| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Makrovirus "Berger Antriebstechnik"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
07.01.2016, 16:59
| #1 |
| |  Makrovirus "Berger Antriebstechnik" Hallo Helfer, am 19.12.15 habe ich eine mail mit dem Betreff "Bestellung" von der Firma Berges Antriebstechnik erhalten. Im Anhang befand sich ein word-Dokument, welches ich dummerweise geöffnet habe (ohne Textinhalt).Im Anschluß email gelöscht und Rechner Neustart. Habe dann erst zwei tage später erfahren dass ev. ein Makrovirus im Anhang beigefügt war. Habe in dieser Zeit öfters mal mit Word gearbeitet und einmal auch onlinebanking getätigt. einziges problem Adobe Reader hat nicht mehr funktioniert. ev wegen update da es nach Neustart wieder gut war weitere Probleme sind keine aufgetaucht bin dann nach langer suche ohne brauchbare Ergebnisse glücklicher weise auf euer Board gestoße. Jürgen , deeprybka hatte am 23.12.2015 die gleiche Anfrage und da sie auch für mich als Laie gut beschrieben waren bin ich den Anweisungen von ihm gefolgt. meinen Virenscanner (Avira free antivirus Produktversion 15.0.15.129 03.12.2015) Spybot zusätzlich überprüft. FRST 64bit erzeugt Adw Cleaner Protokoll Adw Cleaner ausgeführt TDSSKiller + Protokoll Anti-Malware ESTE Onlinescanner Problem: Wie kann ich sicher sein, dass ich mir keine Schadsoftware eingefangen habe? Welchen Schaden kann ein möglicher Trojaner anrichten? Könnte es beim Online-banking gefährlich werden?habe es ja benutzt (1-2 Tage danach) Sollte ich den Zugang von meiner Bank sperren lassen. Wäre über eine helfende Hand dankbar Mit freundlichen Grüßen Andreas Im Absatz FRST (die Erste) Addition ( die Erste) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
durchgeführt von Andreas (Administrator) auf OLIVER (04-01-2016 17:12:16)
Gestartet von C:\Users\Andreas\Downloads
Geladene Profile: Andreas (Verfügbare Profile: Andreas & MSSQL$SQLEXPRESS)
Platform: Windows 8.1 Pro with Media Center (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
() C:\Program Files (x86)\Weka\WEKA Launcher\launcherservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13677784 2014-09-29] (Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [WekaUpdateCenter] => C:\Program Files (x86)\Common Files\Weka\Update Manager\WekaUpdateManager.exe [198000 2012-03-01] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-18] (Electronic Arts)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2014-12-04] ()
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Spybot-S&D Cleaning] => C:\Tools\System\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe [960688 2015-02-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Policies\Explorer: []
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\MountPoints2: {0301ea6d-eaec-11e3-8040-c48508d4a372} - "F:\iStudio.exe"
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-08-24]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2013-03-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0CBAE8C9-0F58-427E-817D-95609070D6E2}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{C1373ACE-7D17-460E-98DE-31CEBF2DCF1E}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> DefaultScope {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL =
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> {B42DCA7D-7E55-4A79-85A0-AF94DD339325} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=BE0EFC29-92E5-4442-96C9-0FD1F9FC59C0&apn_sauid=5E7F585B-735A-4CF9-A53E-9AC092CDBF73
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL =
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-13] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-13] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default
FF NewTab: hxxps://www.google.de/
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-19] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Tools\Media\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2015-01-23] ( )
FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Andreas\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\11-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\askcom.xml [2013-02-08]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\englische-ergebnisse.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\gmx-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\lastminute.xml [2014-04-10]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\webde-suche.xml [2014-06-05]
FF Extension: Garmin Communicator - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-06-22]
FF Extension: GMX MailCheck - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\mailcheck@gmx.net [2015-12-17]
FF Extension: Avira Browser Safety - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\abs@avira.com [2015-12-31]
