRIVERS\droidcam.sys [33080 2015-04-19] (Dev47Apps)
R3 DroidCamVideo; C:\Windows\system32\DRIVERS\droidcamvideo.sys [229176 2015-04-19] (Windows (R) Win 7 DDK provider)
R3 GameKB; C:\Windows\system32\drivers\GameKB.sys [27648 2012-05-11] ()
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68960 2014-06-27] (Microsoft Corporation)
S1 kwjflwbc; C:\Windows\system32\drivers\kwjflwbc.sys [55168 2015-07-30] (Microsoft Corporation)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2014-06-27] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2013-07-29] (CACE Technologies, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2014-06-27] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2014-06-27] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-06-27] (Microsoft Corporation)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [32472 2014-04-14] (VMware, Inc.)
R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S1 btrtrvgq; \??\C:\Windows\system32\drivers\btrtrvgq.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 EasyAntiCheatSys; \??\C:\Windows\system32\EasyAntiCheat.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-30 14:38 - 2015-07-30 14:38 - 00000000 ____D C:\FRST
2015-07-30 14:36 - 2015-07-30 14:36 - 00000000 _____ C:\Users\****\defogger_reenable
2015-07-30 14:28 - 2015-07-30 14:39 - 00000000 ____D C:\Users\****\Desktop\trojaner weg
2015-07-30 14:12 - 2015-07-30 14:12 - 00055168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kwjflwbc.sys
2015-07-29 13:06 - 2015-07-29 13:06 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-29 13:06 - 2015-07-29 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-29 12:31 - 2015-07-29 12:31 - 00001136 _____ C:\Users\Public\Desktop\Avira.lnk
2015-07-29 12:29 - 2015-07-29 12:29 - 00000000 ____D C:\Users\****\AppData\Local\CEF
2015-07-29 12:26 - 2015-07-29 13:03 - 06420480 _____ C:\Program Files (x86)\GUT5C5.tmp
2015-07-29 12:26 - 2015-07-29 13:03 - 00000000 ____D C:\Program Files (x86)\GUM16E.tmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-30 14:37 - 2014-05-30 15:46 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-30 14:36 - 2014-02-07 19:32 - 00000000 ____D C:\Users\****
2015-07-30 14:35 - 2014-04-25 14:08 - 00000000 __RDO C:\Users\****\SkyDrive
2015-07-30 14:31 - 2015-05-14 12:21 - 00003020 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-07-30 14:31 - 2014-02-07 19:31 - 01505183 _____ C:\Windows\WindowsUpdate.log
2015-07-30 14:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-30 14:29 - 2014-02-07 21:41 - 00000000 ____D C:\Users\****\AppData\Roaming\TS3Client
2015-07-30 14:24 - 2014-04-27 14:03 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-30 14:24 - 2014-02-07 20:01 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2314403856-2824009859-24823230-1001
2015-07-30 14:05 - 2015-02-22 12:45 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-30 14:03 - 2014-04-27 14:03 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-30 14:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-30 14:00 - 2015-02-12 20:09 - 00000000 ____D C:\Users\Administrator
2015-07-30 14:00 - 2014-02-07 19:41 - 01895006 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-30 14:00 - 2013-08-23 01:24 - 00808806 _____ C:\Windows\system32\perfh007.dat
2015-07-30 14:00 - 2013-08-23 01:24 - 00177844 _____ C:\Windows\system32\perfc007.dat
2015-07-30 13:59 - 2014-06-30 17:15 - 27590656 _____ C:\Windows\system32\vmguest.iso
2015-07-30 13:57 - 2014-05-20 19:32 - 00000000 ____D C:\ProgramData\VMware
2015-07-30 13:55 - 2013-08-22 16:46 - 00106207 _____ C:\Windows\setupact.log
2015-07-30 13:55 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-30 13:54 - 2014-02-07 19:46 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-30 13:49 - 2014-02-07 19:16 - 02225528 _____ C:\Windows\PFRO.log
2015-07-29 16:09 - 2015-03-25 17:21 - 00000000 ____D C:\Users\****\AppData\Local\Warframe
2015-07-29 15:41 - 2015-02-22 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2015-07-29 15:41 - 2015-02-22 12:44 - 00000000 ____D C:\Program Files (x86)\mbot_de_528
2015-07-29 15:20 - 2014-10-04 15:55 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2015-07-29 15:07 - 2015-04-21 14:19 - 00000000 ____D C:\Users\****\AppData\Roaming\UseNeXT
2015-07-29 14:35 - 2015-04-23 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-29 13:40 - 2014-06-02 18:09 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001UA
2015-07-29 13:40 - 2014-06-02 18:09 - 00003698 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001Core
2015-07-29 13:40 - 2014-06-02 18:09 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001UA.job
2015-07-29 13:40 - 2014-06-02 18:09 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001Core.job
2015-07-29 13:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-07-29 13:18 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-29 13:07 - 2014-04-27 14:03 - 00000000 ____D C:\Users\****\AppData\Local\Google
2015-07-29 13:06 - 2014-04-27 14:03 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-29 13:04 - 2014-04-27 14:03 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-29 13:04 - 2014-04-27 14:03 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-29 13:00 - 2015-02-02 15:26 - 00000000 ____D C:\Users\****\Desktop\Root m2
2015-07-29 12:49 - 2015-02-22 12:54 - 00000000 __SHD C:\Users\****\AppData\Local\EmieBrowserModeList
2015-07-29 12:49 - 2014-05-06 17:13 - 00000000 __SHD C:\Users\****\AppData\Local\EmieUserList
2015-07-29 12:49 - 2014-05-06 17:13 - 00000000 __SHD C:\Users\****\AppData\Local\EmieSiteList
2015-07-29 12:31 - 2015-04-23 16:45 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-29 12:31 - 2014-03-21 17:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-05 12:08 - 2014-02-10 19:02 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-29 12:26 - 2015-07-29 13:03 - 6420480 _____ () C:\Program Files (x86)\GUT5C5.tmp
2014-03-12 18:02 - 2014-03-12 19:17 - 1213405855 _____ (InstallShield Software Corporation) C:\Program Files (x86)\S4_League.exe
2014-06-15 14:17 - 2014-08-30 19:59 - 0000132 _____ () C:\Users\****\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-06-08 13:40 - 2014-06-10 14:52 - 0000132 _____ () C:\Users\****\AppData\Roaming\Adobe CS6-Targa-Format - Voreinstellungen
2014-03-08 18:37 - 2014-07-31 16:03 - 0012005 _____ () C:\Users\****\AppData\Roaming\alsoft.ini
2014-05-05 17:33 - 2015-03-21 20:01 - 0000600 _____ () C:\Users\****\AppData\Local\PUTTY.RND
2015-01-25 13:15 - 2015-01-25 13:15 - 0000017 _____ () C:\Users\****\AppData\Local\resmon.resmoncfg
2014-11-10 14:44 - 2014-11-10 14:44 - 0000000 _____ () C:\Users\****\AppData\Local\{A6AC4786-4E59-4667-8DAB-DB440E667991}
2014-05-28 13:51 - 2014-05-28 13:51 - 0000000 _____ () C:\Users\****\AppData\Local\{CCF22136-5DC1-4CF7-8584-B56A6B229720}
2015-04-19 14:35 - 2015-05-03 14:03 - 0000034 _____ () C:\ProgramData\droidcam-settings

