Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: chrome nutzt nur noch s.coldsearch

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 14.12.2015, 07:43   #1
dimmu311
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



Hallo Gemeinde,

irgendwo habe ich mir diesen nervigen s.coldsearch Hijacker eingefangen. Kann mir bitte jemand helfen den wieder loszuwerden.

Habe schon mal logs mit Frst erstellt.

FRST.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-12-2015
durchgeführt von User (Administrator) auf NBWIN702 (14-12-2015 08:14:33)
Gestartet von C:\Users\User\Downloads
Geladene Profile: User (Verfügbare Profile: User & useradmin & Administrator & USERADMIN)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cimetrics Inc.) C:\Program Files (x86)\WAGO Software\WAGO BACnet Configurator\BACstac64\bacstac-gtw.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Fortinet Inc.) C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
() C:\ProgramData\DataCardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(MustangService) C:\ProgramData\TempMoudleSet\MustangSer1810.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dropbox, Inc.) C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Global IP Telecommunications Ltd.) C:\ProgramData\Juggler\Juggler\Juggler.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSkypeDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraCiscoJabberDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraShoreTelDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaIPDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSametimeV85Driver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraBriaDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraCiscoWebExConnectDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraNECDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraMicrosoftLyncPresence.exe
(Global IP Telecommunications Ltd.) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452968 2012-03-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-07] (NVIDIA Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-19] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Lenovo App Shop] => "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe [741360 2013-11-27] (Kaspersky Lab ZAO)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKLM\...\Policies\Explorer: [UseDefaultTile] 1
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [AxStartup] => [X]
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [AC_RemoteMediaSync] => "C:\Program Files (x86)\Autonomic Controls\Media Synchronization Tool\bin\FX2_0\Autonomic.Synchronization.App.exe" -autorun
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [Dropbox Update] => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [JUGGLER.EXE] => C:\ProgramData\Juggler\Juggler\Juggler.exe [10481664 2015-02-08] (Global IP Telecommunications Ltd.)
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {29aa4ed1-f48f-11e2-9f4b-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {2b08ed40-716e-11e5-9824-8d6da38fbdf6} - D:\AutoRun.exe
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {2b08eda4-716e-11e5-9824-8d6da38fbdf6} - D:\AutoRun.exe
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {defc3b85-1f55-11e3-9bde-028037ec0200} - E:\SETUP.EXE
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Winlogon: [Shell] C:\Windows\EXPLORER.EXE [2871808 2011-12-08] (Microsoft Corporation) <==== ACHTUNG
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-05] (NVIDIA Corporation)
ShuserconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShuserconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShuserconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShuserconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShuserconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShuserconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Jabra Device Service.lnk [2014-06-25]
ShortcutTarget: Jabra Device Service.lnk -> C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe (GN Netcom A/S)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk [2014-04-21]
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2013-09-09]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk [2014-04-21]
ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.200.12
Tcpip\..\Interfaces\{14963338-2037-4E84-B41F-6CBD53B215C9}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{3A1D8E10-CDCB-47A1-9210-DFF3E7311D98}: [NameServer] 192.168.150.1
Tcpip\..\Interfaces\{537D38FE-2785-48BE-AD82-8BE40F79ADCE}: [DhcpNameServer] 192.168.200.12
Tcpip\..\Interfaces\{65869497-A756-491B-9BC6-6A3092E552B6}: [DhcpNameServer] 192.168.150.1
Tcpip\..\Interfaces\{9E4E735E-239D-4A39-A318-B86CDDF68521}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A7800664-D53A-4B05-A5EB-A5F3B50FAB96}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{E9BB59C6-A501-411F-93AB-FDBC3D1AD88B}: [DhcpNameServer] 192.168.4.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE549
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-10-22] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {15A7CF10-CB3E-4265-8779-9FD22619E8ED} file:///C:/Projekte/Kaske/XPanel%20Kaske%20V24_V044.xweb/XPanel.cab
DPF: HKLM-x32 {73888E2B-FF04-416C-8847-984D7FC4507F} hxxp://192.168.0.56/RtspVaPgDecNew2.cab
DPF: HKLM-x32 {C1D592D2-D4F6-4E9C-968D-797449DC0ADC} hxxp://www.dvrstation.com/webServer.cab
DPF: HKLM-x32 {F74959B0-1779-472E-BE6E-3023E1DBEC73} file:///C:/Projekte/Kaske/XPanel%20Kaske%20V24_V044.xweb/Xinit.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\SslvpnClient\npccplugin.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\SslvpnClient\npccpluginex.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\SslvpnClient\nptcplugin.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @HUNT.com.tw/NP_HOEM_X -> C:\Windows\system32\WebWatch2\np_hoem_x.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2557082223-2624319934-3865501230-3146: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2557082223-2624319934-3865501230-3146: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2013-12-30] (Tracker Software Products (Canada) Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-09]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-09]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-09]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-09]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-10]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-10]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-10]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fhjcajmcbmldlhcimfajhfbgofnpcjmb [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-10]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-10]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe [741360 2013-11-27] (Kaspersky Lab ZAO)
R2 BACstac; C:\Program Files (x86)\WAGO Software\WAGO BACnet Configurator\BACstac64\bacstac-gtw.exe [236032 2013-02-27] (Cimetrics Inc.) [Datei ist nicht signiert]
S3 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 FortiSslvpnDaemon; C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe [954080 2014-04-09] (Fortinet Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4683144 2014-07-15] (SafeNet Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 klnagent; C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe [132600 2013-11-19] (Kaspersky Lab ZAO)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [650240 2013-03-01] () [Datei ist nicht signiert]
R2 MSSQL$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe [62382256 2015-03-29] (Microsoft Corporation)
R2 MSSQL$WAGO; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer1810.exe [236816 2015-10-09] (MustangService)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-07] (NVIDIA Corporation)
S3 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2014-06-05] (The OpenVPN Project)
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2987520 2014-10-29] (Microsoft Corporation) [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S4 SQLAgent$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-29] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-11-11] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [655400 2012-02-03] (Ericsson AB)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
S2 DHCPServer; "C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-09] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-06-30] (Google Inc)
R3 AX88179; C:\Windows\System32\DRIVERS\ax88179_178a.sys [66560 2013-12-05] (ASIX Electronics Corp.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
S3 CtrnWinUsbLowerFilter; C:\Windows\System32\DRIVERS\CtrnWinUsbLowerFilter.sys [13920 2013-05-07] (Crestron Electronics Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-11] ()
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-07-15] (SafeNet Inc.)
S3 KinectCamera; C:\Windows\System32\Drivers\kinectcamera.sys [192512 2013-02-27] (Microsoft Corporation) [Datei ist nicht signiert]
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-09-05] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [98400 2015-11-09] (Kaspersky Lab ZAO)
R1 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [30816 2013-07-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [661600 2015-11-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-07-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54104 2012-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177760 2013-07-01] (Kaspersky Lab ZAO)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [102440 2012-01-13] (Ericsson AB)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [42944 2010-09-09] (hxxp://libusb-win32.sourceforge.net)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-08-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-08-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-08-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-08-22] (MCCI Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [Datei ist nicht signiert]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-02-05] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
R3 pppop; C:\Windows\System32\DRIVERS\pppop64.sys [42528 2009-07-21] (Fortinet Inc.)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-29] (Microsoft Corporation)
S3 RTLU3E8023-W7-64; C:\Windows\System32\DRIVERS\rtu30x64w7.sys [83160 2013-10-12] (Realtek                                            )
U2 TVicLPT; kein ImagePath
S2 TVicPort; kein ImagePath
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [282152 2011-12-07] (Ericsson AB)
S3 btwampfl; \??\C:\Windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-14 08:14 - 2015-12-14 08:14 - 00039359 _____ C:\Users\User\Downloads\FRST.txt
2015-12-14 07:58 - 2015-12-14 08:14 - 00000000 ____D C:\FRST
2015-12-14 07:57 - 2015-12-14 07:57 - 02369536 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-12-11 13:55 - 2015-12-11 13:55 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-12-11 09:19 - 2015-12-11 09:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-10 14:14 - 2015-12-10 14:22 - 00000000 ____D C:\AdwCleaner
2015-12-10 07:57 - 2015-12-10 07:57 - 00000000 _____ C:\Windows\system32\SBRC.dat
2015-12-10 07:53 - 2015-12-10 07:53 - 00000000 ____D C:\ProgramData\VIPRE
2015-12-10 07:52 - 2015-12-10 11:48 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-12-10 07:51 - 2015-12-10 07:51 - 00000000 ____D C:\Program Files (x86)\iS3
2015-12-09 15:45 - 2015-12-09 15:45 - 00000000 ____D C:\SUPERDelete
2015-12-09 15:43 - 2015-12-10 07:58 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-12-09 15:01 - 2015-12-09 15:01 - 00000000 _____ C:\autoexec.bat
2015-12-08 11:47 - 2015-12-08 11:47 - 00000433 _____ C:\Users\User\Downloads\AppleTV[1].ir
2015-12-03 09:17 - 2015-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-03 07:26 - 2015-12-03 07:26 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-12-02 10:30 - 2015-12-02 10:30 - 07908787 _____ C:\Users\User\Downloads\DB.KNX36361-DFE.1411_Jalousieaktor_8-4-fach.zip
2015-12-02 08:41 - 2015-12-02 08:41 - 00161411 _____ C:\Users\User\Downloads\1E36306_8_REG_V11.knxprod
2015-11-25 13:19 - 2015-12-08 12:05 - 00001311 _____ C:\Users\Public\Desktop\Access Servicetool.lnk
2015-11-25 13:19 - 2015-11-25 13:19 - 00000000 ____D C:\Program Files\Siedle
2015-11-25 13:11 - 2015-11-25 14:03 - 00000000 ____D C:\Users\User\Desktop\Siedle
2015-11-25 11:42 - 2015-11-25 11:42 - 00001162 _____ C:\Users\Public\Desktop\ASHT 170.lnk
2015-11-18 14:10 - 2015-11-18 14:10 - 00000000 ____D C:\ProgramData\TempMoudleSet
2015-11-17 16:59 - 2015-11-17 16:59 - 00000000 ____D C:\79b406714c64b85199c9
2015-11-16 11:39 - 2015-11-16 11:39 - 00000020 ___SH C:\Users\Useradmin.USER\ntuser.ini
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Vorlagen
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Startmenü
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Netzwerkumgebung
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Lokale Einstellungen
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Eigene Dateien
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Druckumgebung
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Documents\Eigene Videos
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Documents\Eigene Musik
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Documents\Eigene Bilder
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\AppData\Local\Verlauf
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\AppData\Local\Anwendungsdaten
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Anwendungsdaten
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 ____D C:\Users\Useradmin.USER
2015-11-16 11:39 - 2013-08-17 15:21 - 00000000 ____D C:\Users\Useradmin.USER\AppData\Local\Microsoft Help
2015-11-16 11:39 - 2013-07-24 19:41 - 00000000 ____D C:\Users\Useradmin.USER\AppData\Roaming\Macromedia
2015-11-16 11:39 - 2011-12-08 21:42 - 00000000 ____D C:\Users\Useradmin.USER\AppData\Roaming\Media Center Programs

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-14 08:14 - 2014-09-15 12:54 - 00000000 ____D C:\Users\User\Documents\Outlook-Dateien
2015-12-14 08:14 - 2013-10-13 19:44 - 00000000 ___RD C:\Users\User\Documents\Dropbox
2015-12-14 08:14 - 2013-10-13 19:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2015-12-14 08:13 - 2015-11-09 14:36 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-12-14 08:13 - 2015-06-22 06:28 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146UA.job
2015-12-14 08:13 - 2014-09-15 12:40 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-14 08:13 - 2013-08-17 12:48 - 00000112 _____ C:\Windows\system32\config\netlogon.ftl
2015-12-14 08:13 - 2013-07-24 19:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-14 08:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-14 08:05 - 2014-09-16 06:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-14 07:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-14 07:33 - 2013-07-24 19:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-14 07:13 - 2015-06-22 06:28 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146Core.job
2015-12-14 07:13 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-14 07:13 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-10 14:23 - 2013-07-25 05:25 - 00816852 _____ C:\Windows\system32\perfh007.dat
2015-12-10 14:23 - 2013-07-25 05:25 - 00193828 _____ C:\Windows\system32\perfc007.dat
2015-12-10 14:23 - 2009-07-14 06:13 - 01949084 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-10 14:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-10 13:03 - 2014-05-06 11:23 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2015-12-10 12:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-10 10:54 - 2014-09-08 15:15 - 00000000 ____D C:\Program Files (x86)\DALITools
2015-12-09 16:43 - 2015-08-12 12:48 - 00000061 _____ C:\Windows\030_KnxDaliGatewayR3.INI
2015-12-09 15:36 - 2013-09-25 21:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-09 15:01 - 2013-08-17 13:54 - 00000000 ____D C:\Users\User
2015-12-09 10:05 - 2014-09-16 06:59 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 10:05 - 2013-11-13 07:13 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 10:05 - 2013-08-17 15:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-03 07:26 - 2013-07-24 19:51 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2015-12-03 07:26 - 2013-07-24 19:37 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-12-03 07:26 - 2013-07-24 13:16 - 00000000 ____D C:\ProgramData\Lenovo
2015-12-02 13:18 - 2010-11-21 04:27 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-02 12:28 - 2013-07-24 19:46 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 12:28 - 2013-07-24 19:46 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-27 09:09 - 2013-12-17 14:33 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla
2015-11-25 15:38 - 2014-06-22 14:06 - 00000000 ____D C:\Users\User\.VirtualBox
2015-11-25 13:19 - 2014-12-04 16:19 - 00000000 ____D C:\ProgramData\Siedle
2015-11-25 13:19 - 2014-12-04 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Siedle
2015-11-25 11:43 - 2014-12-04 16:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Siedle
2015-11-25 11:42 - 2014-12-04 16:19 - 00000000 ____D C:\Program Files (x86)\Siedle
2015-11-23 15:06 - 2013-08-17 12:49 - 00066198 __RSH C:\ProgramData\ntuser.pol
2015-11-18 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-18 14:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-17 19:02 - 2009-07-14 05:45 - 00548448 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-17 16:59 - 2013-08-17 14:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-17 16:59 - 2013-08-17 13:19 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-17 16:59 - 2013-08-17 13:19 - 00000000 ____D C:\Windows\system32\MRT
2015-11-17 16:58 - 2013-08-17 14:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-17 16:36 - 2013-08-17 14:18 - 01923364 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-17 16:31 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-11-17 16:30 - 2011-12-08 21:43 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-16 18:06 - 2014-09-10 08:24 - 00000068 _____ C:\Windows\CoDeSysOPC.ini
2015-11-16 18:00 - 2013-08-17 14:44 - 00000000 ____D C:\ProgramData\Gateway Files

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-05-04 20:47 - 2014-05-04 20:47 - 0663348 _____ () C:\Program Files\linuxrc
2014-06-20 18:55 - 2015-11-03 09:27 - 0000600 _____ () C:\Users\User\AppData\Local\PUTTY.RND
2015-11-12 08:03 - 2014-08-15 14:50 - 0000808 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2015-05-29 12:28 - 2015-05-29 12:28 - 0007599 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2013-08-17 19:31 - 2014-01-15 22:25 - 0000376 _____ () C:\ProgramData\LastUpdate.xml

Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkx5z6s.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-10 12:56

==================== Ende von FRST.txt ============================
         


Ich hoffe mir kann dieses mal genau so gut wie sonst geholfen werden. Vielen Dank,
Dimmu

Alt 14.12.2015, 07:44   #2
dimmu311
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