FF Extension: Adblock Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-01-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-09] [ist nicht signiert]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S4 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2013-12-26] (Autodesk)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [64848 2012-08-06] (Condusiv Technologies)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 launcherservice; C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe [140288 2010-03-03] () [Datei ist nicht signiert]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-18] (Electronic Arts)
S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [754288 2007-05-18] (CODEMASTERS)
R2 SDScannerService; C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [24400 2012-08-06] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [73552 2012-08-06] (Condusiv Technologies)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [72560 2007-05-18] (CODEMASTERS)
R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [77176 2007-05-18] (CODEMASTERS)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 stdriver; C:\Windows\system32\DRIVERS\stdriverx64.sys [33488 2014-03-03] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 SBIOSIO; \??\C:\Users\Andreas\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-04 17:12 - 2016-01-04 17:12 - 00028010 _____ C:\Users\Andreas\Downloads\FRST.txt
2016-01-04 17:11 - 2016-01-04 17:12 - 00000000 ____D C:\FRST
2016-01-04 17:10 - 2016-01-04 17:11 - 02370560 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe
2016-01-04 17:04 - 2016-01-04 17:04 - 00000000 ____D C:\AdwCleaner
2016-01-04 17:01 - 2016-01-04 17:01 - 01745920 _____ C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
2016-01-04 16:39 - 2016-01-04 16:45 - 00000000 ____D C:\Users\Andreas\Documents\A Desktopdateien
2016-01-04 15:13 - 2016-01-04 15:13 - 00052697 _____ C:\Users\Andreas\Downloads\RE_3100134490_8753513655_20160101.pdf
2015-12-29 18:47 - 2015-12-29 18:47 - 00532721 _____ C:\Users\Andreas\Downloads\Rechnung Elmar Lorch Neckarhalde 24.pdf
2015-12-29 17:44 - 2015-12-29 17:44 - 01976669 _____ C:\Users\Andreas\Downloads\Angebot Herrn Lorch Neckarhalde 24.pdf
2015-12-29 16:39 - 2015-12-29 16:39 - 01413613 _____ C:\Users\Andreas\Downloads\Rechnung Fam.Baltzer-Noak Giebelfenster.pdf
2015-12-29 16:36 - 2015-12-29 16:36 - 02689619 _____ C:\Users\Andreas\Downloads\Rundbogenfenster Neckarhalde 24.pdf
2015-12-29 10:10 - 2015-12-29 10:10 - 00122897 _____ C:\Users\Andreas\Downloads\schoenbuchhalbmarathon2013.pdf
2015-12-29 10:03 - 2015-12-29 10:03 - 00068182 _____ C:\Users\Andreas\Downloads\2007-05-13-Leinfelden-Echterdingen-07-05-13-schoenbuch-pdf.pdf
2015-12-28 16:27 - 2015-12-28 16:27 - 03614157 _____ C:\Users\Andreas\Downloads\2015Bilder-Fenster.pdf
2015-12-25 13:38 - 2015-12-25 13:38 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-25 13:38 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-12-25 13:34 - 2015-12-25 13:34 - 00002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-12-25 13:34 - 2015-12-25 13:34 - 00002019 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-12-25 13:34 - 2015-12-25 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-12-25 13:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-12-25 10:37 - 2015-12-25 10:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-12-25 10:33 - 2015-12-25 10:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Andreas\Downloads\spybot-2.4.40.exe
2015-12-23 19:24 - 2015-12-23 19:39 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\.minecraft
2015-12-23 19:24 - 2015-12-23 19:24 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft(1).exe
2015-12-23 19:24 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\java
2015-12-23 19:21 - 2015-12-23 20:19 - 00001470 _____ C:\Users\Andreas\Downloads\nativelog.txt
2015-12-23 19:21 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\Downloads\game
2015-12-23 19:21 - 2015-12-23 19:21 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft.exe
2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\tools
2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\runtime
2015-12-23 14:17 - 2015-12-23 14:17 - 00049289 _____ C:\Users\Andreas\Downloads\VR-GewinnSparen_13202006_vom_23.11.2015_20151223021734.pdf
2015-12-23 14:17 - 2015-12-23 14:17 - 00049195 _____ C:\Users\Andreas\Downloads\Mitteilung_13202006_vom_23.11.2015_20151223021732.pdf
2015-12-23 09:49 - 2015-12-23 09:49 - 00171255 _____ C:\Users\Andreas\Downloads\271183.pdf
2015-12-22 15:03 - 2015-12-22 15:03 - 00366243 _____ C:\Users\Andreas\Downloads\ViewProductAttachment-OpenFile
2015-12-22 11:23 - 2015-12-22 11:23 - 05601627 _____ C:\Users\Andreas\Downloads\kf_694_18-03-2015.pdf
2015-12-22 10:44 - 2015-12-22 10:44 - 00564782 _____ C:\Users\Andreas\Downloads\kf_614_hst_13-07-2012_06-03-2013_18-03-2015_18-03-2015.pdf
2015-12-22 10:36 - 2015-12-22 10:36 - 05513745 _____ C:\Users\Andreas\Downloads\bestellformular_kunststofffenster_28.05.2015_10-06-2015.pdf
2015-12-21 15:05 - 2015-12-21 15:05 - 00244231 _____ C:\Users\Andreas\Downloads\051001besonderer-einsatz-und-verarbeitung-farbiger-profile(1).pdf
2015-12-21 13:00 - 2015-12-21 13:00 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth(1).pdf