Einige Dateien in TEMP:
====================
C:\Users\****\AppData\Local\Temp\avgnt.exe
C:\Users\****\AppData\Local\Temp\ChangeIcon.exe
C:\Users\****\AppData\Local\Temp\D588.exe
C:\Users\****\AppData\Local\Temp\d70KLrQfgdEMhtVoyEiV7.exe
C:\Users\****\AppData\Local\Temp\devcon64.exe
C:\Users\****\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\****\AppData\Local\Temp\dsp_ipp.dll
C:\Users\****\AppData\Local\Temp\EAD16C3.exe
C:\Users\****\AppData\Local\Temp\EAD9E54.exe
C:\Users\****\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\****\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\****\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\****\AppData\Local\Temp\lowproc.exe
C:\Users\****\AppData\Local\Temp\mirc732.exe
C:\Users\****\AppData\Local\Temp\ose00000.exe
C:\Users\****\AppData\Local\Temp\SPSetup.exe
C:\Users\****\AppData\Local\Temp\stubhelper.dll
C:\Users\****\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\****\AppData\Local\Temp\swt-win32-3550-64.dll
C:\Users\****\AppData\Local\Temp\tmpUPX.exe
C:\Users\****\AppData\Local\Temp\UninstallEADM.dll
C:\Users\****\AppData\Local\Temp\UnityWebPlayer4075706568655706697.exe
C:\Users\****\AppData\Local\Temp\xmlUpdater.exe
C:\Users\****\AppData\Local\Temp\_is5AEF.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-06-11 13:54

==================== Ende von log ============================
         
Jetzt sollte aber alles richtig sein und wenn nicht bitte nochmal drauf hinweisen.
__________________

Alt 30.07.2015, 16:00   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



Du hast auch die Software deinstalliert?
KMSpico = MS-Office-Crack
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.07.2015, 16:03   #5
luca3546
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



Ja musste ich ja sonst bekomme ich ja keine Hilfe


Alt 30.07.2015, 16:04   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



Ok Dann poste bitte auch ein aktuelles addition.txt Logfile
__________________
--> Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL

Alt 30.07.2015, 16:15   #7
luca3546
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von ***** (2015-07-30 14:40:30)
Gestartet von C:\Users\****\Desktop\trojaner weg
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2314403856-2824009859-24823230-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-2314403856-2824009859-24823230-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2314403856-2824009859-24823230-1006 - Limited - Enabled)
**** (S-1-5-21-2314403856-2824009859-24823230-1001 - Administrator - Enabled) => C:\Users\*****
___VMware_Conv_SA___ (S-1-5-21-2314403856-2824009859-24823230-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Alcatech BPM Studio Professional v4.9.1 (HKLM-x32\...\Alcatech BPM Studio Professional v4.9.1) (Version:  - )
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
AnySend (HKLM-x32\...\ASPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION!
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aptana Studio (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Aptana Studio 3.6.0) (Version: 3.6.0 - Appcelerator)
Aptana Studio (x32 Version: 3.6.0 - Appcelerator) Hidden
ArcSoft MediaConverter 8 (HKLM-x32\...\{2CAD3C16-ACD0-43E5-81DA-7E56C3E5336C}) (Version: 8.0.0.21 - ArcSoft)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Batman: Arkham City™ (HKLM-x32\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (x32 Version: 1.0.0000.131 - WB Games) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4078 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{0BED0B96-70B8-4893-884B-DC485DC8C1B7}) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Celestia 1.6.1 (HKLM-x32\...\Celestia_is1) (Version:  - Shatters Software)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
CodeBlocks (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version:  - )
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Entity Framework 6.1.0 Tools  for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation)
FileZilla Client 3.7.4.1 (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.47.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.47.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Git version 1.8.4-preview20130916 (HKLM-x32\...\Git_is1) (Version: 1.8.4-preview20130916 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HeadStrong WebClicker v2.56 (HKLM-x32\...\WebClicker) (Version: 2.56 - Moritz Bartl (HeadStrong Software))
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HexChat (HKLM-x32\...\HexChat_is1) (Version: 2.10.0 - HexChat)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
IP Camera DS Filter (HKLM-x32\...\IPCameraDSFilter) (Version: 5.8.0.0 - Moonware Studios)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Just Cause 2: Multiplayer - Dedicated Server (HKLM-x32\...\Steam App 261140) (Version:  - )
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.31 - www.leaguereplays.com)
LÖVE 0.9.1 (HKLM-x32\...\LOVE) (Version: 0.9.1 - love2d.org)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{F6E484FB-BC48-4A63-8186-E25DF4607B3B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.2.8 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Version: 13.0.2.8 - MAGIX AG) Hidden
Maniac Mansion Deluxe (HKLM-x32\...\Maniac Mansion Deluxe) (Version:  - )
Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Metasploit (HKLM-x32\...\Metasploit 4.9.2) (Version: 4.9.2 - Rapid7)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{84e72603-1a6a-4c51-81b3-de36aabcc4f8}) (Version: 12.0.30501 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
MK LOL (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\MK LOL) (Version:  - )
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyBestOffersToday 014.15 (HKLM-x32\...\rec_de_15_is1) (Version:  - MYBESTOFFERSTODAY) <==== ATTENTION
MyBestOffersToday 014.16 (HKLM-x32\...\rec_de_16_is1) (Version:  - MYBESTOFFERSTODAY) <==== ATTENTION
MyBestOffersToday 014.528 (HKLM-x32\...\mbot_de_528_is1) (Version:  - MYBESTOFFERSTODAY) <==== ATTENTION
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.1 - Black Tree Gaming)
Node.js (HKLM-x32\...\{2D41A012-35EE-4724-AE8E-E592EDD9F89D}) (Version: 0.10.13 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.4.1 - Steganos Software GmbH)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\{A7234617-513C-4292-A013-7DD915493BDA}) (Version: 0.49.305 - Overwolf)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Panda3D 1.8.1 (HKLM-x32\...\Panda3D 1.8.1) (Version:  - )
PDF Editor 4 (HKLM-x32\...\PDF Editor 4) (Version:  - )
PDF24 Creator 6.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlanetSide 2 (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Python 3.4.0 (HKLM-x32\...\{a37f2d73-72d1-364d-ba5d-cea430bcc040}) (Version: 3.4.150 - Python Software Foundation)
Python 3.4.1 (64-bit) (HKLM\...\{d54842cb-f761-30ba-881f-1ff821dc44df}) (Version: 3.4.1150 - Python Software Foundation)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
RMPrepUSB (HKLM-x32\...\RMPrepUSB) (Version:  - )
ROCCAT Power-Grid Version 0.459 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.459 - ROCCAT GmbH)
S4 League_EU (HKLM-x32\...\{44FDF833-3FFD-4305-BB3E-AFE6CD2783C5}) (Version: 1.00.0000 - )
Sam and Max - Season One - Sam and Max Episode 104 - Abe Lincoln Must Die! (HKLM-x32\...\Episode 104 - Abe Lincoln Must Die!) (Version: 2.0.0.8 - Telltale Games)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.19.0.260 - Client Connect LTD) <==== ATTENTION
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHARKOON Skiller (HKLM-x32\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - )
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
Sothink SWF Decompiler (HKLM-x32\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Spotify (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Spotify) (Version: 1.0.2.6.g9977a14b - Spotify AB)
Spotydl 0.9.36.0 (HKLM-x32\...\Spotydl_is1) (Version: 0.9.36.0 - spotydl.com)
SpyroDriver (HKLM-x32\...\{63104E84-532C-4011-A4F4-AD6EDF8CC214}) (Version: 1.09.0000 - Ihr Firmenname)
SpyroPortalDriver (HKLM\...\{B2913230-094D-4F41-9EEF-CE9571C450D8}) (Version: 1.0.0 - FS)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Subnautica (HKLM-x32\...\Steam App 264710) (Version:  - Unknown Worlds Entertainment)
SUPER © v2015.build.64+Recorder (2015/02/13) Version v2015.buil (HKLM-x32\...\{8E2A29E2-96BF-8759-4DA7-5C16C90729A4}_is1) (Version: v2015.build.64+Recorder - eRightSoft)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.018 - MSI)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
TortoiseSVN 1.8.6.25419 (64 bit) (HKLM\...\{0DD7C466-163D-4901-AD4B-E78EEFD7FE01}) (Version: 1.8.25419 - TortoiseSVN)
Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.1268.1 - Hi-Rez Studios)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
UniDeals (HKLM-x32\...\{11F6D5AB-263F-388E-74DE-E3DECD390E3F}) (Version:  - ) <==== ATTENTION
Unified Remote (HKLM-x32\...\{D7930C67-5816-417B-BF28-54BB75EFDAF9}) (Version: 2.14.4.0 - Unified Remote)
Unity Web Player (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Unreal Development Kit (HKLM-x32\...\Steam App 13260) (Version:  - Epic Games)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 5.0 - Ubisoft)
VirtualDJ 8 (HKLM-x32\...\{9652ACA0-38A4-4BF8-B15E-2317D41D0AE3}) (Version: 8.0.2139.0 - Atomix Productions)
Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation)
Vivaldi (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\Vivaldi) (Version: 1.0.162.9 - Vivaldi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware vCenter Converter Standalone (HKLM-x32\...\{17C3235A-A4B9-44ED-8794-54D8408F9733}) (Version: 5.1.0.1087880 - VMware, Inc.)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.2 - VMware, Inc)
VMware Workstation (Version: 10.0.2 - VMware, Inc.) Hidden
VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wajam (HKLM-x32\...\WaInterEnhance) (Version: 2.21.2.29 (i2.6) - WaInterEnhance) <==== ATTENTION
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebBrowser (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\2278daf9087db821) (Version: 1.0.0.0 - WebBrowser)
WebBrowser 2 (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\80c533a17c8227d9) (Version: 1.0.0.3 - WebBrowser 2)
webcamXP 5 Free (HKLM-x32\...\wLite) (Version: 5.9.2.0 - Moonware Studios)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.131 - MSI)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinX Free VOB to MP4 Converter 5.0.5 (HKLM-x32\...\WinX Free VOB to MP4 Converter_is1) (Version:  - Digiarty Software, Inc.)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-3 - Bitnami)
XSplit Broadcaster (HKLM-x32\...\{7BC30FB1-9AA6-4B0C-8E5A-574EA5B6CB2F}) (Version: 2.3.1505.0542 - SplitmediaLabs)
XSplit Gamecaster (HKLM-x32\...\{27E6D8B1-70BC-4981-AE4D-B7C73475C416}) (Version: 1.8.1406.0910 - SplitmediaLabs)
YTD Video Downloader 4.8.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.1 - GreenTree Applications SRL) <==== ATTENTION
Zeta Producer 12 12.1.0 (nur entfernen) (HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\ZetaProducer12) (Version: 12.1.0 - Zeta Software GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\****\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\****\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\****\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\****\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\****\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\****\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\****\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2314403856-2824009859-24823230-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\****\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll Keine Datei