und hier noch die Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-12-2015
durchgeführt von User (2015-12-14 08:14:57)
Gestartet von C:\Users\User\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-08-17 18:29:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3238437269-852521613-3698105168-500 - Administrator - Disabled)
USERADMIN (S-1-5-21-3238437269-852521613-3698105168-1001 - Administrator - Enabled) => C:\Users\USERADMIN
Gast (S-1-5-21-3238437269-852521613-3698105168-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Endpoint Security 10 für Windows (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Advanced IP Scanner 2.3 (HKLM-x32\...\{18FC0DE0-9381-42A8-B20C-B7C0E3525B76}) (Version: 2.3.2161 - Famatech)
AVR Burn-O-Mat 2.1.2 (HKLM-x32\...\{B9F41D01-DB28-4595-B93C-2732A54CBEA2}_is1) (Version:  - Torsten Brischalle)
BlackBoard (HKLM-x32\...\BlackBoard) (Version: 1.1.0 - Matthias Pueski)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BPS650 (HKLM-x32\...\{4F3C4874-D5D9-41A0-B8DE-FD7CA4690CE3}) (Version: 2.11.1 - Siedle)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version:  - )
CoDeSys for Automation Alliance (HKLM-x32\...\{07976ABB-1EBD-4A65-A7C7-155A0DC17173}) (Version:  - 3S-Smart Software Solutions GmbH)
Crestron Database 53.00.007.00 (HKLM-x32\...\{9E52ACC4-ABB4-41A1-9D99-1229F0E3C0C2}_is1) (Version: 53.00.007.00 - Crestron Electronics Inc.)
Crestron Device Database68.05.001.00 (HKLM-x32\...\{6686F38D-1A32-4A8C-94D7-A2AA9C5F3C9B}_is1) (Version: 68.05.001.00 - Crestron Electronics Inc.)
Crestron Digital Media Tools v3.00 (HKLM-x32\...\{DDD189C7-8590-4372-A494-08592E360B46}) (Version: 3.01.01 - Crestron Electronics Inc.)
Crestron MasterInstaller (HKLM-x32\...\{71B06E52-A152-43DE-B414-C2DD22D81A25}) (Version: 3.00.09.00 - Crestron Electronics Inc.)
Crestron Procise Tools 2.40.617.00 (HKLM-x32\...\{CCA3AB83-BCA7-4CFF-B96C-977CC0C1424A}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron ProdigyTools  2.40.617.00 (HKLM-x32\...\{AE3B0014-DD7D-4156-8CB2-D2D8910AC8DF}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron ProSoundTools 2.40.617.00 (HKLM-x32\...\{77FB7E6E-D48E-44A7-8257-CD7CF40AADE7}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron SIMPL Window 4.03.15.00 (HKLM-x32\...\{8B508184-4E86-41C9-BCFF-EF8B1C7EF2BF}_is1) (Version: 4.03.15.00 - Crestron Electronics Inc.)
Crestron SmartGraphics 2.07.07.01 (HKLM-x32\...\{1CE8BCAB-8F15-403F-A9A0-2D2000C6B554}_is1) (Version: 2.07.07.01 - Crestron Electronics Inc.)
Crestron Toolbox 2.40.617.00 (HKLM-x32\...\{1B52BC01-2F6E-4FAE-BB09-1F28D2BF1D63}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron VisionTools Pro-e 5.9.05.04 (HKLM-x32\...\{E74BC26C-A114-4AE0-990E-BBFBB9F592A4}_is1) (Version: 5.9.05.04 - Crestron Electronics Inc.)
Crestron XPanel (HKLM-x32\...\CrestronXPanel) (Version: 2.07.07 - Crestron Electronics, Inc)
Crestron XPanel (x32 Version: 2.07.07 - Crestron Electronics, Inc) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DALI Monitor (HKLM-x32\...\DALIMonitor25) (Version:  - )
DEAL for Windows (HKLM-x32\...\{7005C601-B415-4D77-B2ED-FF40E3DACDED}) (Version: 4.02 - Crestron Electronics Inc.)
D-Fend Reloaded 1.3.6 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.3.6 - Alexander Herzog)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
ETS3 Professional (HKLM-x32\...\ETS3 Professional) (Version: 3.0.00990.0 - KNX Association)
ETS3 Professional (x32 Version: 3.0.00990.0 - KNX Association cvba) Hidden
Evernote v. 5.0.3 (HKLM-x32\...\{32D39568-3B77-11E3-88CE-00163E98E7D0}) (Version: 5.0.3.1614 - Evernote Corp.)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FortiClient SSLVPN v4.0.2300 (HKLM-x32\...\{A34DCE59-0004-0000-2300-3F8A9926B752}) (Version: 4.0.2300 - Fortinet Inc.)
Free YouTube Download version 3.2.49.1022 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1022 - DVDVideoSoft Ltd.)
FreeFileSync 6.6 (HKLM-x32\...\FreeFileSync) (Version: 6.6 - Zenju)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
GDR 4033 für SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
GDR 4042 für SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
GIRA TS3plus Plugin 1.0.0.0 (HKLM-x32\...\{892AAFA1-CBEE-419C-905D-BA2B728BB32A}) (Version: 1.0.0.0 - GIRA Giersiepen GmbH & Co. KG)
GIRA TS3plusPlugin1 1.1.1.0 (HKLM-x32\...\{109D0D31-581D-4CE3-A069-63CEFF2A46F0}) (Version: 1.1.1.0 - GIRA Giersiepen GmbH & Co. KG)
GO Contact Sync Mod (HKLM-x32\...\{2A0B0EE0-76F3-4DE6-8998-61E3262E642D}) (Version: 3.5.25 - WebGear, Create Software, Stru.be, saller.NET)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Jabra PC Suite 2.14.5888 (HKLM-x32\...\{6D22DD53-EC7D-45E7-A996-A18CB7C8DFE9}) (Version: 2.14.5888.0 - GN Netcom A/S)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Juggler 7.6.3 (HKLM-x32\...\{{DDB0D4D8-459A-4A26-8EB9-564846AB70AB}_is1) (Version: 4 - Global IP Telecommunications Ltd.)
Jung KRTS Plugin 1.0.1.1 (HKLM-x32\...\{8880F584-FAFC-498D-84DD-C92912D62CC9}) (Version: 1.0.1.1 - Albrecht Jung  GmbH & Co. KG)
JUNG RCS Plugin 1.0.1.0 (HKLM-x32\...\{4A9F2678-EF45-4F3B-8E3E-B1159C72BC1A}) (Version: 1.0.1.0 - Albrecht Jung GmbH & Co. KG)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Endpoint Security 10 für Windows (HKLM\...\{04CF7FBD-E56C-446D-8FC9-DD444BDBEE8E}) (Version: 10.2.1.23 - Kaspersky Lab)
Kaspersky Security Center Administrationsagent (HKLM-x32\...\InstallWIX_{2F383CB3-6D7C-449D-9874-164E49E1E0F5}) (Version: 10.1.249 - Kaspersky Lab ZAO)
Kaspersky Security Center Administrationsagent (x32 Version: 10.1.249 - Kaspersky Lab ZAO) Hidden
KNX eteC Falcon Runtime v2.1 (x32 Version: 2.1.5213.27900 - KNX Association cvba) Hidden
KNX ETS4 (HKLM-x32\...\KNX ETS4) (Version: 4.1.3614.46489 - KNX Association cvba)
KNX ETS4 (x32 Version: 4.1.3614.46489 - KNX Association cvba) Hidden
KNX ETS4 Additional Runtime (x32 Version: 4.0.0.0 - KNX Association cvba) Hidden
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.72.10 - Lenovo)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0019 - Lenovo)
LOGO!Soft Comfort V7.0  (HKLM\...\LOGO!Soft Comfort V7.0 ) (Version: 7.0.0.0 - Siemens AG)
LOGO!Soft Comfort V7.1  (HKLM\...\LOGO!Soft Comfort V7.1 ) (Version: 7.1.0.0 - Siemens AG)
Loxone Config (HKLM-x32\...\LoxoneConfig_is1) (Version: 6.4 - Loxone Electronics GmbH)
masterCONFIGURATOR (HKLM-x32\...\masterCONFIGURATOR) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.1.1.0 - Ericsson AB)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.009.09.02.910 - Huawei Technologies Co.,Ltd)
Modbus Poll 4.4.1 (HKLM-x32\...\Modbus Poll) (Version:  - )
Modbus Slave 4.3.1 (HKLM-x32\...\Modbus Slave) (Version:  - )
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 38.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version: 38.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
NetSetMan 3.5.3 (HKLM-x32\...\NetSetMan_is1) (Version: 3.5.3 - Ilja Herlein)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team)
NVIDIA 3D Vision Treiber 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 345.20 - NVIDIA Corporation)
NVIDIA Grafiktreiber 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
OLYMPIA - SERD Manager 4.01.03 (HKLM-x32\...\OLYMPIA - SERD Manager_is1) (Version:  - Olympia Business Systems Vertriebs GmBH)
OpenVPN 2.3.4-I002  (HKLM\...\OpenVPN) (Version: 2.3.4-I002 - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-XChange Editor (HKLM-x32\...\{2eef0fe2-cc4a-47d6-959c-de2d5c2cc40b}) (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.7.0 - Prolific Technology INC)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
RCD FD Plugin 1.2.2.0 (HKLM-x32\...\{DB85DBD8-7736-42CF-8CA7-DDA13221192F}) (Version: 1.2.2.0 - Albrecht Jung GmbH & Co. KG)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6591 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Scan2PDF 1.6 (HKLM-x32\...\Scan2PDF_is1) (Version:  - Koma-Code)
SciLor's grooveshark™.com Downloader 0.4.12 (HKLM-x32\...\{DDEAE484-D5FB-49CB-BD47-9512E8ACCA65}_is1) (Version: 0.4.12 - SciLor)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version:  - Microsoft)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
setup (x32 Version: 1.0.0 - hxxp://www.globaliptel.com) Hidden
Siedle Access Servicetool (HKLM-x32\...\Siedle Access Servicetool) (Version: 1.0.0.0 - S. Siedle & Söhne OHG)
Siedle ASC 170 (HKLM-x32\...\ASC 170) (Version: 2.1.002.0 - S. Siedle & Söhne)
Siedle ASHT 170 (HKLM-x32\...\ASHT 170) (Version: 2.3.003.0 - S. Siedle & Söhne OHG)
Siedle ASOEM 170 (HKLM-x32\...\ASOEM 170) (Version: 1.3.206.0 - S. Siedle & Söhne)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista_3 (c:\SiLabs\MCU_3) (HKLM-x32\...\{BC2EFFDD-A64B-43B5-A755-36C0FCD9B080}) (Version: 5.30 - Silicon Laboratories, Inc.)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{14D8063B-21C3-4C85-B1F4-3BDAA7B79350}) (Version: 6.2.00 - Silicon Laboratories, Inc.)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7_2 (c:\SiLabs\MCU\CP210x\Windows_XP_S2K3_Vista_7_2) (HKLM-x32\...\{5F4403E5-BC1A-4065-BB35-7A3AE5CE11A2}) (Version: 6.2.00 - Silicon Laboratories, Inc.)
SIMPL+ Cross Compiler (HKLM-x32\...\{FB97A745-D1E6-435D-B942-264E94F89938}) (Version: 1.3 - Crestron Electronics Inc.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Target 3001! V16 distrelec (HKLM-x32\...\Target 3001! V16 distrelec) (Version:  - Ing. Buero FRIEDRICH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
Touchpanel Graphics v1.00 (HKLM-x32\...\{C885A1B2-184E-4C57-8C2B-78B250E1EFCA}) (Version: 1.00.01.1526 - Crestron Electronics Inc.)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version:  - Microsoft)
UpLoad/DownLoad (HKLM-x32\...\{12D99D8A-8B28-442E-8954-955C18B2AD97}) (Version: 3.2.1.1 - Abus)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WAGO BACnet Configurator (HKLM-x32\...\{121C9DB8-BFC0-4CCE-B1EF-DA07F4692AD6}) (Version: 1.7.0 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO BACnetObjectMerger (HKLM-x32\...\{27505E00-47F0-4FA1-A964-927BCDE05FE2}) (Version: 1.1.0 - WAGO Software)
WAGO Ethernet Settings (HKLM-x32\...\WAGO Ethernet Settings) (Version: 5.3.3.3 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO Ethernet Update (HKLM-x32\...\WAGO Ethernet Update) (Version: 1.5.2.4 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO IO-Link (HKLM-x32\...\WAGO IO-Link) (Version: 1.0.12.1 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO USB Service Cable (HKLM-x32\...\WAGO USB Service Cable) (Version: 6.5.3.0 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO-I/O-Check 3 (HKLM-x32\...\WAGO-IO-Check 3) (Version: 3.5.3.11 - WAGO Kontakttechnik GmbH & Co. KG)
Wago-ProServe (HKLM-x32\...\InstallShield_{EADC9384-A49D-42BE-8115-67FD73D10F56}) (Version: 6.00.0000 - Wago GmbH)
Wago-ProServe (x32 Version: 6.00.0000 - Wago GmbH) Hidden
WAGO-Safety-Editor 75x (HKLM-x32\...\WAGO-Safety-Editor 75x) (Version: 2.2.5 - WAGO Kontakttechnik GmbH & Co. KG)
Web Server (remove only) (HKLM-x32\...\WebServer) (Version:  - )
WinAVR 20100110 (remove only) (HKLM-x32\...\WinAVR-20100110) (Version: 20100110 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Crestron Electronics Inc. (WinUSB) Crestron  (11/09/2010 3.0.0.0) (HKLM\...\D49FBD114E4911AD03D99ED034ADA88310A1915A) (Version: 11/09/2010 3.0.0.0 - Crestron Electronics Inc.)
Windows-Treiberpaket - Intel (e1cexpress) Net  (01/11/2012 11.15.16.0) (HKLM\...\EC2A0F2B229770EC589265FCF2B4839A0C221993) (Version: 01/11/2012 11.15.16.0 - Intel)
Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (04/06/2012 16.1.1.0) (HKLM\...\64B3C27E4CF7B6AD920184EFFF6C488C55EF2892) (Version: 04/06/2012 16.1.1.0 - Synaptics)
Windows-Treiberpaket - WAGO Kontakttechnik GmbH & Co. KG (silabenm) Ports  (04/24/2012 6.5.3.0) (HKLM\...\8B70BEF5876E0C4A8835B50654466A4169F49A81) (Version: 04/24/2012 6.5.3.0 - WAGO Kontakttechnik GmbH & Co. KG)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wireshark 1.10.5 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, hxxp://www.wireshark.org)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

10-12-2015 07:51:39 Installed ETS3.

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0CE0925A-BF2B-4991-A5A2-4397AACFBC0A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {33957458-DCBD-4CCB-9628-1732A3DA10A4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {365492AE-5044-4B97-8FB6-D32981B82691} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146Core => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {4C25A588-5287-4C7B-9A81-B5F8A370553A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {7C49AF13-9956-4A1A-A461-A9AE4923A30C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {8E81F58C-521A-4C10-ADC0-F06BB7B5705A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {A718766C-39F1-4964-8270-30C8865308A1} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-11-11] ()
Task: {AB5BA8F1-1FDC-420C-8A2C-378D012E98F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {BC5AEDD1-364F-4047-AD63-CBB3126FA959} - System32\Tasks\Lenovo\LSC\CreateHardwareScanTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe
Task: {DE09DE1A-6CBD-4042-AA22-C4ED6DACFA42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E4EC5EEA-07DA-4CBE-80FB-F78753C491CA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146UA => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {FE93BA35-535F-4DDE-B7B2-24B5CCB71916} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146Core.job => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146UA.job => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-12-17 09:57 - 2009-11-02 09:19 - 00648704 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\KOAZ8J_O.DLL
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-10-18 15:29 - 2013-03-01 07:33 - 00650240 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2013-11-15 09:52 - 2015-02-05 09:16 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-15 12:40 - 2015-02-04 21:29 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-07-24 19:39 - 2012-04-09 00:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-07-24 19:38 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-10-18 15:29 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2015-10-18 15:29 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2015-10-18 15:29 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2015-10-18 15:29 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2015-10-18 15:29 - 2013-03-01 07:33 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2015-10-18 15:29 - 2012-10-31 10:11 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2013-07-24 19:38 - 2011-07-13 09:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2013-11-27 21:21 - 2013-11-27 21:21 - 01309888 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\kpcengine.2.2.dll
2013-11-15 09:52 - 2015-02-05 09:16 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-05-08 09:20 - 2015-02-03 16:09 - 00166504 _____ () C:\ProgramData\Juggler\Juggler\libnet.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 00061440 _____ () C:\ProgramData\Juggler\Juggler\ogg.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 01253376 _____ () C:\ProgramData\Juggler\Juggler\vorbis.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 00102400 _____ () C:\ProgramData\Juggler\Juggler\vorbisfile.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 01032192 _____ () C:\ProgramData\Juggler\Juggler\vorbisenc.dll
2015-05-08 09:20 - 2015-02-03 16:09 - 05626472 _____ () C:\ProgramData\Juggler\Juggler\libimg.dll
2014-03-25 12:53 - 2014-03-25 12:53 - 00092160 _____ () C:\Program Files (x86)\Jabra\Jabra PC Suite\GNDeviceInterface.dll
2015-12-11 09:19 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-11 09:19 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-11 09:19 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-11 09:19 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-11 09:19 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 06:06 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2013-09-26 12:50 - 2013-09-26 12:50 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2013-09-26 12:49 - 2013-09-26 12:49 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.4.1 - 192.168.200.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{151FAA68-F1DF-4A79-AF71-92A0F14E9CE4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C2810C4A-E97D-4B92-A96B-5433A806F008}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3660F2E3-46B0-4D0F-BE0F-9C59A10EAA3A}] => (Allow) LPort=2869
FirewallRules: [{7FD6E6D9-367B-419D-9606-019CB3FED78F}] => (Allow) LPort=1900
FirewallRules: [{B8EA89FC-5085-4DF8-BD24-AF7672CF092A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{93361C44-296A-4BD6-843F-76F012342DE2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7DBE66D0-0DF7-47FF-B6E5-6D9B468092B8}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{ED379DCD-AEC1-4B26-B1B6-9A46473FB065}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{62ABF094-7690-40BD-81E4-B43B6757F2B2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{3CCF2577-0193-4F47-86EF-F0ED5076225E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3A8371CD-3595-4F5B-860A-D79F3D6E6F01}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{FCE19657-48D7-426A-B02F-0604AB2AA4B8}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{AA1365C7-3BB9-4FCF-ACB5-A5852B6A1BF1}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{B1A64864-401F-41C5-AC52-FF07E7356B5F}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{37E6BF91-E1FA-4B95-B1A6-CF64EDFF3183}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{A064830F-E257-4141-97CB-62A64467BCDC}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{0B5E1478-B271-4CBA-BAF1-2A3559EAD6D7}] => (Allow) LPort=15000
FirewallRules: [TCP Query User{F6475DE9-1EDF-4CFC-AA23-ABC9D17BDCDB}C:\program files (x86)\ets4\ets4.exe] => (Block) C:\program files (x86)\ets4\ets4.exe
FirewallRules: [UDP Query User{1223840E-68E9-4520-A703-100A93A3600B}C:\program files (x86)\ets4\ets4.exe] => (Block) C:\program files (x86)\ets4\ets4.exe
FirewallRules: [{A6F045DF-565D-4A33-AEC8-A6BB1D47260E}] => (Allow) LPort=15000
FirewallRules: [TCP Query User{D2EDB46F-F6DF-401D-80B2-FD0483EA6905}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{EDE53D6F-6CF6-419D-97C9-D5A85D12AD50}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [{D734E670-D497-4F2B-AC55-03F519B95D9D}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{A063A481-D0F6-488D-BF2B-C20FDE8374D3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B029B561-246E-4719-80F7-26284C45B208}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{44C7E51D-520C-4C1A-8F81-36C6993F8A36}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CB052BD8-0BD3-46E5-B9A6-D50D095361EB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8A5A1F8B-D327-49AB-A02F-033FBC018066}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{48C46D9B-3922-4D4B-B0FD-9F491F78C780}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [UDP Query User{C4D72A2E-28F0-4CAA-9DEB-54708B88857A}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [{5E18A4FC-CEDB-4ECA-8144-E484F3C153B5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{89E2D795-DC17-42B8-BF4B-E14534B6E018}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{B2765CFC-6C4B-444C-8520-7EB3DA334E29}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{789E0C8C-E5E4-4191-997D-4618C9003170}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{F93740DA-A860-468F-8A87-633E798794A5}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A270CB0A-04F0-4C75-8AE3-99C017CF0BC2}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AA1762B5-2308-4099-97B2-01B8E7723264}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{C29168EC-A98C-4E81-87B1-F75E31E76A37}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CB1901ED-890A-48C9-AD17-35DF801F69F6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{58836AFB-8B5E-47C2-A9E8-39095586CC95}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{FFEE2111-3016-4ED3-A1B9-F1FE68E5FB94}C:\users\user\downloads\hercules_3-2-6.exe] => (Allow) C:\users\user\downloads\hercules_3-2-6.exe
FirewallRules: [UDP Query User{9A6BD6DF-1D14-4792-8041-3F6DAA2082B5}C:\users\user\downloads\hercules_3-2-6.exe] => (Allow) C:\users\user\downloads\hercules_3-2-6.exe
FirewallRules: [TCP Query User{4E5A145E-C6DC-4783-8F9D-3C32DEB6F2D0}C:\program files (x86)\crestron\toolbox\vptcomserver.exe] => (Allow) C:\program files (x86)\crestron\toolbox\vptcomserver.exe
FirewallRules: [UDP Query User{7F61C7AA-167E-40F2-984A-093EC712A7CF}C:\program files (x86)\crestron\toolbox\vptcomserver.exe] => (Allow) C:\program files (x86)\crestron\toolbox\vptcomserver.exe
FirewallRules: [TCP Query User{AF3C72AA-A556-4D67-8684-5211F49EB623}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6AA44FEE-D6F7-4B70-BFEC-997DBDB4B33B}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A4734A7F-3EF6-4BDC-87D8-6CCE81AEDE65}C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe
FirewallRules: [UDP Query User{6C26C367-321D-4016-8DF2-4CCE42CF999B}C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe
FirewallRules: [{2C1E8FD7-A3AA-4AEE-AA2A-F5C64FC30E3B}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [{AF32F78A-C09C-4DC4-BD4B-91C3A76C20C5}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [TCP Query User{C692F293-666C-4EC9-8295-90EC8149FC0A}C:\program files (x86)\boxee\boxee.exe] => (Allow) C:\program files (x86)\boxee\boxee.exe
FirewallRules: [UDP Query User{45A31A3D-6561-4DEF-BEA0-D93157E9DCEB}C:\program files (x86)\boxee\boxee.exe] => (Allow) C:\program files (x86)\boxee\boxee.exe
FirewallRules: [{7FDA7405-753D-44AA-9171-89BE4437BFB1}] => (Allow) LPort=2869
FirewallRules: [{50AB1FE6-625C-47F1-B078-7D4BF98F0CA0}] => (Allow) LPort=2869
FirewallRules: [{B35F493E-E5C9-46E1-8DEE-17B53776E691}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{3405EF07-4CC0-49D3-930C-D25DDA0872C8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{D517C30F-6D25-435F-8221-118F2E382742}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{856B825B-5CEC-4BE8-A522-9E8339CB568D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{1D933754-1677-4689-8488-B85F60002C21}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{139448B3-A743-4D02-A748-FE127CFA0B8F}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{CC02E6D7-9746-493E-AE98-C1DE9D3FA82F}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{4C30B13C-371B-4C99-A77D-60B896AE111C}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{74883BB3-FC4B-486F-9C6A-AEA52DED030F}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{D8C21ED9-806A-4048-963C-41CE8B5BCB4A}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{A47E54C7-687E-44CA-9FC7-A2042B0E5501}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [{EA09E8C1-491C-48AA-AD28-CF2858937C60}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [{7BDA8493-95F3-4682-A1B2-EB9F48F464EA}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{C8763D6B-6EE0-4BE6-9FF3-312AE1579E06}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{476AC9AB-E017-4849-9066-F270231986DA}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{698F4147-C95A-43D9-ABEA-05E6F7041325}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{9696D58B-C6BF-4122-A9DD-617A20A8CD4E}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{505AFA83-A99D-48E4-A4C1-4992F2D66445}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [TCP Query User{2F57D1C6-18A8-4BEA-9614-4F6B57C6023A}E:\ip installer\lupusnet_ipinstallerger_v2.2.exe] => (Allow) E:\ip installer\lupusnet_ipinstallerger_v2.2.exe
FirewallRules: [UDP Query User{FA79D07F-5EE1-43A9-BD9D-92670256D28B}E:\ip installer\lupusnet_ipinstallerger_v2.2.exe] => (Allow) E:\ip installer\lupusnet_ipinstallerger_v2.2.exe
FirewallRules: [TCP Query User{EAF00569-8BB1-4E92-BEA3-6755A802E350}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{C3B6F9D2-C881-4363-BD1B-AA286571827D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{9B6FAF07-DA3E-48D2-9A5A-D8E54B1D0BED}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{A58F8054-BAEA-40F5-A575-12A4745C55AD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B23E4835-4C32-4C30-8509-160DFD8BE958}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AF57CBF7-B266-43ED-82AB-A461C4A8CC3D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7038D03E-94CD-4215-A639-F277E5183315}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AAE4D16E-C331-483A-975E-FBD54D9A30E1}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Media Synchronization Tool\bin\FX2_0\Autonomic.Synchronization.App.exe
FirewallRules: [{4CBEA326-7838-46F7-9017-0545B60AF08A}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Media Synchronization Tool\bin\FX2_0\Autonomic.Synchronization.App.exe
FirewallRules: [{061A56D7-36B3-4618-946C-0A8F05C9E1B1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3CA41D9F-46BD-46D6-B24A-2C18545A21ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7EC0A844-5DA4-4117-B5A6-DAAEF9BB35C1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{35E2DDF3-A154-4FB0-878A-FEE3B6EBE34B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{83B99151-1593-4FE3-8483-EC84A46888D6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{0712E40F-A45B-419D-85EA-77351D1F5905}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C27A2881-BDC3-415B-AC3B-858D6EEB1EA2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{FAE6ECC5-D619-49FF-95BE-DADC1F3C016E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{855D9416-C583-418E-B58E-103009CC6709}C:\prog\hercules_3-2-6.exe] => (Block) C:\prog\hercules_3-2-6.exe
FirewallRules: [UDP Query User{C4178F18-4EA1-4589-8A75-1A315231582B}C:\prog\hercules_3-2-6.exe] => (Block) C:\prog\hercules_3-2-6.exe
FirewallRules: [{941F2DE4-C04B-45A4-BA83-84B8B1FE7B36}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F877B393-F3BF-4740-B19C-7B05D9BD8808}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E2D6CE2E-80A2-432D-8DB2-AADD94F98FB5}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{DBE44FA9-EE5C-4F8F-9C17-FB206607E407}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{A9F2BFBD-06E6-4A8D-B715-8C41D7DCE979}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{CEB5B6D7-1591-41A1-B5A8-7E3E4866DAEA}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{E083091F-A324-44A8-A07C-342031093E64}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\ASM.exe
FirewallRules: [{7F135248-C4EC-4922-B9E7-09EC940C7C91}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\ASM.exe
FirewallRules: [{7407E155-2E66-4D3B-B96B-9746D07644F0}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\cyibxsp.exe
FirewallRules: [{10CC0EFD-D132-42B3-9542-F88FCCDC5A2C}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\cyibxsp.exe
FirewallRules: [TCP Query User{90662145-CFF8-4B09-8BEC-89190838FB7C}C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe] => (Block) C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe
FirewallRules: [UDP Query User{C7EB528E-C9C4-410E-8DD7-09F564415C59}C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe] => (Block) C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe
FirewallRules: [TCP Query User{8A117562-229A-4427-93A6-699CF3478747}C:\program files (x86)\siedle\access asoem 170\asm.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\asm.exe
FirewallRules: [UDP Query User{7FC1FE9C-3885-4DE3-8D6B-D098DA08439C}C:\program files (x86)\siedle\access asoem 170\asm.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\asm.exe
FirewallRules: [TCP Query User{018509BD-B03B-4514-9EC2-C0D5F47DA276}C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe
FirewallRules: [UDP Query User{D86B56A4-B96A-4026-9447-C3A1AF2A3F67}C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe
FirewallRules: [{483BAD99-AA2C-4E46-B3F6-D915D4D3DCCF}] => (Allow) LPort=7070
FirewallRules: [{ACD4F3F8-3292-4953-85A6-5030EC2C70DF}] => (Allow) LPort=7071
FirewallRules: [{0078F072-0051-4654-A379-35FADD110BDD}] => (Allow) LPort=7707
FirewallRules: [{061994BF-47FB-4CA8-BC77-AA5A01607035}] => (Allow) LPort=7777
FirewallRules: [{9B68437A-6C4E-46B9-BEAD-A6F0CE41EE94}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{34BE5D63-AB4C-4446-93DF-F3A5912F1CDF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{972B4F21-A08B-4379-A306-82BD53430B02}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{ABEE9B5F-484E-4FE1-BC3E-609379274168}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{E49571F8-94D3-4A18-8DE1-65A4AFABA7F5}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{DA4685D1-053B-48B6-BDF4-890797A8BA0A}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{4B896025-1EAD-4620-B10F-927CBAA766B2}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{4477834A-FF78-4E41-8F7D-4BE531249DF5}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{B59D5148-7D4F-424C-B5CA-CF377118ACB5}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [{75CBC92E-03EC-4EB1-814A-85C1BAD6B649}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [TCP Query User{653993A0-E147-49AF-A8F2-1D447FC41D32}C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe] => (Block) C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe
FirewallRules: [UDP Query User{D3ED7C0B-B595-4208-97E2-2664D5A19100}C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe] => (Block) C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe
FirewallRules: [{3CCB729D-1D99-4DB0-B9E5-9099DE4FEF1E}] => (Allow) LPort=7070
FirewallRules: [{FCAB30B1-4513-42EB-892A-37DD42407AB8}] => (Allow) LPort=7070
FirewallRules: [{F2FC2133-5E0A-40F8-B274-F4878F481498}] => (Allow) LPort=7071
FirewallRules: [{D4054453-73E5-49B0-9548-8034346621D0}] => (Allow) LPort=7071
FirewallRules: [{80E6CC9F-D4A9-48B7-93CB-57477A9B627D}] => (Allow) LPort=7707
FirewallRules: [{D74FD780-F163-4957-9108-D77B41F98372}] => (Allow) LPort=7707
FirewallRules: [{9B682EF1-914B-48E8-892E-43A8D03E6927}] => (Allow) LPort=7777
FirewallRules: [{8E4B2ADC-6C69-45C1-B702-42E4FAEB0A12}] => (Allow) LPort=7777
FirewallRules: [TCP Query User{28D260CB-45A2-45C5-9DF6-4843B1966545}C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe
FirewallRules: [UDP Query User{BE7A7804-8B01-40BF-AE8B-DD24132FD769}C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe
FirewallRules: [{7243E4E8-FC54-4865-AA8C-05F8FC156D9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A9C08AFD-F7A8-48EF-AB8F-AC57E362E550}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7EC23BC3-C21F-4738-A2B9-4CF9AF9F417F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A9976C96-ADA8-46A6-B425-B37DA616D43A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DA840025-DF60-4F3F-9828-77A750A912A6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2BE52018-D548-4C3E-A627-77119D1A2E42}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{22CD3265-882D-4D5F-B225-6DF095A9E8ED}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{88DE57D7-D05A-47BF-A115-C66794B7C5CC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{CC4B06BB-A85A-4E8D-9460-A04690B1F9D4}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\ASC.exe
FirewallRules: [{3CF82E0C-6226-4C2E-A3CE-09DB3B802364}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\ASC.exe
FirewallRules: [{6A56752C-93CA-48C1-8E22-86342458E8D0}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\cyibxsp.exe
FirewallRules: [{EA4B0C8F-EF58-47D9-B4B9-6AED14B6A0FC}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\cyibxsp.exe
FirewallRules: [{F77CFB7F-5844-4C79-9F4D-5B583B1DD641}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{267EA46C-38B1-4108-918E-4D1B36DE826B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{93B74F23-3E3B-46BA-B67B-BAAA2BE9847C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3AB0AC45-4872-421F-94A9-0559DA9A200E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{55933894-1578-410A-9007-A5FC90F79455}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F2D08CD4-657D-495D-A8A2-D9581C176724}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{3BB4B181-EB78-4266-AC83-CBFD53C9E576}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7E121398-9398-476A-9763-13B016863312}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{94A4EE9C-5AC1-414C-8BF8-0F6FD5696A64}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{93097904-0777-46F2-A81F-F246CF185AFD}] => (Allow) LPort=15000
FirewallRules: [{1AF91464-D10B-414C-9BAA-09EC1EC8EF60}] => (Allow) C:\Program Files (x86)\Siedle\Access ASHT 170\ASHT.exe
FirewallRules: [{392825C3-C338-4967-93B9-4FF30028527D}] => (Allow) C:\Program Files (x86)\Siedle\Access ASHT 170\ASHT.exe
FirewallRules: [TCP Query User{20E54D1A-0C27-4E34-8491-5B1645AD5EF8}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe
FirewallRules: [UDP Query User{89B4342F-1EC0-40E5-A84D-4FC248022612}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe
FirewallRules: [{DDC9F7BA-83BC-4836-9675-04F18FA19E8C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{3DCB42EA-C617-4780-973B-FC3BB1F352BF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{6BE23D41-3CDA-4B9B-A181-D1158AD1D996}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{51B5D576-CAE3-4812-BD54-C26BF3B850AD}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{51B4181D-7EF6-436B-AF2C-A6AE53610B8E}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{3FACEA96-8BC1-4F05-8220-AA15B194B35A}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{A4F98AD4-65AA-4D71-82A1-511600DA5862}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{BB0799B1-6773-4080-8BC3-0A716AFA6F93}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{2D93C28B-6419-470D-8D83-693E8C2B3DFF}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/14/2015 08:13:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/14/2015 08:13:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.1.0.2, Zeitstempel: 0x4f4a262d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19045, Zeitstempel: 0x56259271
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0xf7c
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (12/14/2015 08:11:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 500: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (12/14/2015 08:11:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (12/14/2015 08:11:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 500: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (12/14/2015 08:11:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (12/14/2015 08:11:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 500: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (12/14/2015 08:11:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (12/14/2015 08:11:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 500: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (12/14/2015 08:11:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053