2015-12-21 11:34 - 2015-12-21 11:34 - 01597571 _____ C:\Users\Andreas\Downloads\Senioren_und_soziallagenbezogene_Gesundheitsfoerderung_und_Praevention(1).pdf
2015-12-21 11:29 - 2015-12-21 11:29 - 00434271 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen Teil 2.pdf
2015-12-16 10:38 - 2015-12-16 10:38 - 05821280 _____ C:\Users\Andreas\Downloads\3._arn_in-kurven_07-10-2014(1).pdf
2015-12-16 10:35 - 2015-12-16 10:35 - 03807865 _____ C:\Users\Andreas\Downloads\4._arna_in-kurven_07-10-2014(1).pdf
2015-12-16 10:29 - 2015-12-16 10:29 - 01977655 _____ C:\Users\Andreas\Downloads\2._arei_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03305335 _____ C:\Users\Andreas\Downloads\1._are_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03277743 _____ C:\Users\Andreas\Downloads\6._arr_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03121460 _____ C:\Users\Andreas\Downloads\5._arnr_in-kurven_07-10-2014(1).pdf
2015-12-16 10:25 - 2015-12-16 10:25 - 09742494 _____ C:\Users\Andreas\Downloads\ahf_95_classic_art_09-11-2015.pdf
2015-12-15 09:32 - 2015-12-15 09:32 - 00053266 _____ C:\Users\Andreas\Downloads\Kontoauszug_13202006__Nr.0112015_vom_30.11.2015_20151215093238.pdf
2015-12-15 09:31 - 2015-12-15 09:31 - 00058584 _____ C:\Users\Andreas\Downloads\Kontoauszug_1334000__Nr.0112015_vom_30.11.2015_20151215093143.pdf
2015-12-14 17:11 - 2015-12-14 17:11 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016(1).pdf
2015-12-14 13:43 - 2015-12-14 13:43 - 00730987 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz WESTANSICHT Alt 5.1akt Kopie v2016_powermacg5.pdf
2015-12-14 13:42 - 2015-12-14 13:42 - 00533986 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf
2015-12-14 13:40 - 2015-12-14 13:40 - 01366764 _____ C:\Users\Andreas\Downloads\04.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel.pdf
2015-12-14 13:40 - 2015-12-14 13:40 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf
2015-12-14 13:38 - 2015-12-14 13:38 - 01369220 _____ C:\Users\Andreas\Downloads\07.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel(1).pdf
2015-12-14 11:29 - 2015-12-14 11:29 - 00031481 _____ C:\Users\Andreas\Downloads\WTPG_teilweise_Selbstverantwortung.pdf
2015-12-14 11:28 - 2015-12-14 11:28 - 00042419 _____ C:\Users\Andreas\Downloads\WTPG_ambulant_betreute_WG.pdf
2015-12-14 11:25 - 2015-12-14 11:25 - 00129521 _____ C:\Users\Andreas\Downloads\WTPG_6.pdf
2015-12-14 11:24 - 2015-12-14 11:24 - 00405000 _____ C:\Users\Andreas\Downloads\WTPG_5.pdf
2015-12-14 11:23 - 2015-12-14 11:23 - 00662282 _____ C:\Users\Andreas\Downloads\WTPG_4.pdf
2015-12-14 11:22 - 2015-12-14 11:22 - 00580358 _____ C:\Users\Andreas\Downloads\WTPG_3.pdf
2015-12-14 11:21 - 2015-12-14 11:21 - 00410389 _____ C:\Users\Andreas\Downloads\WTPG_2.pdf
2015-12-14 11:20 - 2015-12-14 11:20 - 00323803 _____ C:\Users\Andreas\Downloads\WTPG_1.pdf
2015-12-14 11:16 - 2015-12-14 11:16 - 00273829 _____ C:\Users\Andreas\Downloads\beratung_karl.pdf
2015-12-14 11:16 - 2015-12-14 11:16 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab(1).pdf
2015-12-14 11:11 - 2015-12-14 11:11 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab.pdf
2015-12-14 11:08 - 2015-12-14 11:08 - 00357129 _____ C:\Users\Andreas\Downloads\falkenroth.pdf
2015-12-14 11:06 - 2015-12-14 11:06 - 00252951 _____ C:\Users\Andreas\Downloads\siegert.pdf
2015-12-14 11:02 - 2015-12-14 11:02 - 00212266 _____ C:\Users\Andreas\Downloads\stationaere_a_hilfe_hirt.pdf
2015-12-14 11:00 - 2015-12-14 11:00 - 00400182 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen_Teil2(1).pdf
2015-12-14 09:35 - 2015-12-14 09:35 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth.pdf
2015-12-10 09:18 - 2015-12-10 09:18 - 05507334 _____ C:\Users\Andreas\Downloads\bestellformular_aluminium-kunststoff-fenster_neu_2015_18-08-2015.pdf
2015-12-09 11:54 - 2015-12-09 11:54 - 00224529 _____ C:\Users\Andreas\Downloads\illbruck_de-de-tp652-.ab.01.10.15-web(1).pdf
2015-12-09 09:08 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 09:08 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 09:08 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-12-09 09:08 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-12-09 09:08 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 09:08 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-12-09 09:08 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 09:08 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-12-09 09:08 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 09:08 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 09:08 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-09 09:08 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 09:08 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-12-09 09:08 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-12-09 09:08 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-09 09:08 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-09 09:08 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-09 09:08 