==================== Wiederherstellungspunkte =========================

30-07-2015 14:34:40 Microsoft Visual Studio Ultimate 2013

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {39B22DC9-A659-4177-9356-6DAE4FFEF1BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)
Task: {5C41FD13-6766-414B-9E06-DE21A505BCC7} - System32\Tasks\Opera scheduled Autoupdate 1424601971 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software)
Task: {77C7FB37-965A-450F-8192-0029ED5513AE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001Core => C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-02] (Google Inc.)
Task: {9343642A-F861-4725-BBBF-903C6B094F2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)
Task: {CFF48FD0-9067-4656-8EAC-BAD0B282C758} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001UA => C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-02] (Google Inc.)
Task: {D4CEA0BF-ABCE-4C10-B079-4940A298F0AC} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-08-31] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001Core.job => C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2314403856-2824009859-24823230-1001UA.job => C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-03-08 18:24 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-20 12:52 - 2014-06-20 12:52 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-14 16:04 - 2014-04-14 16:04 - 14407384 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2014-04-12 14:48 - 2014-04-12 14:48 - 00076016 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-04-12 14:48 - 2014-04-12 14:48 - 00088816 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2015-02-12 17:58 - 2013-09-16 13:15 - 00718377 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-20 09:40 - 2012-09-20 09:40 - 00181248 _____ () C:\Program Files (x86)\FS\Spyro Portal\SpyroLibrary.dll
2013-04-09 07:49 - 2013-04-09 07:49 - 00086096 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\mspack.dll
2013-04-09 07:37 - 2013-04-09 07:37 - 01296976 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\libxml2.dll
2013-04-09 07:37 - 2013-04-09 07:37 - 00542288 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\sqlite3.dll
2014-04-14 16:41 - 2014-04-14 16:41 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-02-11 21:29 - 2014-02-11 21:29 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-04-12 13:45 - 2014-04-12 13:45 - 00065776 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-11-30 07:32 - 2014-11-30 07:32 - 00151552 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCam.dll
2014-11-30 07:38 - 2014-11-30 07:38 - 00077824 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter.ax
2014-11-30 21:48 - 2014-11-30 21:48 - 00086016 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter240p.ax
2015-07-29 13:06 - 2015-07-25 10:46 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-07-29 13:06 - 2015-07-25 10:46 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll
2015-07-29 13:06 - 2015-07-25 10:46 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows\system32\Drivers\kwjflwbc.sys:changelist
AlternateDataStreams: C:\ProgramData\TEMP:B606BA34
AlternateDataStreams: C:\Users\****\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\****\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\****\SkyDrive (3).old:ms-properties
AlternateDataStreams: C:\Users\****\SkyDrive (4).old:ms-properties
AlternateDataStreams: C:\Users\****\SkyDrive (5).old:ms-properties
AlternateDataStreams: C:\Users\****\SkyDrive (6).old:ms-properties
AlternateDataStreams: C:\Users\****\SkyDrive.old:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\sony.com -> sony.com