Systemfehler:
=============
Error: (12/14/2015 08:13:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/14/2015 08:13:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/14/2015 08:13:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.

Error: (12/14/2015 08:13:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DHCP Server" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/14/2015 08:13:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TVicPort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/14/2015 07:05:38 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.

Error: (12/14/2015 07:05:37 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: USER)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.

Error: (12/11/2015 02:37:52 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{E9BB59C6-A501-411F-93AB-FDBC3D1AD88B}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (12/11/2015 12:37:48 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (12/11/2015 07:30:47 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.


CodeIntegrity:
===================================
  Date: 2015-11-25 13:00:15.606
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 13:00:15.546
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:59:42.459
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:59:42.397
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:50:47.832
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:50:47.712
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:49:47.610
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:49:47.540
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:45:15.797
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:45:15.727
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 7888.79 MB
Verfügbarer physikalischer RAM: 4698.73 MB
Summe virtueller Speicher: 15775.79 MB
Verfügbarer virtueller Speicher: 12285.48 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:214.1 GB) (Free:34.58 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive s: (Volume) (Network) (Total:1500 GB) (Free:363.44 GB) NTFS
Drive x: (Volume) (Network) (Total:1500 GB) (Free:363.44 GB) NTFS
Drive y: (Volume) (Network) (Total:1500 GB) (Free:363.44 GB) NTFS
Drive z: (Volume) (Network) (Total:1500 GB) (Free:363.44 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 89157FD8)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=214.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=84)

==================== Ende von Addition.txt ============================
         
__________________


Alt 14.12.2015, 09:26   #3
Deathkid535
/// Malwareteam
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch





Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen.

Bitte beachte, dass es ein paar Regeln gibt:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte, unterbreche deine Arbeit, poste die entstandenen Logs und schildere dieses so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools welche hier im Thread erwähnt werden
  • Antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen

Schritt # 1: MBAM

Lade dir, falls nicht schon vorhanden, Malwarebytes Anti-Malware herunter, installiere und starte es.
  • Gehe in die Einstellungen, unter Erkennung und Schutz und setze das Hakerl für Suche nach Rootkits
  • Wechsle ins Amaturenbrett und klicke auf Jetzt Scannen
  • Nachdem der Suchlauf abgeschlossen ist, verschiebe alle vorhandenen Funde in die Quarantäne.
  • Nachdem der PC neu gestartet hat, findest du unter dem Punkt Verlauf dein Logfile. Poste mir dieses hier.



Schritt # 2: AdwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt # 3: FRST

Bitte noch ein frisches FRST-Log.



Schritt # 4: Bitte Posten
  • Das Log von MBAM
  • Das Log von AdwCleaner
  • Das frische FRST-Log
__________________
__________________

Alt 14.12.2015, 10:02   #4
dimmu311
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



Hallo Dennis,

vielen Dank für deine schnelle Unterstützung.
Ein bisschen was wurde gefunden.
Hier die Logs.:

ADW
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.025 - Bericht erstellt am 14/12/2015 um 10:51:34
# Aktualisiert am 13/12/2015 von Xplode
# Datenbank : 2015-12-13.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : User - User
# Gestartet von : C:\Users\User\Downloads\AdwCleaner_5.025.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [645 Bytes] ##########
         
--- --- ---

[/CODE]

ABAM:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 14.12.2015
Suchlaufzeit: 10:33
Protokolldatei: AM.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.14.02
Rootkit-Datenbank: v2015.12.07.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: TRenner

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 563060
Abgelaufene Zeit: 12 Min., 40 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 5
PUP.Optional.TempMoudleSet, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MUSTANGSERVICE_2015_10_10, In Quarantäne, [73870c9899f26bcbad76e216a0637888], 
PUP.Optional.CrossRider, HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{10BFC4C5-8AC0-4BDA-9EF2-8730A414CDE0}, In Quarantäne, [23d77d279deec96d16eebad5ae55be42], 
PUP.Optional.CrossRider, HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D13BCCA-1BB0-41D5-9183-E2F96BAA8D2F}, In Quarantäne, [ea10edb78dfe61d534cf8708986b8f71], 
PUP.Optional.CrossRider, HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CFBC6125-6F1C-4FBF-92BE-F934FA249382}, In Quarantäne, [57a3c5df4a4189adc93b4946976ca45c], 
PUP.Optional.RegCleanerPro, HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\SOFTWARE\SYSTWEAK\RegClean Pro, In Quarantäne, [6397a2024e3dc76f63907c312ad9956b], 

Registrierungswerte: 4
PUP.Optional.TempMoudleSet, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MustangService_2015_10_10|ImagePath, C:\ProgramData\TempMoudleSet\MustangSer1810.exe, In Quarantäne, [73870c9899f26bcbad76e216a0637888]
PUP.Optional.CrossRider, HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{10BFC4C5-8AC0-4BDA-9EF2-8730A414CDE0}|AppName, TubeSaver-15-enabler.exe-codedownloader.exe, In Quarantäne, [23d77d279deec96d16eebad5ae55be42]
PUP.Optional.CrossRider, HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D13BCCA-1BB0-41D5-9183-E2F96BAA8D2F}|AppName, TubeSaver-15-enabler.exe-buttonutil.exe, In Quarantäne, [ea10edb78dfe61d534cf8708986b8f71]
PUP.Optional.CrossRider, HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CFBC6125-6F1C-4FBF-92BE-F934FA249382}|AppName, TubeSaver-15-enabler.exe-codedownloader.exe, In Quarantäne, [57a3c5df4a4189adc93b4946976ca45c]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.TempMoudleSet, C:\ProgramData\TempMoudleSet, In Quarantäne, [3ebc851f52398ea804d13172e31f26da], 
PUP.Optional.TempMoudleSet, C:\ProgramData\TempMoudleSet\update, In Quarantäne, [3ebc851f52398ea804d13172e31f26da], 

Dateien: 1
PUP.Optional.TempMoudleSet, C:\ProgramData\TempMoudleSet\MustangSer1810.exe, In Quarantäne, [73870c9899f26bcbad76e216a0637888], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

FRST:


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-12-2015
durchgeführt von User (Administrator) auf NBWIN702 (14-12-2015 10:52:54)
Gestartet von C:\Users\User\Downloads
Geladene Profile: User (Verfügbare Profile: User & Useradmin & Administrator & USERADMIN)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cimetrics Inc.) C:\Program Files (x86)\WAGO Software\WAGO BACnet Configurator\BACstac64\bacstac-gtw.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Fortinet Inc.) C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
() C:\ProgramData\DataCardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Global IP Telecommunications Ltd.) C:\ProgramData\Juggler\Juggler\Juggler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSkypeDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraCiscoJabberDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraShoreTelDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaIPDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSametimeV85Driver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraBriaDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraCiscoWebExConnectDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraNECDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraMicrosoftLyncPresence.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Global IP Telecommunications Ltd.) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\vapm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452968 2012-03-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-07] (NVIDIA Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-19] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Lenovo App Shop] => "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe [741360 2013-11-27] (Kaspersky Lab ZAO)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKLM\...\Policies\Explorer: [UseDefaultTile] 1
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [AxStartup] => [X]
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [AC_RemoteMediaSync] => "C:\Program Files (x86)\Autonomic Controls\Media Synchronization Tool\bin\FX2_0\Autonomic.Synchronization.App.exe" -autorun
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [Dropbox Update] => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [JUGGLER.EXE] => C:\ProgramData\Juggler\Juggler\Juggler.exe [10481664 2015-02-08] (Global IP Telecommunications Ltd.)
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {29aa4ed1-f48f-11e2-9f4b-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {2b08ed40-716e-11e5-9824-8d6da38fbdf6} - D:\AutoRun.exe
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {2b08eda4-716e-11e5-9824-8d6da38fbdf6} - D:\AutoRun.exe
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {defc3b85-1f55-11e3-9bde-028037ec0200} - E:\SETUP.EXE
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Winlogon: [Shell] C:\Windows\EXPLORER.EXE [2871808 2011-12-08] (Microsoft Corporation) <==== ACHTUNG
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-05] (NVIDIA Corporation)
ShUserconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShUserconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShUserconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShUserconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Jabra Device Service.lnk [2014-06-25]
ShortcutTarget: Jabra Device Service.lnk -> C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe (GN Netcom A/S)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk [2014-04-21]
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2013-09-09]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk [2014-04-21]
ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.200.12
Tcpip\..\Interfaces\{14963338-2037-4E84-B41F-6CBD53B215C9}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{3A1D8E10-CDCB-47A1-9210-DFF3E7311D98}: [NameServer] 192.168.150.1
Tcpip\..\Interfaces\{537D38FE-2785-48BE-AD82-8BE40F79ADCE}: [DhcpNameServer] 192.168.200.12
Tcpip\..\Interfaces\{65869497-A756-491B-9BC6-6A3092E552B6}: [DhcpNameServer] 192.168.150.1
Tcpip\..\Interfaces\{9E4E735E-239D-4A39-A318-B86CDDF68521}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A7800664-D53A-4B05-A5EB-A5F3B50FAB96}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{E9BB59C6-A501-411F-93AB-FDBC3D1AD88B}: [DhcpNameServer] 192.168.4.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE549
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-10-22] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {15A7CF10-CB3E-4265-8779-9FD22619E8ED} file:///C:/Projekte/Kaske/XPanel%20Kaske%20V24_V044.xweb/XPanel.cab
DPF: HKLM-x32 {73888E2B-FF04-416C-8847-984D7FC4507F} hxxp://192.168.0.56/RtspVaPgDecNew2.cab
DPF: HKLM-x32 {C1D592D2-D4F6-4E9C-968D-797449DC0ADC} hxxp://www.dvrstation.com/webServer.cab
DPF: HKLM-x32 {F74959B0-1779-472E-BE6E-3023E1DBEC73} file:///C:/Projekte/Kaske/XPanel%20Kaske%20V24_V044.xweb/Xinit.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\SslvpnClient\npccplugin.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\SslvpnClient\npccpluginex.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\SslvpnClient\nptcplugin.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @HUNT.com.tw/NP_HOEM_X -> C:\Windows\system32\WebWatch2\np_hoem_x.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2557082223-2624319934-3865501230-3146: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2557082223-2624319934-3865501230-3146: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2013-12-30] (Tracker Software Products (Canada) Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-09]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-09]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-09]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-09]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-10]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-10]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-10]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fhjcajmcbmldlhcimfajhfbgofnpcjmb [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-10]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-10]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe [741360 2013-11-27] (Kaspersky Lab ZAO)
R2 BACstac; C:\Program Files (x86)\WAGO Software\WAGO BACnet Configurator\BACstac64\bacstac-gtw.exe [236032 2013-02-27] (Cimetrics Inc.) [Datei ist nicht signiert]
S3 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 FortiSslvpnDaemon; C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe [954080 2014-04-09] (Fortinet Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4683144 2014-07-15] (SafeNet Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 klnagent; C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe [132600 2013-11-19] (Kaspersky Lab ZAO)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [650240 2013-03-01] () [Datei ist nicht signiert]
R2 MSSQL$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe [62382256 2015-03-29] (Microsoft Corporation)
R2 MSSQL$WAGO; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-07] (NVIDIA Corporation)
S3 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2014-06-05] (The OpenVPN Project)
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2987520 2014-10-29] (Microsoft Corporation) [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S4 SQLAgent$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-29] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-11-11] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [655400 2012-02-03] (Ericsson AB)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
S2 DHCPServer; "C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-09] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-06-30] (Google Inc)
R3 AX88179; C:\Windows\System32\DRIVERS\ax88179_178a.sys [66560 2013-12-05] (ASIX Electronics Corp.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
S3 CtrnWinUsbLowerFilter; C:\Windows\System32\DRIVERS\CtrnWinUsbLowerFilter.sys [13920 2013-05-07] (Crestron Electronics Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-11] ()
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-07-15] (SafeNet Inc.)
S3 KinectCamera; C:\Windows\System32\Drivers\kinectcamera.sys [192512 2013-02-27] (Microsoft Corporation) [Datei ist nicht signiert]
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-09-05] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [98400 2015-11-09] (Kaspersky Lab ZAO)
R1 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [30816 2013-07-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [661600 2015-11-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-07-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54104 2012-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177760 2013-07-01] (Kaspersky Lab ZAO)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [102440 2012-01-13] (Ericsson AB)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [42944 2010-09-09] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-14] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-08-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-08-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-08-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-08-22] (MCCI Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [Datei ist nicht signiert]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-02-05] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
R3 pppop; C:\Windows\System32\DRIVERS\pppop64.sys [42528 2009-07-21] (Fortinet Inc.)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-29] (Microsoft Corporation)
S3 RTLU3E8023-W7-64; C:\Windows\System32\DRIVERS\rtu30x64w7.sys [83160 2013-10-12] (Realtek                                            )
U2 TVicLPT; kein ImagePath
S2 TVicPort; kein ImagePath
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [282152 2011-12-07] (Ericsson AB)
S3 btwampfl; \??\C:\Windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-14 10:50 - 2015-12-14 10:50 - 01740288 _____ C:\Users\User\Downloads\AdwCleaner_5.025 (1).exe
2015-12-14 10:31 - 2015-12-14 10:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-14 10:31 - 2015-12-14 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-14 10:31 - 2015-12-14 10:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-14 10:31 - 2015-12-14 10:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-14 10:31 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-14 10:31 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-14 10:31 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-14 10:30 - 2015-12-14 10:30 - 22908888 _____ (Malwarebytes ) C:\Users\User\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-14 10:22 - 2015-12-14 10:22 - 01740288 _____ C:\Users\User\Downloads\AdwCleaner_5.025.exe
2015-12-14 08:14 - 2015-12-14 10:52 - 00040620 _____ C:\Users\User\Downloads\FRST.txt
2015-12-14 08:14 - 2015-12-14 08:44 - 00077844 _____ C:\Users\User\Downloads\Addition.txt
2015-12-14 07:58 - 2015-12-14 10:52 - 00000000 ____D C:\FRST
2015-12-14 07:57 - 2015-12-14 07:57 - 02369536 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-12-11 13:55 - 2015-12-11 13:55 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-12-11 09:19 - 2015-12-11 09:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-10 14:14 - 2015-12-14 10:51 - 00000000 ____D C:\AdwCleaner
2015-12-10 07:57 - 2015-12-10 07:57 - 00000000 _____ C:\Windows\system32\SBRC.dat
2015-12-10 07:53 - 2015-12-10 07:53 - 00000000 ____D C:\ProgramData\VIPRE
2015-12-10 07:52 - 2015-12-10 11:48 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-12-10 07:51 - 2015-12-10 07:51 - 00000000 ____D C:\Program Files (x86)\iS3
2015-12-09 15:45 - 2015-12-09 15:45 - 00000000 ____D C:\SUPERDelete
2015-12-09 15:43 - 2015-12-10 07:58 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-12-09 15:01 - 2015-12-09 15:01 - 00000000 _____ C:\autoexec.bat
2015-12-08 11:47 - 2015-12-08 11:47 - 00000433 _____ C:\Users\User\Downloads\AppleTV[1].ir
2015-12-03 09:17 - 2015-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-03 07:26 - 2015-12-03 07:26 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-12-02 10:30 - 2015-12-02 10:30 - 07908787 _____ C:\Users\User\Downloads\DB.KNX36361-DFE.1411_Jalousieaktor_8-4-fach.zip
2015-12-02 08:41 - 2015-12-02 08:41 - 00161411 _____ C:\Users\User\Downloads\1E36306_8_REG_V11.knxprod
2015-11-25 13:19 - 2015-12-08 12:05 - 00001311 _____ C:\Users\Public\Desktop\Access Servicetool.lnk
2015-11-25 13:19 - 2015-11-25 13:19 - 00000000 ____D C:\Program Files\Siedle
2015-11-25 13:11 - 2015-11-25 14:03 - 00000000 ____D C:\Users\User\Desktop\Siedle
2015-11-25 11:42 - 2015-11-25 11:42 - 00001162 _____ C:\Users\Public\Desktop\ASHT 170.lnk
2015-11-17 16:59 - 2015-11-17 16:59 - 00000000 ____D C:\79b406714c64b85199c9
2015-11-16 11:39 - 2015-11-16 11:39 - 00000020 ___SH C:\Users\Useradmin.USER\ntuser.ini
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Vorlagen
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Startmenü
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Netzwerkumgebung
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Lokale Einstellungen
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Eigene Dateien
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Druckumgebung
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Documents\Eigene Videos
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Documents\Eigene Musik
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Documents\Eigene Bilder
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\AppData\Local\Verlauf
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\AppData\Local\Anwendungsdaten
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Anwendungsdaten
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 ____D C:\Users\Useradmin.USER
2015-11-16 11:39 - 2013-08-17 15:21 - 00000000 ____D C:\Users\Useradmin.USER\AppData\Local\Microsoft Help
2015-11-16 11:39 - 2013-07-24 19:41 - 00000000 ____D C:\Users\Useradmin.USER\AppData\Roaming\Macromedia
2015-11-16 11:39 - 2011-12-08 21:42 - 00000000 ____D C:\Users\Useradmin.USER\AppData\Roaming\Media Center Programs