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-12-09 09:08 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-09 09:08 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-09 09:08 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-12-09 09:08 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 09:08 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 09:08 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 09:08 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 09:08 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-09 09:08 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-12-09 09:08 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-12-09 09:08 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-12-09 09:08 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-12-09 09:08 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-09 09:08 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-09 09:08 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-09 09:08 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 09:08 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-09 09:08 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-12-09 09:08 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-09 09:08 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-09 09:08 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-12-09 09:08 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 09:07 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-09 09:07 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 09:07 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-09 09:07 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-09 09:07 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-09 09:07 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-09 09:07 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 09:07 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-12-09 09:07 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-12-09 09:07 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 09:07 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 09:07 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 09:07 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 09:07 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-09 09:07 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-09 09:07 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-09 09:07 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-12-09 09:07 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-12-09 09:07 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-09 09:07 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-12-09 09:07 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-12-09 09:07 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-12-09 09:07 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-12-09 09:07 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-12-09 09:07 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-12-09 09:07 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-12-09 09:07 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 09:07 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 09:07 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-12-09 09:07 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-12-09 09:07 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 09:07 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-12-09 09:07 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 09:07 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 09:07 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 09:07 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 09:07 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 09:07 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-09 09:07 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 09:07 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-12-09 09:07 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 09:07 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2015-12-09 09:07 - 2015-10-11 07:34 - 00468824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 09:07 - 2015-10-11 07:34 - 00462168 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00443224 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00092504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00027992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-12-09 09:07 - 2015-10-10 19:41 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-12-09 09:07 - 2015-10-10 19:41 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2015-12-09 09:07 - 2015-10-10 19:40 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys