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2314403856-2824009859-24823230-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: TeamViewer9 => 2
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Super-Charger"
HKLM\...\StartupApproved\Run32: => "mbot_de_528"
HKLM\...\StartupApproved\Run32: => "rec_de_15"
HKLM\...\StartupApproved\Run32: => "rec_de_16"
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\StartupFolder: => "MoviestarplanetHack.lnk"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "OKAYFREEDOM_Agent"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "MicroUpdate"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "wcfkvx.exe"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "EA Core"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "MAPMAKER™ Launcher"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "MK LOL"
HKU\S-1-5-21-2314403856-2824009859-24823230-1001\...\StartupApproved\Run: => "Sony PC Companion"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{732C319B-2564-40D1-88AE-E10AA312CB7E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{711A7341-3457-4156-912F-78E95F9205ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5C9C979E-2B5C-47D9-B746-E5015FDC3153}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B3EA2270-3697-4AAF-BED5-34CFEFA95EDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{5A917C96-EB3D-4F33-9FBB-ACD94B8FE9D0}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{BE41B3E2-5BB5-40C2-97AE-96C5C82D9132}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{EF057D88-5BFF-404D-9051-2CA3D1AE23D7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B0028EED-94EC-4B6A-B0A3-92C6946D0A17}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{93679C38-F418-415E-922B-35388BB24B97}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{925F1760-73B8-40AB-8A11-65D42903ED0A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{EDDEDAF8-C3C2-4F08-B964-68A14E7AC247}] => (Allow) C:\Windows\system32\SoundRecorder.exe
FirewallRules: [{729FFC48-11CF-4780-ADD2-86CE075FB0C0}] => (Allow) C:\Windows\system32\SoundRecorder.exe
FirewallRules: [{ABBCA14A-D516-4DC2-9D73-E5B6B0B0200D}] => (Allow) C:\Windows\system32\SoundRecorder.exe
FirewallRules: [{0A6E724E-BA75-4605-AADF-BB76EBC64B27}] => (Allow) C:\Windows\system32\SoundRecorder.exe
FirewallRules: [{20CB7A18-5BCF-4F0C-ABED-7E7D7AFAB56E}] => (Allow) C:\Users\****\Desktop\Minecraft.exe
FirewallRules: [{AD74B841-224E-475B-992C-A5F39810CF7D}] => (Allow) C:\Users\****\Desktop\Minecraft.exe
FirewallRules: [{745A2CBC-7169-4744-A771-8EFC879B5DF8}] => (Allow) C:\Users\****\Desktop\Minecraft.exe
FirewallRules: [{917CF35B-6180-42E6-A984-B43CF4FE9C70}] => (Allow) C:\Users\****\Desktop\Minecraft.exe
FirewallRules: [TCP Query User{2C102BB4-AA19-4B2B-B222-CCC055C59EC9}C:\users\****\appdata\local\mcmyadmin\mcmyadmin.exe] => (Allow) C:\users\****\appdata\local\mcmyadmin\mcmyadmin.exe
FirewallRules: [UDP Query User{DF993712-BBA3-4109-88FA-7D5259CF0C2C}C:\users\****\appdata\local\mcmyadmin\mcmyadmin.exe] => (Allow) C:\users\****\appdata\local\mcmyadmin\mcmyadmin.exe
FirewallRules: [TCP Query User{CB84817C-FFD1-4D72-8F03-150538103373}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{627A8044-578B-4610-A757-34242B97CF33}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{87AC6157-E2B1-41F8-8990-E87457A50B32}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D74EFCB4-3660-4FF5-B88E-5ABFF9FE74BB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E6B275B6-F339-4815-9CBA-7A82BE87F0CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B9D5BC7B-AA53-4BDB-94E7-4CA61CFA6A3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DC4AB84F-E0CF-4E92-9E2F-A97D43EB8430}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C9A82582-43B3-4123-A87C-71D662B1F85B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6AF0AF54-FC4E-4524-8B33-609F909ABEAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{492ACAAF-5201-4589-BB0D-8A975187A9A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{05504D27-D419-4775-96DA-F34951151182}C:\steamcmd\tfc\hltv.exe] => (Allow) C:\steamcmd\tfc\hltv.exe
FirewallRules: [UDP Query User{2D9CE0CA-F34A-440A-84B1-B40C391A3EBD}C:\steamcmd\tfc\hltv.exe] => (Allow) C:\steamcmd\tfc\hltv.exe
FirewallRules: [{BA5F2BF4-094F-489C-9569-5C20872D1707}] => (Block) C:\steamcmd\tfc\hltv.exe
FirewallRules: [{4824A510-E295-4153-B92D-10E418C47D6A}] => (Block) C:\steamcmd\tfc\hltv.exe
FirewallRules: [{20A344C3-B1B6-4638-A626-E6BFFD586702}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{7DD90771-F842-4CD4-9DBF-D4D0B480301D}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{44B4886B-A2C5-4CC7-93FA-EFF33C8A6C78}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{2437F728-22A1-4D7B-92B8-B2A3531DD5F1}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{48C0CCC6-FC44-4024-A170-FFDDC0A3D240}] => (Allow) LPort=9089
FirewallRules: [{4EFC4183-6ABF-4A0B-8E9E-422F467DFE8C}] => (Allow) LPort=56789
FirewallRules: [{DE96D55B-62A8-4D56-8340-70CB9C9FA6A7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A11C03A2-7C9B-46B7-BB6F-F1AE9CC38C8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{AEABED08-6404-4ECE-9F37-4FBB9B2A5292}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{C27D6771-F3D7-4C05-BA83-693922E62083}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{A39700DE-7AED-4B25-A0BF-88EE60C75854}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{64AD5E29-BE3B-479A-BE50-A52B1DE13B71}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{CACB4F2B-EAEA-44F3-9DE4-1DE6E56451AF}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [UDP Query User{D12FD925-773B-45B5-BD2E-CE44AB4F721C}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [{06CF7FD7-9D20-400B-885A-350214240D4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{FBD784D7-AFAE-4132-8EB6-E9DD04FA014E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{777E8957-27BE-47A8-AEA1-AF5EC0CE789D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{EDBA3E48-8688-423C-9BFC-AB381A00F469}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{A315063C-6DC2-4EF6-B8A2-48AB1103E6C6}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{D6A37F47-8945-44CB-9643-06E38D6D73CC}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{E7725E8B-8614-450F-995F-ECEF0ADDEC77}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{7C011986-760C-4BC7-86E6-76BD2B32F882}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{37255073-C2D3-48F6-8A4E-A5EC4EA29650}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{654724A3-3FF4-4FD8-9766-0A597DC14E50}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{48406531-6C10-4331-93B5-ED326417D4A3}] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{16930094-F2FF-4433-90CC-FD35606E7815}] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{D3235F2E-2FC0-40BF-A161-7BD52767C461}] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [{DFDCEADE-4951-4A17-A02A-703FFA3E9DF1}] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{8D9B3A52-3A8F-4372-A285-3E3028953176}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{44201339-EB7C-4968-8364-5835032B5D22}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [{95BB3AF6-0E88-4A25-823F-2236CFEC017F}] => (Block) C:\xampp\mercurymail\mercury.exe
FirewallRules: [{6A87A0A0-5981-4272-B2AA-88083A0FFCE7}] => (Block) C:\xampp\mercurymail\mercury.exe
FirewallRules: [{8D5670C3-820F-4F5D-A3A4-B1123FAB24FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{01AE1322-A293-4CBB-81D9-5F682C059B5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{8CF65655-6F9C-43EC-9D7F-6CDA6039F9BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{E9ED8DE6-FF8A-4451-AF4E-877C7166C8C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{775A9001-220D-4E2F-BDE3-205C4B813CA5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{2317F3B8-F4F4-442F-A4A8-75D8296DCC69}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{AE1FF8E5-8E0F-45CD-ABA8-F738CE4868FC}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{8CB670F0-5E13-4DF0-9E1B-3E9A18DDEF1F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{DE9B83A7-BC9B-4EA5-9E18-83B216414316}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{9677666B-DB11-4D7D-8F22-FED80935E498}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{DAFEA028-A772-4D96-9856-2616FC59603D}] => (Block) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{F002EECD-CC5A-4B1E-A9EC-A9E7D5DBDE7B}] => (Block) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{FED06B71-42E3-4C7B-A60F-A462BA9C16DB}C:\program files (x86)\hexchat\hexchat.exe] => (Allow) C:\program files (x86)\hexchat\hexchat.exe
FirewallRules: [UDP Query User{2868629E-5B6C-4DEF-B0AD-C853726F975C}C:\program files (x86)\hexchat\hexchat.exe] => (Allow) C:\program files (x86)\hexchat\hexchat.exe
FirewallRules: [{CC92D891-86C0-418A-98D5-01491D75C319}] => (Block) C:\program files (x86)\hexchat\hexchat.exe
FirewallRules: [{E9BDC506-FED4-4E12-AC91-FE16D8E6ADDD}] => (Block) C:\program files (x86)\hexchat\hexchat.exe
FirewallRules: [TCP Query User{60413786-F63D-4114-9690-7AE833A57758}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FCD4630B-2D9D-4EB9-9F44-180E3EDCA943}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{519415C0-042F-43AB-BAAF-D643C3799180}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0978C166-3D9D-4BD9-B57A-E56556FCF2B5}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{50071652-395F-40E3-89B8-90E0C1D6612C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C8F5C8E3-C259-40C5-9E23-8D93FADA9A9F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C724D943-A674-4BF5-998F-05A0903CD40A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{67D1FA49-9FCB-49D0-A7B5-938DCA25AEB8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F24C6C18-4D66-40FB-906F-5435A57E3479}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [{7B934BAB-41B5-46F0-A261-EDA73ECB6504}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [TCP Query User{46E5C2C2-2E6C-4B4E-8391-4E69FFCD3C48}C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [UDP Query User{588F784B-4FC7-482B-A628-89C80FD956D8}C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [{FCBBA9B0-E013-4C34-83FA-AAEC26708A64}] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [{A2FE989B-5E39-4D8D-96C7-A18449EAEFB3}] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [{A6D2959D-96CB-4288-ADDF-E5D67E4FCE37}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{B8255440-CFE0-457C-B25B-D28CA21C9E87}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{34B1B68D-8746-4D85-8E01-5DC4F2033606}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{B248F3CC-7450-4564-82CF-005CC5683F6D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{C0D6CA74-CCF4-487B-B85D-6EA5BD22D86A}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{710F5E11-F154-47AE-ACB4-D86903F3DF75}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{F7865FA2-F811-44E6-9E83-5DC8C6816C41}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{6FECD901-9262-40B2-9238-D2CA3BBCA5FF}C:\users\****\desktop\eclipse workspace\eclipse\eclipse.exe] => (Allow) C:\users\****\desktop\eclipse workspace\eclipse\eclipse.exe