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-14 10:51 - 2013-07-25 05:25 - 00816852 _____ C:\Windows\system32\perfh007.dat
2015-12-14 10:51 - 2013-07-25 05:25 - 00193828 _____ C:\Windows\system32\perfc007.dat
2015-12-14 10:51 - 2009-07-14 06:13 - 01949084 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-14 10:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-14 10:49 - 2015-11-09 14:36 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-12-14 10:49 - 2014-09-15 12:54 - 00000000 ____D C:\Users\User\Documents\Outlook-Dateien
2015-12-14 10:49 - 2013-10-13 19:44 - 00000000 ___RD C:\Users\User\Documents\Dropbox
2015-12-14 10:49 - 2013-10-13 19:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2015-12-14 10:49 - 2013-07-24 19:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-14 10:48 - 2014-09-15 12:40 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-14 10:48 - 2013-08-17 12:48 - 00000112 _____ C:\Windows\system32\config\netlogon.ftl
2015-12-14 10:48 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-14 10:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Vss
2015-12-14 10:33 - 2013-07-24 19:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-14 10:13 - 2015-06-22 06:28 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146UA.job
2015-12-14 10:05 - 2014-09-16 06:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-14 08:28 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-14 08:28 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-14 08:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-14 07:13 - 2015-06-22 06:28 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146Core.job
2015-12-10 13:03 - 2014-05-06 11:23 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2015-12-10 12:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-10 10:54 - 2014-09-08 15:15 - 00000000 ____D C:\Program Files (x86)\DALITools
2015-12-09 16:43 - 2015-08-12 12:48 - 00000061 _____ C:\Windows\030_KnxDaliGatewayR3.INI
2015-12-09 15:36 - 2013-09-25 21:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-09 15:01 - 2013-08-17 13:54 - 00000000 ____D C:\Users\User
2015-12-09 10:05 - 2014-09-16 06:59 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 10:05 - 2013-11-13 07:13 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 10:05 - 2013-08-17 15:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-03 07:26 - 2013-07-24 19:51 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2015-12-03 07:26 - 2013-07-24 19:37 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-12-03 07:26 - 2013-07-24 13:16 - 00000000 ____D C:\ProgramData\Lenovo
2015-12-02 13:18 - 2010-11-21 04:27 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-02 12:28 - 2013-07-24 19:46 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 12:28 - 2013-07-24 19:46 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-27 09:09 - 2013-12-17 14:33 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla
2015-11-25 15:38 - 2014-06-22 14:06 - 00000000 ____D C:\Users\User\.VirtualBox
2015-11-25 13:19 - 2014-12-04 16:19 - 00000000 ____D C:\ProgramData\Siedle
2015-11-25 13:19 - 2014-12-04 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Siedle
2015-11-25 11:43 - 2014-12-04 16:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Siedle
2015-11-25 11:42 - 2014-12-04 16:19 - 00000000 ____D C:\Program Files (x86)\Siedle
2015-11-23 15:06 - 2013-08-17 12:49 - 00066198 __RSH C:\ProgramData\ntuser.pol
2015-11-18 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-18 14:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-17 19:02 - 2009-07-14 05:45 - 00548448 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-17 16:59 - 2013-08-17 14:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-17 16:59 - 2013-08-17 13:19 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-17 16:59 - 2013-08-17 13:19 - 00000000 ____D C:\Windows\system32\MRT
2015-11-17 16:58 - 2013-08-17 14:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-17 16:36 - 2013-08-17 14:18 - 01923364 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-17 16:31 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-11-17 16:30 - 2011-12-08 21:43 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-16 18:06 - 2014-09-10 08:24 - 00000068 _____ C:\Windows\CoDeSysOPC.ini
2015-11-16 18:00 - 2013-08-17 14:44 - 00000000 ____D C:\ProgramData\Gateway Files

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-05-04 20:47 - 2014-05-04 20:47 - 0663348 _____ () C:\Program Files\linuxrc
2014-06-20 18:55 - 2015-11-03 09:27 - 0000600 _____ () C:\Users\User\AppData\Local\PUTTY.RND
2015-11-12 08:03 - 2014-08-15 14:50 - 0000808 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2015-05-29 12:28 - 2015-05-29 12:28 - 0007599 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2013-08-17 19:31 - 2014-01-15 22:25 - 0000376 _____ () C:\ProgramData\LastUpdate.xml

Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkx5z6s.dll
C:\Users\User\AppData\Local\Temp\IntResource.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-10 12:56

==================== Ende von FRST.txt ============================
         
--- --- ---

[/CODE]

und die additon wieder im nächsten Post.

Vielen Dank

Alt 14.12.2015, 10:03   #5
dimmu311
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



und hier noch die additions

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-12-2015
durchgeführt von User (2015-12-14 10:53:14)
Gestartet von C:\Users\User\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-08-17 18:29:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3238437269-852521613-3698105168-500 - Administrator - Disabled)
USERADMIN (S-1-5-21-3238437269-852521613-3698105168-1001 - Administrator - Enabled) => C:\Users\USERADMIN
Gast (S-1-5-21-3238437269-852521613-3698105168-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Endpoint Security 10 für Windows (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Advanced IP Scanner 2.3 (HKLM-x32\...\{18FC0DE0-9381-42A8-B20C-B7C0E3525B76}) (Version: 2.3.2161 - Famatech)
AVR Burn-O-Mat 2.1.2 (HKLM-x32\...\{B9F41D01-DB28-4595-B93C-2732A54CBEA2}_is1) (Version:  - Torsten Brischalle)
BlackBoard (HKLM-x32\...\BlackBoard) (Version: 1.1.0 - Matthias Pueski)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BPS650 (HKLM-x32\...\{4F3C4874-D5D9-41A0-B8DE-FD7CA4690CE3}) (Version: 2.11.1 - Siedle)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version:  - )
CoDeSys for Automation Alliance (HKLM-x32\...\{07976ABB-1EBD-4A65-A7C7-155A0DC17173}) (Version:  - 3S-Smart Software Solutions GmbH)
Crestron Database 53.00.007.00 (HKLM-x32\...\{9E52ACC4-ABB4-41A1-9D99-1229F0E3C0C2}_is1) (Version: 53.00.007.00 - Crestron Electronics Inc.)
Crestron Device Database68.05.001.00 (HKLM-x32\...\{6686F38D-1A32-4A8C-94D7-A2AA9C5F3C9B}_is1) (Version: 68.05.001.00 - Crestron Electronics Inc.)
Crestron Digital Media Tools v3.00 (HKLM-x32\...\{DDD189C7-8590-4372-A494-08592E360B46}) (Version: 3.01.01 - Crestron Electronics Inc.)
Crestron MasterInstaller (HKLM-x32\...\{71B06E52-A152-43DE-B414-C2DD22D81A25}) (Version: 3.00.09.00 - Crestron Electronics Inc.)
Crestron Procise Tools 2.40.617.00 (HKLM-x32\...\{CCA3AB83-BCA7-4CFF-B96C-977CC0C1424A}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron ProdigyTools  2.40.617.00 (HKLM-x32\...\{AE3B0014-DD7D-4156-8CB2-D2D8910AC8DF}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron ProSoundTools 2.40.617.00 (HKLM-x32\...\{77FB7E6E-D48E-44A7-8257-CD7CF40AADE7}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron SIMPL Window 4.03.15.00 (HKLM-x32\...\{8B508184-4E86-41C9-BCFF-EF8B1C7EF2BF}_is1) (Version: 4.03.15.00 - Crestron Electronics Inc.)
Crestron SmartGraphics 2.07.07.01 (HKLM-x32\...\{1CE8BCAB-8F15-403F-A9A0-2D2000C6B554}_is1) (Version: 2.07.07.01 - Crestron Electronics Inc.)
Crestron Toolbox 2.40.617.00 (HKLM-x32\...\{1B52BC01-2F6E-4FAE-BB09-1F28D2BF1D63}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron VisionTools Pro-e 5.9.05.04 (HKLM-x32\...\{E74BC26C-A114-4AE0-990E-BBFBB9F592A4}_is1) (Version: 5.9.05.04 - Crestron Electronics Inc.)
Crestron XPanel (HKLM-x32\...\CrestronXPanel) (Version: 2.07.07 - Crestron Electronics, Inc)
Crestron XPanel (x32 Version: 2.07.07 - Crestron Electronics, Inc) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DALI Monitor (HKLM-x32\...\DALIMonitor25) (Version:  - )
DEAL for Windows (HKLM-x32\...\{7005C601-B415-4D77-B2ED-FF40E3DACDED}) (Version: 4.02 - Crestron Electronics Inc.)
D-Fend Reloaded 1.3.6 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.3.6 - Alexander Herzog)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
ETS3 Professional (HKLM-x32\...\ETS3 Professional) (Version: 3.0.00990.0 - KNX Association)
ETS3 Professional (x32 Version: 3.0.00990.0 - KNX Association cvba) Hidden
Evernote v. 5.0.3 (HKLM-x32\...\{32D39568-3B77-11E3-88CE-00163E98E7D0}) (Version: 5.0.3.1614 - Evernote Corp.)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FortiClient SSLVPN v4.0.2300 (HKLM-x32\...\{A34DCE59-0004-0000-2300-3F8A9926B752}) (Version: 4.0.2300 - Fortinet Inc.)
Free YouTube Download version 3.2.49.1022 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1022 - DVDVideoSoft Ltd.)
FreeFileSync 6.6 (HKLM-x32\...\FreeFileSync) (Version: 6.6 - Zenju)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
GDR 4033 für SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
GDR 4042 für SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
GIRA TS3plus Plugin 1.0.0.0 (HKLM-x32\...\{892AAFA1-CBEE-419C-905D-BA2B728BB32A}) (Version: 1.0.0.0 - GIRA Giersiepen GmbH & Co. KG)
GIRA TS3plusPlugin1 1.1.1.0 (HKLM-x32\...\{109D0D31-581D-4CE3-A069-63CEFF2A46F0}) (Version: 1.1.1.0 - GIRA Giersiepen GmbH & Co. KG)
GO Contact Sync Mod (HKLM-x32\...\{2A0B0EE0-76F3-4DE6-8998-61E3262E642D}) (Version: 3.5.25 - WebGear, Create Software, Stru.be, saller.NET)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Jabra PC Suite 2.14.5888 (HKLM-x32\...\{6D22DD53-EC7D-45E7-A996-A18CB7C8DFE9}) (Version: 2.14.5888.0 - GN Netcom A/S)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Juggler 7.6.3 (HKLM-x32\...\{{DDB0D4D8-459A-4A26-8EB9-564846AB70AB}_is1) (Version: 4 - Global IP Telecommunications Ltd.)
Jung KRTS Plugin 1.0.1.1 (HKLM-x32\...\{8880F584-FAFC-498D-84DD-C92912D62CC9}) (Version: 1.0.1.1 - Albrecht Jung  GmbH & Co. KG)
JUNG RCS Plugin 1.0.1.0 (HKLM-x32\...\{4A9F2678-EF45-4F3B-8E3E-B1159C72BC1A}) (Version: 1.0.1.0 - Albrecht Jung GmbH & Co. KG)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Endpoint Security 10 für Windows (HKLM\...\{04CF7FBD-E56C-446D-8FC9-DD444BDBEE8E}) (Version: 10.2.1.23 - Kaspersky Lab)
Kaspersky Security Center Administrationsagent (HKLM-x32\...\InstallWIX_{2F383CB3-6D7C-449D-9874-164E49E1E0F5}) (Version: 10.1.249 - Kaspersky Lab ZAO)
Kaspersky Security Center Administrationsagent (x32 Version: 10.1.249 - Kaspersky Lab ZAO) Hidden
KNX eteC Falcon Runtime v2.1 (x32 Version: 2.1.5213.27900 - KNX Association cvba) Hidden
KNX ETS4 (HKLM-x32\...\KNX ETS4) (Version: 4.1.3614.46489 - KNX Association cvba)
KNX ETS4 (x32 Version: 4.1.3614.46489 - KNX Association cvba) Hidden
KNX ETS4 Additional Runtime (x32 Version: 4.0.0.0 - KNX Association cvba) Hidden
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.72.10 - Lenovo)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0019 - Lenovo)
LOGO!Soft Comfort V7.0  (HKLM\...\LOGO!Soft Comfort V7.0 ) (Version: 7.0.0.0 - Siemens AG)
LOGO!Soft Comfort V7.1  (HKLM\...\LOGO!Soft Comfort V7.1 ) (Version: 7.1.0.0 - Siemens AG)
Loxone Config (HKLM-x32\...\LoxoneConfig_is1) (Version: 6.4 - Loxone Electronics GmbH)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
masterCONFIGURATOR (HKLM-x32\...\masterCONFIGURATOR) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.1.1.0 - Ericsson AB)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.009.09.02.910 - Huawei Technologies Co.,Ltd)
Modbus Poll 4.4.1 (HKLM-x32\...\Modbus Poll) (Version:  - )
Modbus Slave 4.3.1 (HKLM-x32\...\Modbus Slave) (Version:  - )
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 38.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version: 38.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
NetSetMan 3.5.3 (HKLM-x32\...\NetSetMan_is1) (Version: 3.5.3 - Ilja Herlein)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team)
NVIDIA 3D Vision Treiber 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 345.20 - NVIDIA Corporation)
NVIDIA Grafiktreiber 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
OLYMPIA - SERD Manager 4.01.03 (HKLM-x32\...\OLYMPIA - SERD Manager_is1) (Version:  - Olympia Business Systems Vertriebs GmBH)
OpenVPN 2.3.4-I002  (HKLM\...\OpenVPN) (Version: 2.3.4-I002 - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-XChange Editor (HKLM-x32\...\{2eef0fe2-cc4a-47d6-959c-de2d5c2cc40b}) (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.7.0 - Prolific Technology INC)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
RCD FD Plugin 1.2.2.0 (HKLM-x32\...\{DB85DBD8-7736-42CF-8CA7-DDA13221192F}) (Version: 1.2.2.0 - Albrecht Jung GmbH & Co. KG)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6591 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Scan2PDF 1.6 (HKLM-x32\...\Scan2PDF_is1) (Version:  - Koma-Code)
SciLor's grooveshark™.com Downloader 0.4.12 (HKLM-x32\...\{DDEAE484-D5FB-49CB-BD47-9512E8ACCA65}_is1) (Version: 0.4.12 - SciLor)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version:  - Microsoft)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
setup (x32 Version: 1.0.0 - hxxp://www.globaliptel.com) Hidden
Siedle Access Servicetool (HKLM-x32\...\Siedle Access Servicetool) (Version: 1.0.0.0 - S. Siedle & Söhne OHG)
Siedle ASC 170 (HKLM-x32\...\ASC 170) (Version: 2.1.002.0 - S. Siedle & Söhne)
Siedle ASHT 170 (HKLM-x32\...\ASHT 170) (Version: 2.3.003.0 - S. Siedle & Söhne OHG)
Siedle ASOEM 170 (HKLM-x32\...\ASOEM 170) (Version: 1.3.206.0 - S. Siedle & Söhne)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista_3 (c:\SiLabs\MCU_3) (HKLM-x32\...\{BC2EFFDD-A64B-43B5-A755-36C0FCD9B080}) (Version: 5.30 - Silicon Laboratories, Inc.)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{14D8063B-21C3-4C85-B1F4-3BDAA7B79350}) (Version: 6.2.00 - Silicon Laboratories, Inc.)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7_2 (c:\SiLabs\MCU\CP210x\Windows_XP_S2K3_Vista_7_2) (HKLM-x32\...\{5F4403E5-BC1A-4065-BB35-7A3AE5CE11A2}) (Version: 6.2.00 - Silicon Laboratories, Inc.)
SIMPL+ Cross Compiler (HKLM-x32\...\{FB97A745-D1E6-435D-B942-264E94F89938}) (Version: 1.3 - Crestron Electronics Inc.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Target 3001! V16 distrelec (HKLM-x32\...\Target 3001! V16 distrelec) (Version:  - Ing. Buero FRIEDRICH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
Touchpanel Graphics v1.00 (HKLM-x32\...\{C885A1B2-184E-4C57-8C2B-78B250E1EFCA}) (Version: 1.00.01.1526 - Crestron Electronics Inc.)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version:  - Microsoft)
UpLoad/DownLoad (HKLM-x32\...\{12D99D8A-8B28-442E-8954-955C18B2AD97}) (Version: 3.2.1.1 - Abus)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WAGO BACnet Configurator (HKLM-x32\...\{121C9DB8-BFC0-4CCE-B1EF-DA07F4692AD6}) (Version: 1.7.0 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO BACnetObjectMerger (HKLM-x32\...\{27505E00-47F0-4FA1-A964-927BCDE05FE2}) (Version: 1.1.0 - WAGO Software)
WAGO Ethernet Settings (HKLM-x32\...\WAGO Ethernet Settings) (Version: 5.3.3.3 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO Ethernet Update (HKLM-x32\...\WAGO Ethernet Update) (Version: 1.5.2.4 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO IO-Link (HKLM-x32\...\WAGO IO-Link) (Version: 1.0.12.1 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO USB Service Cable (HKLM-x32\...\WAGO USB Service Cable) (Version: 6.5.3.0 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO-I/O-Check 3 (HKLM-x32\...\WAGO-IO-Check 3) (Version: 3.5.3.11 - WAGO Kontakttechnik GmbH & Co. KG)
Wago-ProServe (HKLM-x32\...\InstallShield_{EADC9384-A49D-42BE-8115-67FD73D10F56}) (Version: 6.00.0000 - Wago GmbH)
Wago-ProServe (x32 Version: 6.00.0000 - Wago GmbH) Hidden
WAGO-Safety-Editor 75x (HKLM-x32\...\WAGO-Safety-Editor 75x) (Version: 2.2.5 - WAGO Kontakttechnik GmbH & Co. KG)
Web Server (remove only) (HKLM-x32\...\WebServer) (Version:  - )
WinAVR 20100110 (remove only) (HKLM-x32\...\WinAVR-20100110) (Version: 20100110 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Crestron Electronics Inc. (WinUSB) Crestron  (11/09/2010 3.0.0.0) (HKLM\...\D49FBD114E4911AD03D99ED034ADA88310A1915A) (Version: 11/09/2010 3.0.0.0 - Crestron Electronics Inc.)
Windows-Treiberpaket - Intel (e1cexpress) Net  (01/11/2012 11.15.16.0) (HKLM\...\EC2A0F2B229770EC589265FCF2B4839A0C221993) (Version: 01/11/2012 11.15.16.0 - Intel)
Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (04/06/2012 16.1.1.0) (HKLM\...\64B3C27E4CF7B6AD920184EFFF6C488C55EF2892) (Version: 04/06/2012 16.1.1.0 - Synaptics)
Windows-Treiberpaket - WAGO Kontakttechnik GmbH & Co. KG (silabenm) Ports  (04/24/2012 6.5.3.0) (HKLM\...\8B70BEF5876E0C4A8835B50654466A4169F49A81) (Version: 04/24/2012 6.5.3.0 - WAGO Kontakttechnik GmbH & Co. KG)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wireshark 1.10.5 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, hxxp://www.wireshark.org)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