2015-12-09 09:07 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-12-09 09:07 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2015-12-09 09:07 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2015-12-09 09:07 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-12-09 09:07 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-09 09:07 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-12-09 09:07 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-12-08 13:29 - 2015-12-08 13:29 - 00244231 _____ C:\Users\Andreas\Downloads\051001besonderer-einsatz-und-verarbeitung-farbiger-profile.pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 02303160 _____ C:\Users\Andreas\Downloads\akf_724_s_13-08-2015(3).pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 01215831 _____ C:\Users\Andreas\Downloads\7._akf_kopplungen_03-08-2015(2).pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 00891194 _____ C:\Users\Andreas\Downloads\8._akf_verbreiterungen_03-08-2015(1).pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 00882530 _____ C:\Users\Andreas\Downloads\6._akf_anschluesse_03-08-2015(2).pdf
2015-12-08 10:54 - 2015-12-08 10:54 - 00659654 _____ C:\Users\Andreas\Downloads\Frühlingspost 2015(1).pdf
2015-12-08 10:27 - 2015-12-08 10:27 - 05234506 _____ C:\Users\Andreas\Downloads\ggt-preisliste-web(1).pdf
2015-12-08 10:04 - 2015-12-08 10:04 - 00948210 _____ C:\Users\Andreas\Downloads\PREISLISTE 2015(1).pdf
2015-12-08 10:01 - 2015-12-08 10:01 - 00799222 _____ C:\Users\Andreas\Downloads\produktbersicht 2014.pdf
2015-12-08 09:58 - 2015-12-08 09:58 - 00806638 _____ C:\Users\Andreas\Downloads\Newsletter Oktober 2015(2).pdf
2015-12-08 08:52 - 2015-12-08 08:52 - 01369220 _____ C:\Users\Andreas\Downloads\07.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel.pdf
2015-12-07 12:06 - 2015-12-07 12:06 - 00599138 _____ C:\Users\Andreas\Downloads\op2015(1).pdf
2015-12-07 12:04 - 2015-12-07 12:04 - 00659654 _____ C:\Users\Andreas\Downloads\Frühlingspost 2015.pdf
2015-12-07 12:03 - 2015-12-07 12:03 - 00806638 _____ C:\Users\Andreas\Downloads\Newsletter Oktober 2015(1).pdf
2015-12-07 12:02 - 2015-12-07 12:02 - 00599138 _____ C:\Users\Andreas\Downloads\op2015.pdf
2015-12-07 11:27 - 2015-12-07 11:27 - 01553776 _____ C:\Users\Andreas\Downloads\Matrix_Essstörungen1.pdf
2015-12-07 11:27 - 2015-12-07 11:27 - 00028416 _____ C:\Users\Andreas\Downloads\Leitfaden HA.pdf
2015-12-07 11:08 - 2015-12-07 11:08 - 00304596 _____ C:\Users\Andreas\Downloads\Hausarbeit FERTIG.pdf
2015-12-07 11:00 - 2015-12-07 11:00 - 02629019 _____ C:\Users\Andreas\Downloads\Wißmann2010(1).pdf
2015-12-07 10:59 - 2015-12-07 10:59 - 00490323 _____ C:\Users\Andreas\Downloads\demenz_bausteine_14-2012(1).pdf
2015-12-07 10:57 - 2015-12-07 10:57 - 02629019 _____ C:\Users\Andreas\Downloads\Wißmann2010.pdf
2015-12-07 10:54 - 2015-12-07 10:55 - 06132873 _____ C:\Users\Andreas\Downloads\Michell-Auli2011.pdf
2015-12-07 10:50 - 2015-12-07 10:50 - 00490323 _____ C:\Users\Andreas\Downloads\demenz_bausteine_14-2012.pdf
2015-12-07 10:46 - 2015-12-07 10:46 - 00400182 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen_Teil2.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-04 17:11 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-04 16:11 - 2013-12-26 16:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-04 16:11 - 2013-02-18 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-04 15:59 - 2014-02-04 18:18 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-04 11:16 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-01 13:14 - 2013-09-30 05:14 - 02044468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-01 13:14 - 2013-09-30 04:58 - 00872284 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-01 13:14 - 2013-09-30 04:58 - 00193862 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-31 11:17 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-31 11:05 - 2012-11-29 13:22 - 00000000 ____D C:\Users\Andreas\AppData\Local\Adobe
2015-12-29 15:03 - 2013-08-27 23:56 - 00033280 ___SH C:\Users\Andreas\Thumbs.db
2015-12-28 10:36 - 2012-11-29 12:12 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3658493019-1111599900-2463904087-1003
2015-12-28 10:12 - 2012-08-24 02:35 - 00000000 ____D C:\ProgramData\WinClon
2015-12-28 10:09 - 2015-05-03 14:58 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-28 10:09 - 2014-01-27 20:36 - 00000000 __RDO C:\Users\Andreas\SkyDrive
2015-12-28 10:08 - 2013-11-25 22:32 - 00000000 ____D C:\Users\Andreas
2015-12-26 15:31 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-26 09:48 - 2015-04-19 06:58 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-26 09:48 - 2015-04-19 06:58 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-25 13:37 - 2014-06-22 12:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-12-25 13:34 - 2013-01-01 16:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-25 10:40 - 2013-08-22 14:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2015-12-23 15:38 - 2014-02-06 16:14 - 00000000 ____D C:\ProgramData\CanonIJ
2015-12-23 09:40 - 2014-02-26 12:00 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2015-12-21 11:24 - 2013-02-23 19:59 - 00000000 ____D C:\ProgramData\Origin