FirewallRules: [UDP Query User{EDF03B02-AD4F-4711-B6DF-D1BAB830B150}C:\users\****\desktop\eclipse workspace\eclipse\eclipse.exe] => (Allow) C:\users\****\desktop\eclipse workspace\eclipse\eclipse.exe
FirewallRules: [{D97E5984-8988-42A2-A99A-E3E5AD9D88DE}] => (Block) C:\users\****\desktop\eclipse workspace\eclipse\eclipse.exe
FirewallRules: [{7F6CDFB5-E334-4C0A-A1B6-00A608FA630B}] => (Block) C:\users\****\desktop\eclipse workspace\eclipse\eclipse.exe
FirewallRules: [{96C7E7D0-443A-402F-9CB4-92E8F35CA767}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{51E44F6B-3D61-4AA3-8535-5042AA7A5F3F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{4DBE096F-A42C-47D4-A28A-32565740072B}] => (Allow) LPort=1688
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [{68264650-86ED-4370-9513-31868F0522F3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{90F7A959-530E-46E4-8A61-17B34ED7B8F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4C975C2A-56AE-412F-B3CC-C5AC77E4D5C8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{580B83BD-9AD1-475F-9B39-987FF599C875}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{23F1DF03-41B5-4CAA-9D99-CF8136BE5D3F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A5BDC9A2-CE98-4752-9F0A-C211E22C13BE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B92DCC1C-B704-4BB0-83F4-79059B18FD23}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{026C701D-A02B-46D0-88F4-2355899BBA52}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C05843F7-9A1D-4A5C-BE0F-5B8909CF354D}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{3CC49A6E-42C1-4949-A4CD-E73B0543E2C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{7B1C7BE3-5D04-4597-AE5C-D363592D3AA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{DBD1A877-2994-4F65-90BB-02E4FD12215C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{B2137C78-C506-4276-A28B-86EACC7B0C43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{2D6F6685-CAA1-4F27-ABEA-4C6058E91824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{3247F68F-5AB3-414B-866D-40AD24053A23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{ECCE3811-FE4F-44AC-9D16-FC03E3CF810F}] => (Allow) C:\Program Files (x86)\WB Games\Batman Arkham City\Binaries\Win32\BatmanAC.exe
FirewallRules: [{F0AC191A-7997-424E-B48D-68271EF6DC4C}] => (Allow) C:\Program Files (x86)\WB Games\Batman Arkham City\Binaries\Win32\BatmanAC.exe
FirewallRules: [{854930D0-DB52-4F94-BBEC-969289030389}] => (Allow) C:\Program Files\CyberGhost 5\CyberGhost.exe
FirewallRules: [{A6B5BA30-6E24-400C-9A70-EA07DDBACEF7}] => (Allow) C:\Program Files\CyberGhost 5\CyberGhost.exe
FirewallRules: [{1F3D21B1-FB7D-4F56-9719-E7B153AD05E4}] => (Allow) C:\Program Files\CyberGhost 5\CyberGhost.exe
FirewallRules: [{9E0244FD-BC58-4FD1-9F0F-AD2D1BC540BB}] => (Allow) C:\Program Files\CyberGhost 5\CyberGhost.exe
FirewallRules: [{45F9CA98-6B31-4447-A32F-415A8212294C}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe
FirewallRules: [{866DC935-9EF5-4D87-A441-977315D670B4}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe
FirewallRules: [{B618A2F5-D7AC-4AFE-8169-D8126408E148}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe
FirewallRules: [{74546D73-7ADF-41CB-B153-59BEE0EEA0C5}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe
FirewallRules: [{1C6817D5-DDF3-46CF-B77B-67306616FBE0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DDF549D9-A4B6-4158-87B8-D4F19C910C25}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A80A1E8D-F507-4B32-950F-5B4A3574E933}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Dedicated Server\JcmpServer.exe
FirewallRules: [{F521A54D-4C2E-4DF5-8AA2-3FD146EABD1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Dedicated Server\JcmpServer.exe
FirewallRules: [TCP Query User{002EBEF5-36EB-42F9-8E55-DAA23B6EB988}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{F31351F7-BD05-4A4F-A62F-93EFC2CF01DB}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{4677263F-9914-4FCB-84FB-4F28A2DCC1D5}E:\games\assassin's creed liberation hd\ac3lhd_32.exe] => (Allow) E:\games\assassin's creed liberation hd\ac3lhd_32.exe
FirewallRules: [UDP Query User{2E8E4AB9-E664-4F69-81C4-BD9A3C7CC291}E:\games\assassin's creed liberation hd\ac3lhd_32.exe] => (Allow) E:\games\assassin's creed liberation hd\ac3lhd_32.exe
FirewallRules: [TCP Query User{B30DFE72-F4A4-4064-B2AA-02874847E3FD}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [UDP Query User{D02517EC-124F-4303-9A30-D07840B6CE27}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{6D25E34F-319D-476A-8764-5BF6C9376F1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{618DD8AB-CA41-426B-A6DC-783369D9E6A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{300D73D7-BE7C-4906-984F-FD04A366DC04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thinking with Time Machine\bin\p2map_publish.exe
FirewallRules: [{60D7B9FD-238F-4EF8-A85E-7DB371B01D9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thinking with Time Machine\bin\p2map_publish.exe
FirewallRules: [{F7781C1E-BB18-414E-9A15-64C61E412C5C}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{D5B09E85-6B88-4170-8E9A-C2ED71E8F62A}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{AEF711AB-E834-4787-8ACF-B8FF5DBB2BA5}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{DEFAAF5B-FFC5-4D0B-9C92-84338B8BFEB8}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{2A4D2FBB-0563-4805-ACE8-7B215FBF3934}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{157B9860-FA2C-4C4A-8C69-DBD189A40BC4}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{A7C463B2-70F2-448D-BDFB-E5DC4C0839A3}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{679C90E7-25E6-4BD3-9CD8-99B2852BAADB}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{C833B2FD-4764-40C6-9413-E6FE229BD3ED}] => (Allow) C:\Program Files (x86)\OkayFreedom\polipo\node.exe
FirewallRules: [{4D64D017-83F7-4BBC-BB74-9D1E2BC755D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C56D16E8-0E9A-418C-A552-EEC6FC5B7030}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{391910DA-8DD4-40E1-9530-7FB567F67D71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{D4991EEB-962A-4671-B475-5AB4470625A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{72B7AA9A-5B13-424C-8A7C-6DC60403FB63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{D20CEF12-7E26-422D-A7D6-80312C2F552E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{E560A376-4CE4-45C5-B707-53BE336F2BD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{341A4FEB-6B8A-43F3-9937-021B98963D10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{26CF85B0-4ECF-4750-AB97-BCF7C0660EB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8CDAF378-ACD8-43DD-872A-C931F8C1C448}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B73B78EF-8613-4685-B02F-9D70BEB64D70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{C4B20E02-2FDD-4226-9CC0-1B521519E648}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{E62D1BA9-DA8A-4E3D-AF43-E5EBF9F3C1BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{80FD0CDF-73A2-4F79-B179-D0014C053F87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{738D4A57-EAE0-4D39-9686-06038F6CC34B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F2555550-4BB8-4F19-A88C-95C3151BE3C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{5F7B0FCC-C80F-48E5-8E53-5BD82DC6F09C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{35AC5228-1B16-48EB-A771-E7EB1806BAB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{059065E0-14F3-478D-B3A8-41444452F882}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{43DEF8F7-1FF8-4E32-93DC-AD69479AF1CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{F6095818-469B-468E-AF9F-801BE5E99D7D}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe
FirewallRules: [{6268838A-6B1E-4BA7-AA3F-FBB108344874}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe
FirewallRules: [{1E5DAC33-A194-410F-AEDF-5EF9CA14DF9B}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{077FA093-1C6B-47F4-8DF2-AD293F3C6831}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [TCP Query User{3045EF3E-0915-4BE9-9846-223B6935B045}C:\users\****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{314F1270-1945-4EBC-8E00-850648865F27}C:\users\****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\****\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3BB6ACC3-8376-4B02-A1C9-B37E2A1C3C02}] => (Block) C:\users\****\appdata\roaming\spotify\spotify.exe
FirewallRules: [{BAF33E3B-43AB-45BF-9247-18D363623405}] => (Block) C:\users\****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5F5FA5F7-B80F-408F-B07A-8AE204DECFDA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2BC4AA23-4E74-488C-A970-83C878592BC1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FDF040DA-FA17-4315-B36D-A30FACA885CB}] => (Allow) C:\Users\****\AppData\Local\Vivaldi\Application\vivaldi.exe
FirewallRules: [{8429D8AE-B900-4BA7-8273-95AC1DBBCF5B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Controller der Familie Realtek PCIe GBE
Description: Controller der Familie Realtek PCIe GBE
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8168
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/30/2015 03:42:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18dc