10-12-2015 07:51:39 ETS3

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0CE0925A-BF2B-4991-A5A2-4397AACFBC0A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {33957458-DCBD-4CCB-9628-1732A3DA10A4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {365492AE-5044-4B97-8FB6-D32981B82691} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146Core => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {4C25A588-5287-4C7B-9A81-B5F8A370553A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {7C49AF13-9956-4A1A-A461-A9AE4923A30C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {8E81F58C-521A-4C10-ADC0-F06BB7B5705A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {A718766C-39F1-4964-8270-30C8865308A1} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-11-11] ()
Task: {AB5BA8F1-1FDC-420C-8A2C-378D012E98F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {BC5AEDD1-364F-4047-AD63-CBB3126FA959} - System32\Tasks\Lenovo\LSC\CreateHardwareScanTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe
Task: {DE09DE1A-6CBD-4042-AA22-C4ED6DACFA42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E4EC5EEA-07DA-4CBE-80FB-F78753C491CA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146UA => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {FE93BA35-535F-4DDE-B7B2-24B5CCB71916} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146Core.job => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146UA.job => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-12-17 09:57 - 2009-11-02 09:19 - 00648704 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\KOAZ8J_O.DLL
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-10-18 15:29 - 2013-03-01 07:33 - 00650240 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2013-03-24 06:40 - 2013-03-24 04:40 - 00690688 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\KOAYTJ_O.DLL
2013-11-15 09:52 - 2015-02-05 09:16 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-09-15 12:40 - 2015-02-04 21:29 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-07-24 19:38 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2013-07-24 19:39 - 2012-04-09 00:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2015-10-18 15:29 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2015-10-18 15:29 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2015-10-18 15:29 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2015-10-18 15:29 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2015-10-18 15:29 - 2013-03-01 07:33 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2015-10-18 15:29 - 2012-10-31 10:11 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2013-07-24 19:38 - 2011-07-13 09:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2013-11-27 21:21 - 2013-11-27 21:21 - 01309888 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\kpcengine.2.2.dll
2013-11-15 09:52 - 2015-02-05 09:16 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-05-08 09:20 - 2015-02-03 16:09 - 00166504 _____ () C:\ProgramData\Juggler\Juggler\libnet.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 00061440 _____ () C:\ProgramData\Juggler\Juggler\ogg.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 01253376 _____ () C:\ProgramData\Juggler\Juggler\vorbis.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 00102400 _____ () C:\ProgramData\Juggler\Juggler\vorbisfile.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 01032192 _____ () C:\ProgramData\Juggler\Juggler\vorbisenc.dll
2015-05-08 09:20 - 2015-02-03 16:09 - 05626472 _____ () C:\ProgramData\Juggler\Juggler\libimg.dll
2014-03-25 12:53 - 2014-03-25 12:53 - 00092160 _____ () C:\Program Files (x86)\Jabra\Jabra PC Suite\GNDeviceInterface.dll
2015-12-11 09:19 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-11 09:19 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-11 09:19 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-11 09:19 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-11 09:19 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 06:06 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2013-09-26 12:50 - 2013-09-26 12:50 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2013-09-26 12:49 - 2013-09-26 12:49 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-10-13 15:07 - 2015-10-13 15:07 - 01032360 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2015-12-03 09:17 - 2015-12-03 09:17 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-12-03 09:17 - 2015-12-03 09:17 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-12-09 07:18 - 2015-12-04 22:32 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libglesv2.dll
2015-12-09 07:18 - 2015-12-04 22:32 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libegl.dll
2013-07-24 19:37 - 2012-02-21 04:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.4.1 - 192.168.200.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{151FAA68-F1DF-4A79-AF71-92A0F14E9CE4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C2810C4A-E97D-4B92-A96B-5433A806F008}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3660F2E3-46B0-4D0F-BE0F-9C59A10EAA3A}] => (Allow) LPort=2869
FirewallRules: [{7FD6E6D9-367B-419D-9606-019CB3FED78F}] => (Allow) LPort=1900
FirewallRules: [{B8EA89FC-5085-4DF8-BD24-AF7672CF092A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{93361C44-296A-4BD6-843F-76F012342DE2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7DBE66D0-0DF7-47FF-B6E5-6D9B468092B8}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{ED379DCD-AEC1-4B26-B1B6-9A46473FB065}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{62ABF094-7690-40BD-81E4-B43B6757F2B2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{3CCF2577-0193-4F47-86EF-F0ED5076225E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3A8371CD-3595-4F5B-860A-D79F3D6E6F01}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{FCE19657-48D7-426A-B02F-0604AB2AA4B8}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{AA1365C7-3BB9-4FCF-ACB5-A5852B6A1BF1}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{B1A64864-401F-41C5-AC52-FF07E7356B5F}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{37E6BF91-E1FA-4B95-B1A6-CF64EDFF3183}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{A064830F-E257-4141-97CB-62A64467BCDC}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{0B5E1478-B271-4CBA-BAF1-2A3559EAD6D7}] => (Allow) LPort=15000
FirewallRules: [TCP Query User{F6475DE9-1EDF-4CFC-AA23-ABC9D17BDCDB}C:\program files (x86)\ets4\ets4.exe] => (Block) C:\program files (x86)\ets4\ets4.exe
FirewallRules: [UDP Query User{1223840E-68E9-4520-A703-100A93A3600B}C:\program files (x86)\ets4\ets4.exe] => (Block) C:\program files (x86)\ets4\ets4.exe
FirewallRules: [{A6F045DF-565D-4A33-AEC8-A6BB1D47260E}] => (Allow) LPort=15000
FirewallRules: [TCP Query User{D2EDB46F-F6DF-401D-80B2-FD0483EA6905}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{EDE53D6F-6CF6-419D-97C9-D5A85D12AD50}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [{D734E670-D497-4F2B-AC55-03F519B95D9D}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{A063A481-D0F6-488D-BF2B-C20FDE8374D3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B029B561-246E-4719-80F7-26284C45B208}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{44C7E51D-520C-4C1A-8F81-36C6993F8A36}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CB052BD8-0BD3-46E5-B9A6-D50D095361EB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8A5A1F8B-D327-49AB-A02F-033FBC018066}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{48C46D9B-3922-4D4B-B0FD-9F491F78C780}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [UDP Query User{C4D72A2E-28F0-4CAA-9DEB-54708B88857A}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [{5E18A4FC-CEDB-4ECA-8144-E484F3C153B5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{89E2D795-DC17-42B8-BF4B-E14534B6E018}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{B2765CFC-6C4B-444C-8520-7EB3DA334E29}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{789E0C8C-E5E4-4191-997D-4618C9003170}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{F93740DA-A860-468F-8A87-633E798794A5}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A270CB0A-04F0-4C75-8AE3-99C017CF0BC2}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AA1762B5-2308-4099-97B2-01B8E7723264}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{C29168EC-A98C-4E81-87B1-F75E31E76A37}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CB1901ED-890A-48C9-AD17-35DF801F69F6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{58836AFB-8B5E-47C2-A9E8-39095586CC95}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{FFEE2111-3016-4ED3-A1B9-F1FE68E5FB94}C:\users\User\downloads\hercules_3-2-6.exe] => (Allow) C:\users\User\downloads\hercules_3-2-6.exe
FirewallRules: [UDP Query User{9A6BD6DF-1D14-4792-8041-3F6DAA2082B5}C:\users\User\downloads\hercules_3-2-6.exe] => (Allow) C:\users\User\downloads\hercules_3-2-6.exe
FirewallRules: [TCP Query User{4E5A145E-C6DC-4783-8F9D-3C32DEB6F2D0}C:\program files (x86)\crestron\toolbox\vptcomserver.exe] => (Allow) C:\program files (x86)\crestron\toolbox\vptcomserver.exe
FirewallRules: [UDP Query User{7F61C7AA-167E-40F2-984A-093EC712A7CF}C:\program files (x86)\crestron\toolbox\vptcomserver.exe] => (Allow) C:\program files (x86)\crestron\toolbox\vptcomserver.exe
FirewallRules: [TCP Query User{AF3C72AA-A556-4D67-8684-5211F49EB623}C:\users\User\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\User\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6AA44FEE-D6F7-4B70-BFEC-997DBDB4B33B}C:\users\User\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\User\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A4734A7F-3EF6-4BDC-87D8-6CCE81AEDE65}C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe
FirewallRules: [UDP Query User{6C26C367-321D-4016-8DF2-4CCE42CF999B}C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe
FirewallRules: [{2C1E8FD7-A3AA-4AEE-AA2A-F5C64FC30E3B}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [{AF32F78A-C09C-4DC4-BD4B-91C3A76C20C5}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [TCP Query User{C692F293-666C-4EC9-8295-90EC8149FC0A}C:\program files (x86)\boxee\boxee.exe] => (Allow) C:\program files (x86)\boxee\boxee.exe
FirewallRules: [UDP Query User{45A31A3D-6561-4DEF-BEA0-D93157E9DCEB}C:\program files (x86)\boxee\boxee.exe] => (Allow) C:\program files (x86)\boxee\boxee.exe
FirewallRules: [{7FDA7405-753D-44AA-9171-89BE4437BFB1}] => (Allow) LPort=2869
FirewallRules: [{50AB1FE6-625C-47F1-B078-7D4BF98F0CA0}] => (Allow) LPort=2869
FirewallRules: [{B35F493E-E5C9-46E1-8DEE-17B53776E691}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{3405EF07-4CC0-49D3-930C-D25DDA0872C8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{D517C30F-6D25-435F-8221-118F2E382742}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{856B825B-5CEC-4BE8-A522-9E8339CB568D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{1D933754-1677-4689-8488-B85F60002C21}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{139448B3-A743-4D02-A748-FE127CFA0B8F}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{CC02E6D7-9746-493E-AE98-C1DE9D3FA82F}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{4C30B13C-371B-4C99-A77D-60B896AE111C}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{74883BB3-FC4B-486F-9C6A-AEA52DED030F}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{D8C21ED9-806A-4048-963C-41CE8B5BCB4A}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{A47E54C7-687E-44CA-9FC7-A2042B0E5501}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [{EA09E8C1-491C-48AA-AD28-CF2858937C60}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [{7BDA8493-95F3-4682-A1B2-EB9F48F464EA}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{C8763D6B-6EE0-4BE6-9FF3-312AE1579E06}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{476AC9AB-E017-4849-9066-F270231986DA}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{698F4147-C95A-43D9-ABEA-05E6F7041325}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{9696D58B-C6BF-4122-A9DD-617A20A8CD4E}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{505AFA83-A99D-48E4-A4C1-4992F2D66445}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [TCP Query User{2F57D1C6-18A8-4BEA-9614-4F6B57C6023A}E:\ip installer\lupusnet_ipinstallerger_v2.2.exe] => (Allow) E:\ip installer\lupusnet_ipinstallerger_v2.2.exe
FirewallRules: [UDP Query User{FA79D07F-5EE1-43A9-BD9D-92670256D28B}E:\ip installer\lupusnet_ipinstallerger_v2.2.exe] => (Allow) E:\ip installer\lupusnet_ipinstallerger_v2.2.exe
FirewallRules: [TCP Query User{EAF00569-8BB1-4E92-BEA3-6755A802E350}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{C3B6F9D2-C881-4363-BD1B-AA286571827D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{9B6FAF07-DA3E-48D2-9A5A-D8E54B1D0BED}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{A58F8054-BAEA-40F5-A575-12A4745C55AD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B23E4835-4C32-4C30-8509-160DFD8BE958}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AF57CBF7-B266-43ED-82AB-A461C4A8CC3D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7038D03E-94CD-4215-A639-F277E5183315}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AAE4D16E-C331-483A-975E-FBD54D9A30E1}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Media Synchronization Tool\bin\FX2_0\Autonomic.Synchronization.App.exe
FirewallRules: [{4CBEA326-7838-46F7-9017-0545B60AF08A}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Media Synchronization Tool\bin\FX2_0\Autonomic.Synchronization.App.exe
FirewallRules: [{061A56D7-36B3-4618-946C-0A8F05C9E1B1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3CA41D9F-46BD-46D6-B24A-2C18545A21ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7EC0A844-5DA4-4117-B5A6-DAAEF9BB35C1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{35E2DDF3-A154-4FB0-878A-FEE3B6EBE34B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{83B99151-1593-4FE3-8483-EC84A46888D6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{0712E40F-A45B-419D-85EA-77351D1F5905}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C27A2881-BDC3-415B-AC3B-858D6EEB1EA2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{FAE6ECC5-D619-49FF-95BE-DADC1F3C016E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{855D9416-C583-418E-B58E-103009CC6709}C:\prog\hercules_3-2-6.exe] => (Block) C:\prog\hercules_3-2-6.exe
FirewallRules: [UDP Query User{C4178F18-4EA1-4589-8A75-1A315231582B}C:\prog\hercules_3-2-6.exe] => (Block) C:\prog\hercules_3-2-6.exe
FirewallRules: [{941F2DE4-C04B-45A4-BA83-84B8B1FE7B36}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F877B393-F3BF-4740-B19C-7B05D9BD8808}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E2D6CE2E-80A2-432D-8DB2-AADD94F98FB5}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{DBE44FA9-EE5C-4F8F-9C17-FB206607E407}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{A9F2BFBD-06E6-4A8D-B715-8C41D7DCE979}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{CEB5B6D7-1591-41A1-B5A8-7E3E4866DAEA}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{E083091F-A324-44A8-A07C-342031093E64}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\ASM.exe
FirewallRules: [{7F135248-C4EC-4922-B9E7-09EC940C7C91}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\ASM.exe
FirewallRules: [{7407E155-2E66-4D3B-B96B-9746D07644F0}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\cyibxsp.exe
FirewallRules: [{10CC0EFD-D132-42B3-9542-F88FCCDC5A2C}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\cyibxsp.exe
FirewallRules: [TCP Query User{90662145-CFF8-4B09-8BEC-89190838FB7C}C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe] => (Block) C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe
FirewallRules: [UDP Query User{C7EB528E-C9C4-410E-8DD7-09F564415C59}C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe] => (Block) C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe
FirewallRules: [TCP Query User{8A117562-229A-4427-93A6-699CF3478747}C:\program files (x86)\siedle\access asoem 170\asm.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\asm.exe
FirewallRules: [UDP Query User{7FC1FE9C-3885-4DE3-8D6B-D098DA08439C}C:\program files (x86)\siedle\access asoem 170\asm.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\asm.exe
FirewallRules: [TCP Query User{018509BD-B03B-4514-9EC2-C0D5F47DA276}C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe
FirewallRules: [UDP Query User{D86B56A4-B96A-4026-9447-C3A1AF2A3F67}C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe
FirewallRules: [{483BAD99-AA2C-4E46-B3F6-D915D4D3DCCF}] => (Allow) LPort=7070
FirewallRules: [{ACD4F3F8-3292-4953-85A6-5030EC2C70DF}] => (Allow) LPort=7071
FirewallRules: [{0078F072-0051-4654-A379-35FADD110BDD}] => (Allow) LPort=7707
FirewallRules: [{061994BF-47FB-4CA8-BC77-AA5A01607035}] => (Allow) LPort=7777
FirewallRules: [{9B68437A-6C4E-46B9-BEAD-A6F0CE41EE94}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{34BE5D63-AB4C-4446-93DF-F3A5912F1CDF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{972B4F21-A08B-4379-A306-82BD53430B02}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{ABEE9B5F-484E-4FE1-BC3E-609379274168}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{E49571F8-94D3-4A18-8DE1-65A4AFABA7F5}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{DA4685D1-053B-48B6-BDF4-890797A8BA0A}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{4B896025-1EAD-4620-B10F-927CBAA766B2}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{4477834A-FF78-4E41-8F7D-4BE531249DF5}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{B59D5148-7D4F-424C-B5CA-CF377118ACB5}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [{75CBC92E-03EC-4EB1-814A-85C1BAD6B649}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [TCP Query User{653993A0-E147-49AF-A8F2-1D447FC41D32}C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe] => (Block) C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe
FirewallRules: [UDP Query User{D3ED7C0B-B595-4208-97E2-2664D5A19100}C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe] => (Block) C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe
FirewallRules: [{3CCB729D-1D99-4DB0-B9E5-9099DE4FEF1E}] => (Allow) LPort=7070
FirewallRules: [{FCAB30B1-4513-42EB-892A-37DD42407AB8}] => (Allow) LPort=7070
FirewallRules: [{F2FC2133-5E0A-40F8-B274-F4878F481498}] => (Allow) LPort=7071
FirewallRules: [{D4054453-73E5-49B0-9548-8034346621D0}] => (Allow) LPort=7071
FirewallRules: [{80E6CC9F-D4A9-48B7-93CB-57477A9B627D}] => (Allow) LPort=7707
FirewallRules: [{D74FD780-F163-4957-9108-D77B41F98372}] => (Allow) LPort=7707
FirewallRules: [{9B682EF1-914B-48E8-892E-43A8D03E6927}] => (Allow) LPort=7777
FirewallRules: [{8E4B2ADC-6C69-45C1-B702-42E4FAEB0A12}] => (Allow) LPort=7777
FirewallRules: [TCP Query User{28D260CB-45A2-45C5-9DF6-4843B1966545}C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe
FirewallRules: [UDP Query User{BE7A7804-8B01-40BF-AE8B-DD24132FD769}C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe
FirewallRules: [{7243E4E8-FC54-4865-AA8C-05F8FC156D9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A9C08AFD-F7A8-48EF-AB8F-AC57E362E550}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7EC23BC3-C21F-4738-A2B9-4CF9AF9F417F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A9976C96-ADA8-46A6-B425-B37DA616D43A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DA840025-DF60-4F3F-9828-77A750A912A6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2BE52018-D548-4C3E-A627-77119D1A2E42}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{22CD3265-882D-4D5F-B225-6DF095A9E8ED}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{88DE57D7-D05A-47BF-A115-C66794B7C5CC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{CC4B06BB-A85A-4E8D-9460-A04690B1F9D4}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\ASC.exe
FirewallRules: [{3CF82E0C-6226-4C2E-A3CE-09DB3B802364}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\ASC.exe
FirewallRules: [{6A56752C-93CA-48C1-8E22-86342458E8D0}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\cyibxsp.exe
FirewallRules: [{EA4B0C8F-EF58-47D9-B4B9-6AED14B6A0FC}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\cyibxsp.exe
FirewallRules: [{F77CFB7F-5844-4C79-9F4D-5B583B1DD641}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{267EA46C-38B1-4108-918E-4D1B36DE826B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{93B74F23-3E3B-46BA-B67B-BAAA2BE9847C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3AB0AC45-4872-421F-94A9-0559DA9A200E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{55933894-1578-410A-9007-A5FC90F79455}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F2D08CD4-657D-495D-A8A2-D9581C176724}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{3BB4B181-EB78-4266-AC83-CBFD53C9E576}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7E121398-9398-476A-9763-13B016863312}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{94A4EE9C-5AC1-414C-8BF8-0F6FD5696A64}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{93097904-0777-46F2-A81F-F246CF185AFD}] => (Allow) LPort=15000
FirewallRules: [{1AF91464-D10B-414C-9BAA-09EC1EC8EF60}] => (Allow) C:\Program Files (x86)\Siedle\Access ASHT 170\ASHT.exe
FirewallRules: [{392825C3-C338-4967-93B9-4FF30028527D}] => (Allow) C:\Program Files (x86)\Siedle\Access ASHT 170\ASHT.exe
FirewallRules: [TCP Query User{20E54D1A-0C27-4E34-8491-5B1645AD5EF8}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe
FirewallRules: [UDP Query User{89B4342F-1EC0-40E5-A84D-4FC248022612}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe
FirewallRules: [{DDC9F7BA-83BC-4836-9675-04F18FA19E8C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{3DCB42EA-C617-4780-973B-FC3BB1F352BF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{6BE23D41-3CDA-4B9B-A181-D1158AD1D996}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CE5E79DB-DEBE-4CD7-ABE9-DD57CE104DDC}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{ADC095AA-A1E9-4999-A76E-E993D1867090}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{2AE2A36D-7F6B-4820-91E1-33FA8B41F9F4}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{3FB1583D-C29F-4685-BCA2-D71DE4540768}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{CC200AF8-736B-41C0-8A8F-D451B507317D}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{2ACBAE1E-F09F-4847-BB91-36B93C7D808D}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/14/2015 10:48:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/14/2015 10:48:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.1.0.2, Zeitstempel: 0x4f4a262d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19045, Zeitstempel: 0x56259271
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0x3dc
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (12/14/2015 10:31:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.125.0, Zeitstempel: 0x5612a56b
Name des fehlerhaften Moduls: mbam.exe, Version: 2.3.125.0, Zeitstempel: 0x5612a56b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001e7742
ID des fehlerhaften Prozesses: 0xb34
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (12/14/2015 08:15:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MustangSer1810.exe, Version: 1.0.0.5, Zeitstempel: 0x56173d89
Name des fehlerhaften Moduls: MustangSer1810.exe, Version: 1.0.0.5, Zeitstempel: 0x56173d89
Ausnahmecode: 0x40000015
Fehleroffset: 0x00013025
ID des fehlerhaften Prozesses: 0xc64
Startzeit der fehlerhaften Anwendung: 0xMustangSer1810.exe0
Pfad der fehlerhaften Anwendung: MustangSer1810.exe1
Pfad des fehlerhaften Moduls: MustangSer1810.exe2
Berichtskennung: MustangSer1810.exe3

Error: (12/14/2015 08:13:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/14/2015 08:13:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.1.0.2, Zeitstempel: 0x4f4a262d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19045, Zeitstempel: 0x56259271
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0xf7c
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (12/14/2015 08:11:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 500: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (12/14/2015 08:11:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (12/14/2015 08:11:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 500: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (12/14/2015 08:11:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053


Systemfehler:
=============
Error: (12/14/2015 10:48:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/14/2015 10:48:40 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.

Error: (12/14/2015 10:48:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/14/2015 10:48:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.

Error: (12/14/2015 10:48:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DHCP Server" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/14/2015 10:48:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TVicPort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/14/2015 10:48:39 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne USER aufgrund der folgenden
Ursache nicht einrichten: 
%%1311

Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.



ZUSÄTZLICHE INFORMATIONEN

Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.

Error: (12/14/2015 10:48:06 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (12/14/2015 09:24:59 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{E9BB59C6-A501-411F-93AB-FDBC3D1AD88B}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (12/14/2015 08:15:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Be sure to use the latest version of Mustang Service." wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2015-11-25 13:00:15.606
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 13:00:15.546
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:59:42.459
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:59:42.397
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:50:47.832
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:50:47.712
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:49:47.610
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:49:47.540
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:45:15.797
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:45:15.727
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 7888.79 MB
Verfügbarer physikalischer RAM: 3052.85 MB
Summe virtueller Speicher: 15775.79 MB
Verfügbarer virtueller Speicher: 10588.38 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:214.1 GB) (Free:34.27 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive s: (Volume) (Network) (Total:1500 GB) (Free:363.42 GB) NTFS
Drive x: (Volume) (Network) (Total:1500 GB) (Free:363.42 GB) NTFS
Drive y: (Volume) (Network) (Total:1500 GB) (Free:363.42 GB) NTFS
Drive z: (Volume) (Network) (Total:1500 GB) (Free:363.42 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 89157FD8)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=214.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=84)

==================== Ende von Addition.txt ============================
         
kannst du schon absehen wie arg mein System verseucht ist?


Alt 14.12.2015, 10:14   #6
Deathkid535
/// Malwareteam
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



Hi,

besteht das Problem immer noch? Wenn ja, in welchen Browsern tritt es auf?
__________________
--> chrome nutzt nur noch s.coldsearch

Alt 14.12.2015, 10:31   #7
dimmu311
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



Hallo Deathkid,

ja leider werde ich immer noch über s.coldsearch umgeleitet.

ich nutze Google Chrome.
Im Internetexplorer funktioniert alles normal. Allerdings habe ich das vor den ersten Scans auch nicht getestet.

Danke

Alt 14.12.2015, 10:35   #8
Deathkid535
/// Malwareteam
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



Hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Google Chrome

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 



Danach neu runterladen und installieren, dann diese Anleitung machen: https://support.google.com/chrome/answer/3296214?hl=de.

Alt 14.12.2015, 13:08   #9
dimmu311
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



Hallo Deathkid,

ich habe den Chrome nach deinen Vorgaben deinstalliert,
neuinstalliert und nach der google Anleitung zurückgesetzt.

Leider ist s.coldsearch immer noch da.

Lediglich die Startseite hat sich verändert. Wenn ich chrome jetzt öffne wird die Seite vom Kaspersky direkt geblockt und als potentiell gefährlich eingestuft.

Was kann ich sonst noch tun?

Vielen Dank

Alt 14.12.2015, 13:12   #10
Deathkid535
/// Malwareteam
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



Hi,

mach mal bitte ein frisches FRST-Log.

Alt 14.12.2015, 13:22   #11
dimmu311
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



Hier einmal der FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-12-2015
durchgeführt von User (Administrator) auf NBWIN702 (14-12-2015 14:17:34)
Gestartet von C:\Users\User\Downloads
Geladene Profile: User (Verfügbare Profile: User & Useradmin & Administrator & USERADMIN)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cimetrics Inc.) C:\Program Files (x86)\WAGO Software\WAGO BACnet Configurator\BACstac64\bacstac-gtw.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Fortinet Inc.) C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
() C:\ProgramData\DataCardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Global IP Telecommunications Ltd.) C:\ProgramData\Juggler\Juggler\Juggler.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSkypeDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraCiscoJabberDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraShoreTelDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaIPDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSametimeV85Driver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraBriaDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraCiscoWebExConnectDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraNECDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraMicrosoftLyncPresence.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Global IP Telecommunications Ltd.) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\vapm.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452968 2012-03-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-07] (NVIDIA Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-19] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Lenovo App Shop] => "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe [741360 2013-11-27] (Kaspersky Lab ZAO)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKLM\...\Policies\Explorer: [UseDefaultTile] 1
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [AxStartup] => [X]
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [AC_RemoteMediaSync] => "C:\Program Files (x86)\Autonomic Controls\Media Synchronization Tool\bin\FX2_0\Autonomic.Synchronization.App.exe" -autorun
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [Dropbox Update] => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Run: [JUGGLER.EXE] => C:\ProgramData\Juggler\Juggler\Juggler.exe [10481664 2015-02-08] (Global IP Telecommunications Ltd.)
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {29aa4ed1-f48f-11e2-9f4b-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {2b08ed40-716e-11e5-9824-8d6da38fbdf6} - D:\AutoRun.exe
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {2b08eda4-716e-11e5-9824-8d6da38fbdf6} - D:\AutoRun.exe
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\MountPoints2: {defc3b85-1f55-11e3-9bde-028037ec0200} - E:\SETUP.EXE
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Winlogon: [Shell] C:\Windows\EXPLORER.EXE [2871808 2011-12-08] (Microsoft Corporation) <==== ACHTUNG
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-05] (NVIDIA Corporation)
ShUserconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShUserconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShUserconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShUserconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShUserconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Jabra Device Service.lnk [2014-06-25]
ShortcutTarget: Jabra Device Service.lnk -> C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe (GN Netcom A/S)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk [2014-04-21]
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2013-09-09]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk [2014-04-21]
ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.200.12
Tcpip\..\Interfaces\{14963338-2037-4E84-B41F-6CBD53B215C9}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{3A1D8E10-CDCB-47A1-9210-DFF3E7311D98}: [NameServer] 192.168.150.1
Tcpip\..\Interfaces\{537D38FE-2785-48BE-AD82-8BE40F79ADCE}: [DhcpNameServer] 192.168.200.12
Tcpip\..\Interfaces\{65869497-A756-491B-9BC6-6A3092E552B6}: [DhcpNameServer] 192.168.150.1
Tcpip\..\Interfaces\{9E4E735E-239D-4A39-A318-B86CDDF68521}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A7800664-D53A-4B05-A5EB-A5F3B50FAB96}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{E9BB59C6-A501-411F-93AB-FDBC3D1AD88B}: [DhcpNameServer] 192.168.4.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE549
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-10-22] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {15A7CF10-CB3E-4265-8779-9FD22619E8ED} file:///C:/Projekte/Kaske/XPanel%20Kaske%20V24_V044.xweb/XPanel.cab
DPF: HKLM-x32 {73888E2B-FF04-416C-8847-984D7FC4507F} hxxp://192.168.0.56/RtspVaPgDecNew2.cab
DPF: HKLM-x32 {C1D592D2-D4F6-4E9C-968D-797449DC0ADC} hxxp://www.dvrstation.com/webServer.cab
DPF: HKLM-x32 {F74959B0-1779-472E-BE6E-3023E1DBEC73} file:///C:/Projekte/Kaske/XPanel%20Kaske%20V24_V044.xweb/Xinit.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\SslvpnClient\npccplugin.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\SslvpnClient\npccpluginex.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\SslvpnClient\nptcplugin.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @HUNT.com.tw/NP_HOEM_X -> C:\Windows\system32\WebWatch2\np_hoem_x.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2557082223-2624319934-3865501230-3146: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2557082223-2624319934-3865501230-3146: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2013-12-30] (Tracker Software Products (Canada) Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-09]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-09]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-09]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-09]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-10]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-10]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-10]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fhjcajmcbmldlhcimfajhfbgofnpcjmb [2015-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-10]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-10]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\avp.exe [741360 2013-11-27] (Kaspersky Lab ZAO)
R2 BACstac; C:\Program Files (x86)\WAGO Software\WAGO BACnet Configurator\BACstac64\bacstac-gtw.exe [236032 2013-02-27] (Cimetrics Inc.) [Datei ist nicht signiert]
S3 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 FortiSslvpnDaemon; C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe [954080 2014-04-09] (Fortinet Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4683144 2014-07-15] (SafeNet Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 klnagent; C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe [132600 2013-11-19] (Kaspersky Lab ZAO)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [650240 2013-03-01] () [Datei ist nicht signiert]
R2 MSSQL$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe [62382256 2015-03-29] (Microsoft Corporation)
R2 MSSQL$WAGO; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-07] (NVIDIA Corporation)
S3 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2014-06-05] (The OpenVPN Project)
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2987520 2014-10-29] (Microsoft Corporation) [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S4 SQLAgent$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-29] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-11-11] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [655400 2012-02-03] (Ericsson AB)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
S2 DHCPServer; "C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-09] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-06-30] (Google Inc)
R3 AX88179; C:\Windows\System32\DRIVERS\ax88179_178a.sys [66560 2013-12-05] (ASIX Electronics Corp.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
S3 CtrnWinUsbLowerFilter; C:\Windows\System32\DRIVERS\CtrnWinUsbLowerFilter.sys [13920 2013-05-07] (Crestron Electronics Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-11] ()
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-07-15] (SafeNet Inc.)
S3 KinectCamera; C:\Windows\System32\Drivers\kinectcamera.sys [192512 2013-02-27] (Microsoft Corporation) [Datei ist nicht signiert]
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-09-05] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [98400 2015-11-09] (Kaspersky Lab ZAO)
R1 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [30816 2013-07-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [661600 2015-11-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-07-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54104 2012-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177760 2013-07-01] (Kaspersky Lab ZAO)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [102440 2012-01-13] (Ericsson AB)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [42944 2010-09-09] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-14] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-08-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-08-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-08-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-08-22] (MCCI Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [Datei ist nicht signiert]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-02-05] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
R3 pppop; C:\Windows\System32\DRIVERS\pppop64.sys [42528 2009-07-21] (Fortinet Inc.)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-29] (Microsoft Corporation)
S3 RTLU3E8023-W7-64; C:\Windows\System32\DRIVERS\rtu30x64w7.sys [83160 2013-10-12] (Realtek                                            )
U2 TVicLPT; kein ImagePath
S2 TVicPort; kein ImagePath
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [282152 2011-12-07] (Ericsson AB)
S3 btwampfl; \??\C:\Windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-14 13:17 - 2015-12-14 13:17 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-14 13:17 - 2015-12-14 13:17 - 00000000 ____D C:\Users\User\AppData\Local\Deployment
2015-12-14 13:17 - 2015-12-14 13:17 - 00000000 ____D C:\Users\User\AppData\Local\Apps\2.0
2015-12-14 13:17 - 2015-12-14 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-14 12:01 - 2015-12-14 12:01 - 02785665 _____ (PortableApps.com) C:\Users\User\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2015-12-14 12:01 - 2015-12-14 12:01 - 00000000 ____D C:\Users\User\Downloads\RevoUninstallerPortable
2015-12-14 10:54 - 2015-12-14 10:54 - 00003470 _____ C:\Users\User\Downloads\AM.txt
2015-12-14 10:31 - 2015-12-14 13:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-14 10:31 - 2015-12-14 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-14 10:31 - 2015-12-14 10:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-14 10:31 - 2015-12-14 10:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-14 10:31 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-14 10:31 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-14 10:31 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-14 10:30 - 2015-12-14 10:30 - 22908888 _____ (Malwarebytes ) C:\Users\User\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-14 10:22 - 2015-12-14 10:22 - 01740288 _____ C:\Users\User\Downloads\AdwCleaner_5.025.exe
2015-12-14 08:14 - 2015-12-14 14:17 - 00040403 _____ C:\Users\User\Downloads\FRST.txt
2015-12-14 08:14 - 2015-12-14 10:57 - 00080197 _____ C:\Users\User\Downloads\Addition.txt
2015-12-14 07:58 - 2015-12-14 14:17 - 00000000 ____D C:\FRST
2015-12-14 07:57 - 2015-12-14 07:57 - 02369536 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-12-11 13:55 - 2015-12-11 13:55 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-12-11 09:19 - 2015-12-11 09:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-10 14:14 - 2015-12-14 10:51 - 00000000 ____D C:\AdwCleaner
2015-12-10 07:57 - 2015-12-10 07:57 - 00000000 _____ C:\Windows\system32\SBRC.dat
2015-12-10 07:53 - 2015-12-10 07:53 - 00000000 ____D C:\ProgramData\VIPRE
2015-12-10 07:52 - 2015-12-10 11:48 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-12-10 07:51 - 2015-12-10 07:51 - 00000000 ____D C:\Program Files (x86)\iS3
2015-12-09 15:45 - 2015-12-09 15:45 - 00000000 ____D C:\SUPERDelete
2015-12-09 15:43 - 2015-12-10 07:58 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-12-09 15:01 - 2015-12-09 15:01 - 00000000 _____ C:\autoexec.bat
2015-12-08 11:47 - 2015-12-08 11:47 - 00000433 _____ C:\Users\User\Downloads\AppleTV[1].ir
2015-12-03 09:17 - 2015-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-03 07:26 - 2015-12-03 07:26 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-12-02 10:30 - 2015-12-02 10:30 - 07908787 _____ C:\Users\User\Downloads\DB.KNX36361-DFE.1411_Jalousieaktor_8-4-fach.zip
2015-12-02 08:41 - 2015-12-02 08:41 - 00161411 _____ C:\Users\User\Downloads\1E36306_8_REG_V11.knxprod
2015-11-25 13:19 - 2015-12-08 12:05 - 00001311 _____ C:\Users\Public\Desktop\Access Servicetool.lnk
2015-11-25 13:19 - 2015-11-25 13:19 - 00000000 ____D C:\Program Files\Siedle
2015-11-25 13:11 - 2015-11-25 14:03 - 00000000 ____D C:\Users\User\Desktop\Siedle
2015-11-25 11:42 - 2015-11-25 11:42 - 00001162 _____ C:\Users\Public\Desktop\ASHT 170.lnk
2015-11-17 16:59 - 2015-11-17 16:59 - 00000000 ____D C:\79b406714c64b85199c9
2015-11-16 11:39 - 2015-11-16 11:39 - 00000020 ___SH C:\Users\Useradmin.USER\ntuser.ini
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Vorlagen
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Startmenü
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Netzwerkumgebung
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Lokale Einstellungen
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Eigene Dateien
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Druckumgebung
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Documents\Eigene Videos
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Documents\Eigene Musik
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Documents\Eigene Bilder
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\AppData\Local\Verlauf
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\AppData\Local\Anwendungsdaten
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 _SHDL C:\Users\Useradmin.USER\Anwendungsdaten
2015-11-16 11:39 - 2015-11-16 11:39 - 00000000 ____D C:\Users\Useradmin.USER
2015-11-16 11:39 - 2013-08-17 15:21 - 00000000 ____D C:\Users\Useradmin.USER\AppData\Local\Microsoft Help
2015-11-16 11:39 - 2013-07-24 19:41 - 00000000 ____D C:\Users\Useradmin.USER\AppData\Roaming\Macromedia
2015-11-16 11:39 - 2011-12-08 21:42 - 00000000 ____D C:\Users\Useradmin.USER\AppData\Roaming\Media Center Programs

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-14 14:13 - 2015-06-22 06:28 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146UA.job
2015-12-14 14:05 - 2014-09-16 06:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-14 13:41 - 2015-11-09 14:36 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-12-14 13:33 - 2013-07-24 19:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-14 13:22 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-14 13:22 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-14 13:20 - 2013-07-25 05:25 - 00816852 _____ C:\Windows\system32\perfh007.dat
2015-12-14 13:20 - 2013-07-25 05:25 - 00193828 _____ C:\Windows\system32\perfc007.dat
2015-12-14 13:20 - 2009-07-14 06:13 - 01949084 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-14 13:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-14 13:15 - 2014-09-15 12:54 - 00000000 ____D C:\Users\User\Documents\Outlook-Dateien
2015-12-14 13:15 - 2013-10-13 19:44 - 00000000 ___RD C:\Users\User\Documents\Dropbox
2015-12-14 13:15 - 2013-10-13 19:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2015-12-14 13:15 - 2013-07-24 19:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-14 13:14 - 2014-09-15 12:40 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-14 13:14 - 2013-08-17 12:48 - 00000112 _____ C:\Windows\system32\config\netlogon.ftl
2015-12-14 13:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-14 10:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-14 10:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Vss
2015-12-14 07:13 - 2015-06-22 06:28 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146Core.job
2015-12-10 13:03 - 2014-05-06 11:23 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2015-12-10 12:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-10 10:54 - 2014-09-08 15:15 - 00000000 ____D C:\Program Files (x86)\DALITools
2015-12-09 16:43 - 2015-08-12 12:48 - 00000061 _____ C:\Windows\030_KnxDaliGatewayR3.INI
2015-12-09 15:36 - 2013-09-25 21:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-09 15:01 - 2013-08-17 13:54 - 00000000 ____D C:\Users\User
2015-12-09 10:05 - 2014-09-16 06:59 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 10:05 - 2013-11-13 07:13 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 10:05 - 2013-08-17 15:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-03 07:26 - 2013-07-24 19:51 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2015-12-03 07:26 - 2013-07-24 19:37 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-12-03 07:26 - 2013-07-24 13:16 - 00000000 ____D C:\ProgramData\Lenovo
2015-12-02 13:18 - 2010-11-21 04:27 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-02 12:28 - 2013-07-24 19:46 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 12:28 - 2013-07-24 19:46 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-27 09:09 - 2013-12-17 14:33 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla
2015-11-25 15:38 - 2014-06-22 14:06 - 00000000 ____D C:\Users\User\.VirtualBox
2015-11-25 13:19 - 2014-12-04 16:19 - 00000000 ____D C:\ProgramData\Siedle
2015-11-25 13:19 - 2014-12-04 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Siedle
2015-11-25 11:43 - 2014-12-04 16:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Siedle
2015-11-25 11:42 - 2014-12-04 16:19 - 00000000 ____D C:\Program Files (x86)\Siedle
2015-11-23 15:06 - 2013-08-17 12:49 - 00066198 __RSH C:\ProgramData\ntuser.pol
2015-11-18 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-18 14:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-17 19:02 - 2009-07-14 05:45 - 00548448 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-17 16:59 - 2013-08-17 14:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-17 16:59 - 2013-08-17 13:19 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-17 16:59 - 2013-08-17 13:19 - 00000000 ____D C:\Windows\system32\MRT
2015-11-17 16:58 - 2013-08-17 14:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-17 16:36 - 2013-08-17 14:18 - 01923364 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-17 16:31 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-11-17 16:30 - 2011-12-08 21:43 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-16 18:06 - 2014-09-10 08:24 - 00000068 _____ C:\Windows\CoDeSysOPC.ini
2015-11-16 18:00 - 2013-08-17 14:44 - 00000000 ____D C:\ProgramData\Gateway Files

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-05-04 20:47 - 2014-05-04 20:47 - 0663348 _____ () C:\Program Files\linuxrc
2014-06-20 18:55 - 2015-11-03 09:27 - 0000600 _____ () C:\Users\User\AppData\Local\PUTTY.RND
2015-11-12 08:03 - 2014-08-15 14:50 - 0000808 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2015-05-29 12:28 - 2015-05-29 12:28 - 0007599 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2013-08-17 19:31 - 2014-01-15 22:25 - 0000376 _____ () C:\ProgramData\LastUpdate.xml

Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkx5z6s.dll
C:\Users\User\AppData\Local\Temp\IntResource.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-10 12:56