Startzeit: 01d0cac2c168e6a4

Endzeit: 4294967295

Anwendungspfad: C:\Windows\syswow64\wwahost.exe

Berichts-ID: b6099a36-36b6-11e5-83bf-08863b7a8d8d

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (07/30/2015 03:41:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20856 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 182c

Startzeit: 01d0cac0b7f02a91

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 9dc8d964-36b4-11e5-83bf-08863b7a8d8d

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (07/30/2015 03:41:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 183c

Startzeit: 01d0cac0b8287975

Endzeit: 4294967295

Anwendungspfad: C:\Windows\syswow64\wwahost.exe

Berichts-ID: 9fb9398b-36b4-11e5-83bf-08863b7a8d8d

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (07/30/2015 02:58:35 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (07/30/2015 02:58:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (07/30/2015 02:56:43 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/30/2015 02:55:52 PM) (Source: HiRezSoftwareManagerSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Xml.XmlException: Das Stammelement ist nicht vorhanden.
   bei System.Xml.XmlTextReaderImpl.Throw(Exception e)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
   bei System.Xml.XmlDocument.Load(XmlReader reader)
   bei System.Xml.XmlDocument.Load(String filename)
   bei Hirez.Utilities.HirezConfigSettings.LoadConfigDocument(String filePath)
   bei Hirez.Utilities.HirezConfigSettings.ReadSetting(String filePath, String key)
   bei Hirez.Patcher.PatchNetworkClient.(NewMessageCallback )
   bei Hirez.Patcher.PatchNetworkClient..ctor(String appConfigFilePath, NewMessageCallback logCallback)
   bei Hirez.Patcher.HiPatchService.InternalStart()
   bei Hirez.Patcher.HiPatchService.OnStart(String[] badDontWorkMicrosoftBugArgs)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/30/2015 02:51:20 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/30/2015 02:50:38 PM) (Source: HiRezSoftwareManagerSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Xml.XmlException: Das Stammelement ist nicht vorhanden.
   bei System.Xml.XmlTextReaderImpl.Throw(Exception e)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
   bei System.Xml.XmlDocument.Load(XmlReader reader)
   bei System.Xml.XmlDocument.Load(String filename)
   bei Hirez.Utilities.HirezConfigSettings.LoadConfigDocument(String filePath)
   bei Hirez.Utilities.HirezConfigSettings.ReadSetting(String filePath, String key)
   bei Hirez.Patcher.PatchNetworkClient.(NewMessageCallback )
   bei Hirez.Patcher.PatchNetworkClient..ctor(String appConfigFilePath, NewMessageCallback logCallback)
   bei Hirez.Patcher.HiPatchService.InternalStart()
   bei Hirez.Patcher.HiPatchService.OnStart(String[] badDontWorkMicrosoftBugArgs)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