==================== Ende von FRST.txt ============================
         

Alt 14.12.2015, 13:23   #12
dimmu311
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



und die Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-12-2015
durchgeführt von User (2015-12-14 14:18:33)
Gestartet von C:\Users\User\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-08-17 18:29:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3238437269-852521613-3698105168-500 - Administrator - Disabled)
USERADMIN (S-1-5-21-3238437269-852521613-3698105168-1001 - Administrator - Enabled) => C:\Users\USERADMIN
Gast (S-1-5-21-3238437269-852521613-3698105168-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Endpoint Security 10 für Windows (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Advanced IP Scanner 2.3 (HKLM-x32\...\{18FC0DE0-9381-42A8-B20C-B7C0E3525B76}) (Version: 2.3.2161 - Famatech)
AVR Burn-O-Mat 2.1.2 (HKLM-x32\...\{B9F41D01-DB28-4595-B93C-2732A54CBEA2}_is1) (Version:  - Torsten Brischalle)
BlackBoard (HKLM-x32\...\BlackBoard) (Version: 1.1.0 - Matthias Pueski)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BPS650 (HKLM-x32\...\{4F3C4874-D5D9-41A0-B8DE-FD7CA4690CE3}) (Version: 2.11.1 - Siedle)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version:  - )
CoDeSys for Automation Alliance (HKLM-x32\...\{07976ABB-1EBD-4A65-A7C7-155A0DC17173}) (Version:  - 3S-Smart Software Solutions GmbH)
Crestron Database 53.00.007.00 (HKLM-x32\...\{9E52ACC4-ABB4-41A1-9D99-1229F0E3C0C2}_is1) (Version: 53.00.007.00 - Crestron Electronics Inc.)
Crestron Device Database68.05.001.00 (HKLM-x32\...\{6686F38D-1A32-4A8C-94D7-A2AA9C5F3C9B}_is1) (Version: 68.05.001.00 - Crestron Electronics Inc.)
Crestron Digital Media Tools v3.00 (HKLM-x32\...\{DDD189C7-8590-4372-A494-08592E360B46}) (Version: 3.01.01 - Crestron Electronics Inc.)
Crestron MasterInstaller (HKLM-x32\...\{71B06E52-A152-43DE-B414-C2DD22D81A25}) (Version: 3.00.09.00 - Crestron Electronics Inc.)
Crestron Procise Tools 2.40.617.00 (HKLM-x32\...\{CCA3AB83-BCA7-4CFF-B96C-977CC0C1424A}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron ProdigyTools  2.40.617.00 (HKLM-x32\...\{AE3B0014-DD7D-4156-8CB2-D2D8910AC8DF}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron ProSoundTools 2.40.617.00 (HKLM-x32\...\{77FB7E6E-D48E-44A7-8257-CD7CF40AADE7}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron SIMPL Window 4.03.15.00 (HKLM-x32\...\{8B508184-4E86-41C9-BCFF-EF8B1C7EF2BF}_is1) (Version: 4.03.15.00 - Crestron Electronics Inc.)
Crestron SmartGraphics 2.07.07.01 (HKLM-x32\...\{1CE8BCAB-8F15-403F-A9A0-2D2000C6B554}_is1) (Version: 2.07.07.01 - Crestron Electronics Inc.)
Crestron Toolbox 2.40.617.00 (HKLM-x32\...\{1B52BC01-2F6E-4FAE-BB09-1F28D2BF1D63}_is1) (Version: 2.40.617.00 - Crestron Electronics Inc.)
Crestron VisionTools Pro-e 5.9.05.04 (HKLM-x32\...\{E74BC26C-A114-4AE0-990E-BBFBB9F592A4}_is1) (Version: 5.9.05.04 - Crestron Electronics Inc.)
Crestron XPanel (HKLM-x32\...\CrestronXPanel) (Version: 2.07.07 - Crestron Electronics, Inc)
Crestron XPanel (x32 Version: 2.07.07 - Crestron Electronics, Inc) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DALI Monitor (HKLM-x32\...\DALIMonitor25) (Version:  - )
DEAL for Windows (HKLM-x32\...\{7005C601-B415-4D77-B2ED-FF40E3DACDED}) (Version: 4.02 - Crestron Electronics Inc.)
D-Fend Reloaded 1.3.6 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.3.6 - Alexander Herzog)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
ETS3 Professional (HKLM-x32\...\ETS3 Professional) (Version: 3.0.00990.0 - KNX Association)
ETS3 Professional (x32 Version: 3.0.00990.0 - KNX Association cvba) Hidden
Evernote v. 5.0.3 (HKLM-x32\...\{32D39568-3B77-11E3-88CE-00163E98E7D0}) (Version: 5.0.3.1614 - Evernote Corp.)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FortiClient SSLVPN v4.0.2300 (HKLM-x32\...\{A34DCE59-0004-0000-2300-3F8A9926B752}) (Version: 4.0.2300 - Fortinet Inc.)
Free YouTube Download version 3.2.49.1022 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1022 - DVDVideoSoft Ltd.)
FreeFileSync 6.6 (HKLM-x32\...\FreeFileSync) (Version: 6.6 - Zenju)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
GDR 4033 für SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
GDR 4042 für SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
GIRA TS3plus Plugin 1.0.0.0 (HKLM-x32\...\{892AAFA1-CBEE-419C-905D-BA2B728BB32A}) (Version: 1.0.0.0 - GIRA Giersiepen GmbH & Co. KG)
GIRA TS3plusPlugin1 1.1.1.0 (HKLM-x32\...\{109D0D31-581D-4CE3-A069-63CEFF2A46F0}) (Version: 1.1.1.0 - GIRA Giersiepen GmbH & Co. KG)
GO Contact Sync Mod (HKLM-x32\...\{2A0B0EE0-76F3-4DE6-8998-61E3262E642D}) (Version: 3.5.25 - WebGear, Create Software, Stru.be, saller.NET)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Jabra PC Suite 2.14.5888 (HKLM-x32\...\{6D22DD53-EC7D-45E7-A996-A18CB7C8DFE9}) (Version: 2.14.5888.0 - GN Netcom A/S)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Juggler 7.6.3 (HKLM-x32\...\{{DDB0D4D8-459A-4A26-8EB9-564846AB70AB}_is1) (Version: 4 - Global IP Telecommunications Ltd.)
Jung KRTS Plugin 1.0.1.1 (HKLM-x32\...\{8880F584-FAFC-498D-84DD-C92912D62CC9}) (Version: 1.0.1.1 - Albrecht Jung  GmbH & Co. KG)
JUNG RCS Plugin 1.0.1.0 (HKLM-x32\...\{4A9F2678-EF45-4F3B-8E3E-B1159C72BC1A}) (Version: 1.0.1.0 - Albrecht Jung GmbH & Co. KG)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Endpoint Security 10 für Windows (HKLM\...\{04CF7FBD-E56C-446D-8FC9-DD444BDBEE8E}) (Version: 10.2.1.23 - Kaspersky Lab)
Kaspersky Security Center Administrationsagent (HKLM-x32\...\InstallWIX_{2F383CB3-6D7C-449D-9874-164E49E1E0F5}) (Version: 10.1.249 - Kaspersky Lab ZAO)
Kaspersky Security Center Administrationsagent (x32 Version: 10.1.249 - Kaspersky Lab ZAO) Hidden
KNX eteC Falcon Runtime v2.1 (x32 Version: 2.1.5213.27900 - KNX Association cvba) Hidden
KNX ETS4 (HKLM-x32\...\KNX ETS4) (Version: 4.1.3614.46489 - KNX Association cvba)
KNX ETS4 (x32 Version: 4.1.3614.46489 - KNX Association cvba) Hidden
KNX ETS4 Additional Runtime (x32 Version: 4.0.0.0 - KNX Association cvba) Hidden
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.72.10 - Lenovo)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0019 - Lenovo)
LOGO!Soft Comfort V7.0  (HKLM\...\LOGO!Soft Comfort V7.0 ) (Version: 7.0.0.0 - Siemens AG)
LOGO!Soft Comfort V7.1  (HKLM\...\LOGO!Soft Comfort V7.1 ) (Version: 7.1.0.0 - Siemens AG)
Loxone Config (HKLM-x32\...\LoxoneConfig_is1) (Version: 6.4 - Loxone Electronics GmbH)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
masterCONFIGURATOR (HKLM-x32\...\masterCONFIGURATOR) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.1.1.0 - Ericsson AB)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.009.09.02.910 - Huawei Technologies Co.,Ltd)
Modbus Poll 4.4.1 (HKLM-x32\...\Modbus Poll) (Version:  - )
Modbus Slave 4.3.1 (HKLM-x32\...\Modbus Slave) (Version:  - )
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 38.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version: 38.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
NetSetMan 3.5.3 (HKLM-x32\...\NetSetMan_is1) (Version: 3.5.3 - Ilja Herlein)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team)
NVIDIA 3D Vision Treiber 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 345.20 - NVIDIA Corporation)
NVIDIA Grafiktreiber 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
OLYMPIA - SERD Manager 4.01.03 (HKLM-x32\...\OLYMPIA - SERD Manager_is1) (Version:  - Olympia Business Systems Vertriebs GmBH)
OpenVPN 2.3.4-I002  (HKLM\...\OpenVPN) (Version: 2.3.4-I002 - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-XChange Editor (HKLM-x32\...\{2eef0fe2-cc4a-47d6-959c-de2d5c2cc40b}) (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.7.0 - Prolific Technology INC)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
RCD FD Plugin 1.2.2.0 (HKLM-x32\...\{DB85DBD8-7736-42CF-8CA7-DDA13221192F}) (Version: 1.2.2.0 - Albrecht Jung GmbH & Co. KG)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6591 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Scan2PDF 1.6 (HKLM-x32\...\Scan2PDF_is1) (Version:  - Koma-Code)
SciLor's grooveshark™.com Downloader 0.4.12 (HKLM-x32\...\{DDEAE484-D5FB-49CB-BD47-9512E8ACCA65}_is1) (Version: 0.4.12 - SciLor)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version:  - Microsoft)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
setup (x32 Version: 1.0.0 - hxxp://www.globaliptel.com) Hidden
Siedle Access Servicetool (HKLM-x32\...\Siedle Access Servicetool) (Version: 1.0.0.0 - S. Siedle & Söhne OHG)
Siedle ASC 170 (HKLM-x32\...\ASC 170) (Version: 2.1.002.0 - S. Siedle & Söhne)
Siedle ASHT 170 (HKLM-x32\...\ASHT 170) (Version: 2.3.003.0 - S. Siedle & Söhne OHG)
Siedle ASOEM 170 (HKLM-x32\...\ASOEM 170) (Version: 1.3.206.0 - S. Siedle & Söhne)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista_3 (c:\SiLabs\MCU_3) (HKLM-x32\...\{BC2EFFDD-A64B-43B5-A755-36C0FCD9B080}) (Version: 5.30 - Silicon Laboratories, Inc.)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{14D8063B-21C3-4C85-B1F4-3BDAA7B79350}) (Version: 6.2.00 - Silicon Laboratories, Inc.)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7_2 (c:\SiLabs\MCU\CP210x\Windows_XP_S2K3_Vista_7_2) (HKLM-x32\...\{5F4403E5-BC1A-4065-BB35-7A3AE5CE11A2}) (Version: 6.2.00 - Silicon Laboratories, Inc.)
SIMPL+ Cross Compiler (HKLM-x32\...\{FB97A745-D1E6-435D-B942-264E94F89938}) (Version: 1.3 - Crestron Electronics Inc.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Target 3001! V16 distrelec (HKLM-x32\...\Target 3001! V16 distrelec) (Version:  - Ing. Buero FRIEDRICH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
Touchpanel Graphics v1.00 (HKLM-x32\...\{C885A1B2-184E-4C57-8C2B-78B250E1EFCA}) (Version: 1.00.01.1526 - Crestron Electronics Inc.)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version:  - Microsoft)
UpLoad/DownLoad (HKLM-x32\...\{12D99D8A-8B28-442E-8954-955C18B2AD97}) (Version: 3.2.1.1 - Abus)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WAGO BACnet Configurator (HKLM-x32\...\{121C9DB8-BFC0-4CCE-B1EF-DA07F4692AD6}) (Version: 1.7.0 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO BACnetObjectMerger (HKLM-x32\...\{27505E00-47F0-4FA1-A964-927BCDE05FE2}) (Version: 1.1.0 - WAGO Software)
WAGO Ethernet Settings (HKLM-x32\...\WAGO Ethernet Settings) (Version: 5.3.3.3 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO Ethernet Update (HKLM-x32\...\WAGO Ethernet Update) (Version: 1.5.2.4 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO IO-Link (HKLM-x32\...\WAGO IO-Link) (Version: 1.0.12.1 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO USB Service Cable (HKLM-x32\...\WAGO USB Service Cable) (Version: 6.5.3.0 - WAGO Kontakttechnik GmbH & Co. KG)
WAGO-I/O-Check 3 (HKLM-x32\...\WAGO-IO-Check 3) (Version: 3.5.3.11 - WAGO Kontakttechnik GmbH & Co. KG)
Wago-ProServe (HKLM-x32\...\InstallShield_{EADC9384-A49D-42BE-8115-67FD73D10F56}) (Version: 6.00.0000 - Wago GmbH)
Wago-ProServe (x32 Version: 6.00.0000 - Wago GmbH) Hidden
WAGO-Safety-Editor 75x (HKLM-x32\...\WAGO-Safety-Editor 75x) (Version: 2.2.5 - WAGO Kontakttechnik GmbH & Co. KG)
Web Server (remove only) (HKLM-x32\...\WebServer) (Version:  - )
WinAVR 20100110 (remove only) (HKLM-x32\...\WinAVR-20100110) (Version: 20100110 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Crestron Electronics Inc. (WinUSB) Crestron  (11/09/2010 3.0.0.0) (HKLM\...\D49FBD114E4911AD03D99ED034ADA88310A1915A) (Version: 11/09/2010 3.0.0.0 - Crestron Electronics Inc.)
Windows-Treiberpaket - Intel (e1cexpress) Net  (01/11/2012 11.15.16.0) (HKLM\...\EC2A0F2B229770EC589265FCF2B4839A0C221993) (Version: 01/11/2012 11.15.16.0 - Intel)
Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (04/06/2012 16.1.1.0) (HKLM\...\64B3C27E4CF7B6AD920184EFFF6C488C55EF2892) (Version: 04/06/2012 16.1.1.0 - Synaptics)
Windows-Treiberpaket - WAGO Kontakttechnik GmbH & Co. KG (silabenm) Ports  (04/24/2012 6.5.3.0) (HKLM\...\8B70BEF5876E0C4A8835B50654466A4169F49A81) (Version: 04/24/2012 6.5.3.0 - WAGO Kontakttechnik GmbH & Co. KG)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wireshark 1.10.5 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, hxxp://www.wireshark.org)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2557082223-2624319934-3865501230-3146_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

14-12-2015 12:03:19 Revo Uninstaller's restore point - Google Chrome

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0CE0925A-BF2B-4991-A5A2-4397AACFBC0A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {33957458-DCBD-4CCB-9628-1732A3DA10A4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {365492AE-5044-4B97-8FB6-D32981B82691} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146Core => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {4C25A588-5287-4C7B-9A81-B5F8A370553A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {7C49AF13-9956-4A1A-A461-A9AE4923A30C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {8E81F58C-521A-4C10-ADC0-F06BB7B5705A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {A718766C-39F1-4964-8270-30C8865308A1} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-11-11] ()
Task: {AB5BA8F1-1FDC-420C-8A2C-378D012E98F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {BC5AEDD1-364F-4047-AD63-CBB3126FA959} - System32\Tasks\Lenovo\LSC\CreateHardwareScanTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe
Task: {DE09DE1A-6CBD-4042-AA22-C4ED6DACFA42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E4EC5EEA-07DA-4CBE-80FB-F78753C491CA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146UA => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {FE93BA35-535F-4DDE-B7B2-24B5CCB71916} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146Core.job => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2557082223-2624319934-3865501230-3146UA.job => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-12-17 09:57 - 2009-11-02 09:19 - 00648704 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\KOAZ8J_O.DLL
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-10-18 15:29 - 2013-03-01 07:33 - 00650240 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2013-11-15 09:52 - 2015-02-05 09:16 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-15 12:40 - 2015-02-04 21:29 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-07-24 19:38 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2013-07-24 19:39 - 2012-04-09 00:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-18 15:29 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2015-10-18 15:29 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2015-10-18 15:29 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2015-10-18 15:29 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2015-10-18 15:29 - 2013-03-01 07:33 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2015-10-18 15:29 - 2012-10-31 10:11 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2013-07-24 19:38 - 2011-07-13 09:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2013-11-27 21:21 - 2013-11-27 21:21 - 01309888 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\kpcengine.2.2.dll
2013-11-15 09:52 - 2015-02-05 09:16 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-05-08 09:20 - 2015-02-03 16:09 - 00166504 _____ () C:\ProgramData\Juggler\Juggler\libnet.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 00061440 _____ () C:\ProgramData\Juggler\Juggler\ogg.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 01253376 _____ () C:\ProgramData\Juggler\Juggler\vorbis.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 00102400 _____ () C:\ProgramData\Juggler\Juggler\vorbisfile.dll
2015-05-08 09:20 - 2007-08-13 15:46 - 01032192 _____ () C:\ProgramData\Juggler\Juggler\vorbisenc.dll
2015-05-08 09:20 - 2015-02-03 16:09 - 05626472 _____ () C:\ProgramData\Juggler\Juggler\libimg.dll
2014-03-25 12:53 - 2014-03-25 12:53 - 00092160 _____ () C:\Program Files (x86)\Jabra\Jabra PC Suite\GNDeviceInterface.dll
2015-12-11 09:19 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-11 09:19 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-11 09:19 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-11 09:19 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-11 09:19 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-11 09:19 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-11 09:19 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-11 09:19 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 06:06 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2013-09-26 12:50 - 2013-09-26 12:50 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2013-09-26 12:49 - 2013-09-26 12:49 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-10-13 15:07 - 2015-10-13 15:07 - 01032360 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2015-12-03 09:17 - 2015-12-03 09:17 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-12-03 09:17 - 2015-12-03 09:17 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-07-24 19:37 - 2012-02-21 04:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-12-14 13:17 - 2015-12-04 22:32 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libglesv2.dll
2015-12-14 13:17 - 2015-12-04 22:32 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.4.1 - 192.168.200.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{151FAA68-F1DF-4A79-AF71-92A0F14E9CE4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C2810C4A-E97D-4B92-A96B-5433A806F008}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3660F2E3-46B0-4D0F-BE0F-9C59A10EAA3A}] => (Allow) LPort=2869
FirewallRules: [{7FD6E6D9-367B-419D-9606-019CB3FED78F}] => (Allow) LPort=1900
FirewallRules: [{B8EA89FC-5085-4DF8-BD24-AF7672CF092A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{93361C44-296A-4BD6-843F-76F012342DE2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7DBE66D0-0DF7-47FF-B6E5-6D9B468092B8}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{ED379DCD-AEC1-4B26-B1B6-9A46473FB065}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{62ABF094-7690-40BD-81E4-B43B6757F2B2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{3CCF2577-0193-4F47-86EF-F0ED5076225E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3A8371CD-3595-4F5B-860A-D79F3D6E6F01}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{FCE19657-48D7-426A-B02F-0604AB2AA4B8}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{AA1365C7-3BB9-4FCF-ACB5-A5852B6A1BF1}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{B1A64864-401F-41C5-AC52-FF07E7356B5F}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{37E6BF91-E1FA-4B95-B1A6-CF64EDFF3183}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{A064830F-E257-4141-97CB-62A64467BCDC}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{0B5E1478-B271-4CBA-BAF1-2A3559EAD6D7}] => (Allow) LPort=15000
FirewallRules: [TCP Query User{F6475DE9-1EDF-4CFC-AA23-ABC9D17BDCDB}C:\program files (x86)\ets4\ets4.exe] => (Block) C:\program files (x86)\ets4\ets4.exe
FirewallRules: [UDP Query User{1223840E-68E9-4520-A703-100A93A3600B}C:\program files (x86)\ets4\ets4.exe] => (Block) C:\program files (x86)\ets4\ets4.exe
FirewallRules: [{A6F045DF-565D-4A33-AEC8-A6BB1D47260E}] => (Allow) LPort=15000
FirewallRules: [TCP Query User{D2EDB46F-F6DF-401D-80B2-FD0483EA6905}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{EDE53D6F-6CF6-419D-97C9-D5A85D12AD50}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [{D734E670-D497-4F2B-AC55-03F519B95D9D}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{A063A481-D0F6-488D-BF2B-C20FDE8374D3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B029B561-246E-4719-80F7-26284C45B208}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{44C7E51D-520C-4C1A-8F81-36C6993F8A36}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CB052BD8-0BD3-46E5-B9A6-D50D095361EB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8A5A1F8B-D327-49AB-A02F-033FBC018066}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{48C46D9B-3922-4D4B-B0FD-9F491F78C780}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [UDP Query User{C4D72A2E-28F0-4CAA-9DEB-54708B88857A}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [{5E18A4FC-CEDB-4ECA-8144-E484F3C153B5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{89E2D795-DC17-42B8-BF4B-E14534B6E018}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{B2765CFC-6C4B-444C-8520-7EB3DA334E29}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{789E0C8C-E5E4-4191-997D-4618C9003170}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{F93740DA-A860-468F-8A87-633E798794A5}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A270CB0A-04F0-4C75-8AE3-99C017CF0BC2}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AA1762B5-2308-4099-97B2-01B8E7723264}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{C29168EC-A98C-4E81-87B1-F75E31E76A37}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CB1901ED-890A-48C9-AD17-35DF801F69F6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{58836AFB-8B5E-47C2-A9E8-39095586CC95}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{FFEE2111-3016-4ED3-A1B9-F1FE68E5FB94}C:\users\User\downloads\hercules_3-2-6.exe] => (Allow) C:\users\User\downloads\hercules_3-2-6.exe
FirewallRules: [UDP Query User{9A6BD6DF-1D14-4792-8041-3F6DAA2082B5}C:\users\User\downloads\hercules_3-2-6.exe] => (Allow) C:\users\User\downloads\hercules_3-2-6.exe
FirewallRules: [TCP Query User{4E5A145E-C6DC-4783-8F9D-3C32DEB6F2D0}C:\program files (x86)\crestron\toolbox\vptcomserver.exe] => (Allow) C:\program files (x86)\crestron\toolbox\vptcomserver.exe
FirewallRules: [UDP Query User{7F61C7AA-167E-40F2-984A-093EC712A7CF}C:\program files (x86)\crestron\toolbox\vptcomserver.exe] => (Allow) C:\program files (x86)\crestron\toolbox\vptcomserver.exe
FirewallRules: [TCP Query User{AF3C72AA-A556-4D67-8684-5211F49EB623}C:\users\User\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\User\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6AA44FEE-D6F7-4B70-BFEC-997DBDB4B33B}C:\users\User\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\User\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A4734A7F-3EF6-4BDC-87D8-6CCE81AEDE65}C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe
FirewallRules: [UDP Query User{6C26C367-321D-4016-8DF2-4CCE42CF999B}C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\loxoneconfig\loxoneconfig.exe
FirewallRules: [{2C1E8FD7-A3AA-4AEE-AA2A-F5C64FC30E3B}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [{AF32F78A-C09C-4DC4-BD4B-91C3A76C20C5}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [TCP Query User{C692F293-666C-4EC9-8295-90EC8149FC0A}C:\program files (x86)\boxee\boxee.exe] => (Allow) C:\program files (x86)\boxee\boxee.exe
FirewallRules: [UDP Query User{45A31A3D-6561-4DEF-BEA0-D93157E9DCEB}C:\program files (x86)\boxee\boxee.exe] => (Allow) C:\program files (x86)\boxee\boxee.exe
FirewallRules: [{7FDA7405-753D-44AA-9171-89BE4437BFB1}] => (Allow) LPort=2869
FirewallRules: [{50AB1FE6-625C-47F1-B078-7D4BF98F0CA0}] => (Allow) LPort=2869
FirewallRules: [{B35F493E-E5C9-46E1-8DEE-17B53776E691}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{3405EF07-4CC0-49D3-930C-D25DDA0872C8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{D517C30F-6D25-435F-8221-118F2E382742}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{856B825B-5CEC-4BE8-A522-9E8339CB568D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{1D933754-1677-4689-8488-B85F60002C21}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{139448B3-A743-4D02-A748-FE127CFA0B8F}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{CC02E6D7-9746-493E-AE98-C1DE9D3FA82F}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{4C30B13C-371B-4C99-A77D-60B896AE111C}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{74883BB3-FC4B-486F-9C6A-AEA52DED030F}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{D8C21ED9-806A-4048-963C-41CE8B5BCB4A}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{A47E54C7-687E-44CA-9FC7-A2042B0E5501}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [{EA09E8C1-491C-48AA-AD28-CF2858937C60}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [{7BDA8493-95F3-4682-A1B2-EB9F48F464EA}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{C8763D6B-6EE0-4BE6-9FF3-312AE1579E06}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{476AC9AB-E017-4849-9066-F270231986DA}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{698F4147-C95A-43D9-ABEA-05E6F7041325}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{9696D58B-C6BF-4122-A9DD-617A20A8CD4E}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{505AFA83-A99D-48E4-A4C1-4992F2D66445}] => (Allow) C:\Users\User\Downloads\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [TCP Query User{2F57D1C6-18A8-4BEA-9614-4F6B57C6023A}E:\ip installer\lupusnet_ipinstallerger_v2.2.exe] => (Allow) E:\ip installer\lupusnet_ipinstallerger_v2.2.exe
FirewallRules: [UDP Query User{FA79D07F-5EE1-43A9-BD9D-92670256D28B}E:\ip installer\lupusnet_ipinstallerger_v2.2.exe] => (Allow) E:\ip installer\lupusnet_ipinstallerger_v2.2.exe
FirewallRules: [TCP Query User{EAF00569-8BB1-4E92-BEA3-6755A802E350}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{C3B6F9D2-C881-4363-BD1B-AA286571827D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{9B6FAF07-DA3E-48D2-9A5A-D8E54B1D0BED}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{A58F8054-BAEA-40F5-A575-12A4745C55AD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B23E4835-4C32-4C30-8509-160DFD8BE958}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AF57CBF7-B266-43ED-82AB-A461C4A8CC3D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7038D03E-94CD-4215-A639-F277E5183315}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AAE4D16E-C331-483A-975E-FBD54D9A30E1}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Media Synchronization Tool\bin\FX2_0\Autonomic.Synchronization.App.exe
FirewallRules: [{4CBEA326-7838-46F7-9017-0545B60AF08A}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Media Synchronization Tool\bin\FX2_0\Autonomic.Synchronization.App.exe
FirewallRules: [{061A56D7-36B3-4618-946C-0A8F05C9E1B1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3CA41D9F-46BD-46D6-B24A-2C18545A21ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7EC0A844-5DA4-4117-B5A6-DAAEF9BB35C1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{35E2DDF3-A154-4FB0-878A-FEE3B6EBE34B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{83B99151-1593-4FE3-8483-EC84A46888D6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{0712E40F-A45B-419D-85EA-77351D1F5905}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C27A2881-BDC3-415B-AC3B-858D6EEB1EA2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{FAE6ECC5-D619-49FF-95BE-DADC1F3C016E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{855D9416-C583-418E-B58E-103009CC6709}C:\prog\hercules_3-2-6.exe] => (Block) C:\prog\hercules_3-2-6.exe
FirewallRules: [UDP Query User{C4178F18-4EA1-4589-8A75-1A315231582B}C:\prog\hercules_3-2-6.exe] => (Block) C:\prog\hercules_3-2-6.exe
FirewallRules: [{941F2DE4-C04B-45A4-BA83-84B8B1FE7B36}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F877B393-F3BF-4740-B19C-7B05D9BD8808}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E2D6CE2E-80A2-432D-8DB2-AADD94F98FB5}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{DBE44FA9-EE5C-4F8F-9C17-FB206607E407}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{A9F2BFBD-06E6-4A8D-B715-8C41D7DCE979}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{CEB5B6D7-1591-41A1-B5A8-7E3E4866DAEA}] => (Allow) C:\Program Files (x86)\Autonomic Controls\Mirage\Bin\FX2_0\Mirage.exe
FirewallRules: [{E083091F-A324-44A8-A07C-342031093E64}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\ASM.exe
FirewallRules: [{7F135248-C4EC-4922-B9E7-09EC940C7C91}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\ASM.exe
FirewallRules: [{7407E155-2E66-4D3B-B96B-9746D07644F0}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\cyibxsp.exe
FirewallRules: [{10CC0EFD-D132-42B3-9542-F88FCCDC5A2C}] => (Allow) C:\Program Files (x86)\Siedle\Access ASOEM 170\cyibxsp.exe
FirewallRules: [TCP Query User{90662145-CFF8-4B09-8BEC-89190838FB7C}C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe] => (Block) C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe
FirewallRules: [UDP Query User{C7EB528E-C9C4-410E-8DD7-09F564415C59}C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe] => (Block) C:\program files (x86)\autonomic controls\media synchronization tool\bin\fx2_0\autonomic.synchronization.app.exe
FirewallRules: [TCP Query User{8A117562-229A-4427-93A6-699CF3478747}C:\program files (x86)\siedle\access asoem 170\asm.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\asm.exe
FirewallRules: [UDP Query User{7FC1FE9C-3885-4DE3-8D6B-D098DA08439C}C:\program files (x86)\siedle\access asoem 170\asm.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\asm.exe
FirewallRules: [TCP Query User{018509BD-B03B-4514-9EC2-C0D5F47DA276}C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe
FirewallRules: [UDP Query User{D86B56A4-B96A-4026-9447-C3A1AF2A3F67}C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe] => (Allow) C:\program files (x86)\siedle\access asoem 170\cyibxsp.exe
FirewallRules: [{483BAD99-AA2C-4E46-B3F6-D915D4D3DCCF}] => (Allow) LPort=7070
FirewallRules: [{ACD4F3F8-3292-4953-85A6-5030EC2C70DF}] => (Allow) LPort=7071
FirewallRules: [{0078F072-0051-4654-A379-35FADD110BDD}] => (Allow) LPort=7707
FirewallRules: [{061994BF-47FB-4CA8-BC77-AA5A01607035}] => (Allow) LPort=7777
FirewallRules: [{9B68437A-6C4E-46B9-BEAD-A6F0CE41EE94}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{34BE5D63-AB4C-4446-93DF-F3A5912F1CDF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{972B4F21-A08B-4379-A306-82BD53430B02}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{ABEE9B5F-484E-4FE1-BC3E-609379274168}] => (Allow) C:\ProgramData\Juggler\Juggler\Juggler.exe
FirewallRules: [{E49571F8-94D3-4A18-8DE1-65A4AFABA7F5}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{DA4685D1-053B-48B6-BDF4-890797A8BA0A}] => (Allow) C:\ProgramData\Juggler\Juggler\xproxy.exe
FirewallRules: [{4B896025-1EAD-4620-B10F-927CBAA766B2}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{4477834A-FF78-4E41-8F7D-4BE531249DF5}] => (Allow) C:\ProgramData\Juggler\Juggler\USB\Jabra32.exe
FirewallRules: [{B59D5148-7D4F-424C-B5CA-CF377118ACB5}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [{75CBC92E-03EC-4EB1-814A-85C1BAD6B649}] => (Allow) C:\ProgramData\Juggler\Juggler\CTI\xcti.exe
FirewallRules: [TCP Query User{653993A0-E147-49AF-A8F2-1D447FC41D32}C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe] => (Block) C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe
FirewallRules: [UDP Query User{D3ED7C0B-B595-4208-97E2-2664D5A19100}C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe] => (Block) C:\program files (x86)\loxone\6.4_release\loxoneconfig.exe
FirewallRules: [{3CCB729D-1D99-4DB0-B9E5-9099DE4FEF1E}] => (Allow) LPort=7070
FirewallRules: [{FCAB30B1-4513-42EB-892A-37DD42407AB8}] => (Allow) LPort=7070
FirewallRules: [{F2FC2133-5E0A-40F8-B274-F4878F481498}] => (Allow) LPort=7071
FirewallRules: [{D4054453-73E5-49B0-9548-8034346621D0}] => (Allow) LPort=7071
FirewallRules: [{80E6CC9F-D4A9-48B7-93CB-57477A9B627D}] => (Allow) LPort=7707
FirewallRules: [{D74FD780-F163-4957-9108-D77B41F98372}] => (Allow) LPort=7707
FirewallRules: [{9B682EF1-914B-48E8-892E-43A8D03E6927}] => (Allow) LPort=7777
FirewallRules: [{8E4B2ADC-6C69-45C1-B702-42E4FAEB0A12}] => (Allow) LPort=7777
FirewallRules: [TCP Query User{28D260CB-45A2-45C5-9DF6-4843B1966545}C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe
FirewallRules: [UDP Query User{BE7A7804-8B01-40BF-AE8B-DD24132FD769}C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe] => (Allow) C:\program files (x86)\loxone\beta_7.0.8.6\loxoneconfig.exe
FirewallRules: [{7243E4E8-FC54-4865-AA8C-05F8FC156D9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A9C08AFD-F7A8-48EF-AB8F-AC57E362E550}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7EC23BC3-C21F-4738-A2B9-4CF9AF9F417F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A9976C96-ADA8-46A6-B425-B37DA616D43A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DA840025-DF60-4F3F-9828-77A750A912A6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2BE52018-D548-4C3E-A627-77119D1A2E42}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{22CD3265-882D-4D5F-B225-6DF095A9E8ED}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{88DE57D7-D05A-47BF-A115-C66794B7C5CC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{CC4B06BB-A85A-4E8D-9460-A04690B1F9D4}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\ASC.exe
FirewallRules: [{3CF82E0C-6226-4C2E-A3CE-09DB3B802364}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\ASC.exe
FirewallRules: [{6A56752C-93CA-48C1-8E22-86342458E8D0}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\cyibxsp.exe
FirewallRules: [{EA4B0C8F-EF58-47D9-B4B9-6AED14B6A0FC}] => (Allow) C:\Program Files (x86)\Siedle\Access ASC 170\cyibxsp.exe
FirewallRules: [{F77CFB7F-5844-4C79-9F4D-5B583B1DD641}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{267EA46C-38B1-4108-918E-4D1B36DE826B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{93B74F23-3E3B-46BA-B67B-BAAA2BE9847C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3AB0AC45-4872-421F-94A9-0559DA9A200E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{55933894-1578-410A-9007-A5FC90F79455}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F2D08CD4-657D-495D-A8A2-D9581C176724}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{3BB4B181-EB78-4266-AC83-CBFD53C9E576}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7E121398-9398-476A-9763-13B016863312}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{94A4EE9C-5AC1-414C-8BF8-0F6FD5696A64}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{93097904-0777-46F2-A81F-F246CF185AFD}] => (Allow) LPort=15000
FirewallRules: [{1AF91464-D10B-414C-9BAA-09EC1EC8EF60}] => (Allow) C:\Program Files (x86)\Siedle\Access ASHT 170\ASHT.exe
FirewallRules: [{392825C3-C338-4967-93B9-4FF30028527D}] => (Allow) C:\Program Files (x86)\Siedle\Access ASHT 170\ASHT.exe
FirewallRules: [TCP Query User{20E54D1A-0C27-4E34-8491-5B1645AD5EF8}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe
FirewallRules: [UDP Query User{89B4342F-1EC0-40E5-A84D-4FC248022612}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe
FirewallRules: [{DDC9F7BA-83BC-4836-9675-04F18FA19E8C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{3DCB42EA-C617-4780-973B-FC3BB1F352BF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{7C3F1F0F-C91F-40CF-ADBD-38CDE8FEF2A2}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{C22C2446-E3F0-4EA9-BCEB-60C6C9FCBD8A}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{443DFD40-ED60-46F4-B384-FCEFF3F8D9BA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CF12940D-FFC8-4486-8AEC-66678B8800E2}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{9E2350EE-2A78-41E2-94CD-80510F161E34}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{B392F17A-E20B-499A-84D8-8621CD2816F5}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{D1E71F7E-10B8-4987-8689-1CA5EE7B7BC4}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/14/2015 01:14:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/14/2015 01:14:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.1.0.2, Zeitstempel: 0x4f4a262d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19045, Zeitstempel: 0x56259271
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0xfec
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (12/14/2015 11:07:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Juggler.exe, Version: 7.0.25.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0a0d3439
ID des fehlerhaften Prozesses: 0x914
Startzeit der fehlerhaften Anwendung: 0xJuggler.exe0
Pfad der fehlerhaften Anwendung: Juggler.exe1
Pfad des fehlerhaften Moduls: Juggler.exe2
Berichtskennung: Juggler.exe3

Error: (12/14/2015 10:48:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/14/2015 10:48:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.1.0.2, Zeitstempel: 0x4f4a262d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19045, Zeitstempel: 0x56259271
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0x3dc
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (12/14/2015 10:31:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.125.0, Zeitstempel: 0x5612a56b
Name des fehlerhaften Moduls: mbam.exe, Version: 2.3.125.0, Zeitstempel: 0x5612a56b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001e7742
ID des fehlerhaften Prozesses: 0xb34
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (12/14/2015 08:15:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MustangSer1810.exe, Version: 1.0.0.5, Zeitstempel: 0x56173d89
Name des fehlerhaften Moduls: MustangSer1810.exe, Version: 1.0.0.5, Zeitstempel: 0x56173d89
Ausnahmecode: 0x40000015
Fehleroffset: 0x00013025
ID des fehlerhaften Prozesses: 0xc64
Startzeit der fehlerhaften Anwendung: 0xMustangSer1810.exe0
Pfad der fehlerhaften Anwendung: MustangSer1810.exe1
Pfad des fehlerhaften Moduls: MustangSer1810.exe2
Berichtskennung: MustangSer1810.exe3

Error: (12/14/2015 08:13:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/14/2015 08:13:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.1.0.2, Zeitstempel: 0x4f4a262d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19045, Zeitstempel: 0x56259271
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0xf7c
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (12/14/2015 08:11:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 500: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)


Systemfehler:
=============
Error: (12/14/2015 01:33:56 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{E9BB59C6-A501-411F-93AB-FDBC3D1AD88B}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (12/14/2015 01:14:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/14/2015 01:14:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/14/2015 01:14:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.

Error: (12/14/2015 01:14:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DHCP Server" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/14/2015 01:14:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TVicPort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/14/2015 11:08:11 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{E24D79C0-307D-4B79-8D05-B2D122F78F70} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (12/14/2015 11:06:55 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{E9BB59C6-A501-411F-93AB-FDBC3D1AD88B}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (12/14/2015 10:48:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/14/2015 10:48:40 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.


CodeIntegrity:
===================================
  Date: 2015-11-25 13:00:15.606
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 13:00:15.546
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:59:42.459
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:59:42.397
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:50:47.832
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:50:47.712
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:49:47.610
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:49:47.540
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:45:15.797
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-25 12:45:15.727
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 7888.79 MB
Verfügbarer physikalischer RAM: 3979.41 MB
Summe virtueller Speicher: 15775.79 MB
Verfügbarer virtueller Speicher: 10744.43 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:214.1 GB) (Free:37.62 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive s: (Volume) (Network) (Total:1500 GB) (Free:363.65 GB) NTFS
Drive x: (Volume) (Network) (Total:1500 GB) (Free:363.65 GB) NTFS
Drive y: (Volume) (Network) (Total:1500 GB) (Free:363.65 GB) NTFS
Drive z: (Volume) (Network) (Total:1500 GB) (Free:363.65 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 89157FD8)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=214.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=84)

==================== Ende von Addition.txt ============================
         
Das geht ja echt fix bei dir
Danke

Alt 14.12.2015, 15:16   #13
Deathkid535
/// Malwareteam
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



Hi,

mach mal ein neues Profil im Chrome, und schau, ob das dort auch ist.

Alt 14.12.2015, 15:30   #14
dimmu311
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



Auch das hilft leider nicht.
Vielleicht hilft die Info noch, wenn ich mich mit meinem google Konto auf einem anderen PC an chrome anmelde ist alles wie gewohnt ohne s.coldsearch.

sieht so aus wie wenn das nicht ganz so einfach ist

Alt 14.12.2015, 16:10   #15
Deathkid535
/// Malwareteam
 
chrome nutzt nur noch s.coldsearch - Standard

chrome nutzt nur noch s.coldsearch



Hi,

wir probieren noch was, wenn das nicht funktioniert frag ich intern nach

Schritt # 1: FRST-Fix

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-21-2557082223-2624319934-3865501230-3146\...\Winlogon: [Shell] C:\Windows\EXPLORER.EXE [2871808 2011-12-08] (Microsoft Corporation) <==== ACHTUNG
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt # 2: FRST

Und noch ein frisches FRST-Log bitte.



Schritt # 3: Bitte Posten
  • Das Fixlog von FRST
  • Das frische FRST-Log

Schau mal nach, ob sich coldsearch in deinen Suchmaschinen befindet.

Antwort

Themen zu chrome nutzt nur noch s.coldsearch
administrator, defender, dnsapi.dll, esgscanner.sys, explorer, flash player, kaspersky, prozesse, pup.optional.tempmoudleset, registry, security, services.exe, software, svchost.exe, symantec, winlogon.exe



Ähnliche Themen: chrome nutzt nur noch s.coldsearch


  1. Windows 7: s.coldsearch in Chrome
    Plagegeister aller Art und deren Bekämpfung - 16.12.2015 (11)
  2. Windows 7: Chrome wurde von s.coldsearch.com übernommen
    Log-Analyse und Auswertung - 25.11.2015 (11)
  3. ColdSearch.com redirect entfernen
    Anleitungen, FAQs & Links - 06.11.2015 (2)
  4. Unerwünschte Werbefenster in Chrome - Laptop so langsam, sodass kaum noch verwendbar!
    Plagegeister aller Art und deren Bekämpfung - 17.10.2015 (12)
  5. Nur noch Pop Ups und Werbungen - Tipps für Chrome erbeten
    Log-Analyse und Auswertung - 17.06.2015 (5)
  6. Scrollen in Google Chrome geht nur noch Waagerecht
    Alles rund um Windows - 19.05.2015 (15)
  7. Rechner stark "verpestet". Nach Erstbehandlung noch Download Protect in Chrome drauf
    Log-Analyse und Auswertung - 18.11.2014 (9)
  8. Chrome lädt nur noch facebook, google und Co.
    Plagegeister aller Art und deren Bekämpfung - 03.06.2014 (3)
  9. AppData\Local\Google\Chrome\User Data\Default\preferences Ist das noch sicherheitsrelevant?
    Log-Analyse und Auswertung - 18.03.2014 (7)
  10. Erweiterungen für Googles Webbrowser Chrome nur noch aus offiziellem Store
    Nachrichten - 11.11.2013 (0)
  11. DealPly und Co. entfernt aber immer noch seltsame Werbepopups im Chrome Browser
    Plagegeister aller Art und deren Bekämpfung - 22.09.2013 (15)
  12. Snap.do noch immer in Chrome und Rechner zu finden
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (7)
  13. Windows XP (+ Chrome), "Polizei"-Tab: weder Tab noch Fenster lässt sich schließen
    Plagegeister aller Art und deren Bekämpfung - 29.08.2013 (5)
  14. svchost.exe nutzt 150k RAM
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (13)
  15. svchost.exe nutzt ~200000k
    Log-Analyse und Auswertung - 25.07.2012 (1)
  16. Wer nutzt den Trojan bei mir?
    Plagegeister aller Art und deren Bekämpfung - 07.06.2005 (1)
  17. svchost nutzt 100% cpu?!?!
    Plagegeister aller Art und deren Bekämpfung - 17.08.2004 (6)

Zum Thema chrome nutzt nur noch s.coldsearch - Hallo Gemeinde, irgendwo habe ich mir diesen nervigen s.coldsearch Hijacker eingefangen. Kann mir bitte jemand helfen den wieder loszuwerden. Habe schon mal logs mit Frst erstellt. FRST.txt Code: Alles auswählen - chrome nutzt nur noch s.coldsearch...
Archiv
Du betrachtest: chrome nutzt nur noch s.coldsearch auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.