Systemfehler:
=============
Error: (07/30/2015 03:41:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: Microsoft.Reader

Error: (07/30/2015 03:42:18 PM) (Source: DCOM) (EventID: 10010) (User: NETADMIN)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/30/2015 03:42:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1070

Error: (07/30/2015 03:43:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.

Error: (07/30/2015 03:44:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.

Error: (07/30/2015 03:57:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/30/2015 03:57:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.

Error: (07/30/2015 03:56:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (07/30/2015 03:54:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎30.‎07.‎2015 um 13:49:57 unerwartet heruntergefahren.


CodeIntegrity:
===================================
  Date: 2015-06-11 14:11:52.331
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-31 14:09:32.100
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-27 14:25:18.943
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-26 10:35:41.297
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-08 03:24:49.902
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-26 14:34:17.168
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-24 17:54:38.655
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-23 15:22:07.605
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-06 19:22:43.504
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-01 18:34:28.166
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Processor: AMD FX(tm)-6300 Six-Core Processor 
Percentage of memory in use: 63%
Total physical RAM: 4044.02 MB
Available physical RAM: 1475.62 MB
Total Virtual: 10188.02 MB
Available Virtual: 6100.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:44.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A1413C92)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

==================== Ende von log ============================
         

Alt 30.07.2015, 16:18   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    AnySend

    MyBestOffersToday 014.15

    MyBestOffersToday 014.16

    MyBestOffersToday 014.528

    Search Protect

    UniDeals

    Wajam

    YTD Video Downloader 4.8.1

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.07.2015, 16:36   #9
luca3546
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



Hab ich gemacht und jetzt?

Alt 30.07.2015, 16:39   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.07.2015, 17:39   #11
luca3546
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



Ist nicht mehr nötig seit dem Neustart von adwCleaner ist der Fehler weg und taucht nicht mehr auf. Ich bedanke mich bei dir und wünsche dir noch nen schönen Nachmittag.

Alt 30.07.2015, 22:27   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Standard

Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL



Das ist nur ne sehr oberflächliche Bereinigung...
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL
.dll, administrator, antivirus, avira, bildschirm, bluestacks, bonjour, converter, cyberghost, darkcomet, defender, desktop, explorer, fehlermeldung, google, kmspico, mozilla, nvidia, prozesse, registry, rundll, scan, server, software, svchost.exe, system, trojaner, ublock, ublock origin, windows, winlogon.exe



Ähnliche Themen: Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL


  1. Fehlerhinweis "Ungültiges Bild" unter WINDOWS 7: "C:\PROGRA~2\SEARCH~2\SEARCH~1\bin\VC32LO~1.DLL" +
    Log-Analyse und Auswertung - 19.04.2015 (9)
  2. Ungültiges Bild, C:\PROGRA~1\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL .... egal welche Anwendung geöffnet wird.
    Log-Analyse und Auswertung - 10.04.2015 (15)
  3. WINDOWS 7: C:\PROGRA~2\SEARCH~2\SEARCH~1\bin\VC32LO~1.DLL - ungültiges Bild
    Log-Analyse und Auswertung - 01.04.2015 (11)
  4. Windwos 7: ungültiges Bild (C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL)
    Log-Analyse und Auswertung - 31.03.2015 (13)
  5. Windows 7: .exe ungültiges Bild
    Log-Analyse und Auswertung - 31.03.2015 (9)
  6. WINDOWS 7: C:\PROGRA~2\SEARCH~2\SEARCH~1\bin\VC64LO~1.DLL - ungültiges Bild
    Log-Analyse und Auswertung - 28.03.2015 (21)
  7. permanent Fehlermeldungen "Ungültiges Bild" mit Verweis auf VC32LO 1.dll oer VC64LO 1.dll
    Plagegeister aller Art und deren Bekämpfung - 21.03.2015 (20)
  8. Windows-Fehlermeldung: ...\...\..dll: Ungültiges Bild
    Log-Analyse und Auswertung - 21.03.2015 (16)
  9. Fehlermeldung xxx.exe - Ungültiges Bild (C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll oder V32Loader.dll)
    Log-Analyse und Auswertung - 18.03.2015 (16)
  10. Windwos 7: ungültiges Bild (C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL)
    Log-Analyse und Auswertung - 18.03.2015 (9)
  11. Fehlermeldung: ungültiges Bild (C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL)
    Log-Analyse und Auswertung - 18.03.2015 (11)
  12. C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehen...
    Plagegeister aller Art und deren Bekämpfung - 16.03.2015 (17)
  13. Windows 7 : Fehlermeldung : Bad Image C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL
    Plagegeister aller Art und deren Bekämpfung - 15.03.2015 (11)
  14. : ungültiges Bild (C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL) Windows 7
    Log-Analyse und Auswertung - 15.03.2015 (19)
  15. Windows 8.1 "Ungültiges Bild" C:\Progra~2\Search~1\Search~1\bin\VC64LO~1.DLL... oder ähnlich bei Programmstart
    Plagegeister aller Art und deren Bekämpfung - 15.03.2015 (7)
  16. C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehe
    Plagegeister aller Art und deren Bekämpfung - 06.02.2015 (5)
  17. Ungültiges Bild - Windows 7
    Plagegeister aller Art und deren Bekämpfung - 16.02.2013 (12)

Zum Thema Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL - Als ich heute meinen PC gestartet habe hatte ich eine längere Zeit einen schwarzen Bildschirm auf den nach einer Zeit die im Titel genannte Fehlermeldung erschien. Diese erscheint bei mir - Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL...
Archiv
Du betrachtest: Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.