2015-12-21 09:47 - 2013-10-06 13:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-21 09:47 - 2012-12-31 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-14 09:55 - 2012-12-18 13:06 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\ISSPLUS
2015-12-14 09:52 - 2012-12-18 12:59 - 00000000 ____D C:\MoveIT
2015-12-11 11:05 - 2013-01-26 19:44 - 00677376 ___SH C:\Users\Andreas\Desktop\Thumbs.db
2015-12-11 10:39 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-12-11 09:49 - 2013-08-22 15:44 - 05429400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 09:35 - 2014-08-24 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 09:35 - 2013-01-01 17:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 09:34 - 2014-08-24 20:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 09:34 - 2014-08-24 20:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 09:32 - 2013-09-16 15:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-09 09:26 - 2012-12-17 19:31 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-07 09:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-03 18:34 - 2015-11-03 18:35 - 98892838 _____ () C:\Program Files (x86)\BeamNG-Techdemo-0.3-setup.zip
2012-11-29 12:05 - 2014-03-10 10:59 - 0142434 _____ () C:\Users\Andreas\AppData\Roaming\AbsoluteReminder.xml
2014-03-03 09:25 - 2014-03-03 09:25 - 0001167 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt
2014-03-03 09:25 - 2014-03-03 09:25 - 0000000 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-12-26 18:42 - 2014-06-22 13:11 - 0007607 _____ () C:\Users\Andreas\AppData\Local\Resmon.ResmonCfg
2014-11-03 11:28 - 2014-11-03 11:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-24 02:39 - 2012-08-08 05:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-08-24 02:39 - 2012-08-07 11:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml
2015-01-01 21:37 - 2015-01-01 21:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Andreas\AppData\Local\Temp\avgnt.exe
C:\Users\Andreas\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-28 10:36
==================== Ende von FRST.txt ============================
Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von Andreas (2016-01-04 17:13:04)
Gestartet von C:\Users\Andreas\Downloads
Windows 8.1 Pro with Media Center (X64) (2013-11-26 08:00:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3658493019-1111599900-2463904087-500 - Administrator - Disabled)
Andreas (S-1-5-21-3658493019-1111599900-2463904087-1003 - Administrator - Enabled) => C:\Users\Andreas
Gast (S-1-5-21-3658493019-1111599900-2463904087-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3658493019-1111599900-2463904087-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
AMU (HKLM-x32\...\de.a2c.bafa.antragsmanager.unternehmer) (Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle)
AMU (x32 Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle) Hidden
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
AutoCAD 2009 - Deutsch (HKLM\...\AutoCAD 2009 - Deutsch) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2009 - Deutsch (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
BeamNG-Techdemo-0.3 (remove only) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\BeamNG-Techdemo-0.3) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX870 series Benutzerregistrierung (HKLM-x32\...\Canon MX870 series Benutzerregistrierung) (Version: - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - )
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.9.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.10.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER Einnahme-Überschussrechnung 2013 pro (HKLM-x32\...\Einnahme-Überschussrechnung 2013 pro_is1) (Version: 1.0 - DATA BECKER GmbH & Co. KG)
DiRT (HKLM-x32\...\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}) (Version: 1.00.0000 - Codemasters)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
Elevated Installer (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Free Studio version 5.9.0.1212 (HKLM-x32\...\Free Studio_is1) (Version: 5.9.0.1212 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPS Master 2.0.14 (HKLM-x32\...\GPS Master_is1) (Version: 1.0 - GPS Master)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Handwerksbüro X22-Datenübernahme (HKLM-x32\...\{AF7E45F7-DAF6-4DEF-B439-B334D7F43942}) (Version: 1.00.0076 - WEKA)
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IntelliMemory (HKLM\...\{B506207A-C977-48B6-A14F-2C7E98EF0BE4}) (Version: 1.0.26 - Condusiv Technologies)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{F2C6E9F1-8F35-42A0-A9CA-E6C94D92A86C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-Bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2012 (HKLM\...\{7647B46D-D4E6-43A5-AC9D-0BAA28C63271}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
Mozilla Thunderbird 17.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0 (x86 de)) (Version: 17.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\MyFreeCodec) (Version: - )
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Nero 8 (HKLM-x32\...\{BE282C23-5484-47FF-B2C1-EBEA5C891031}) (Version: 8.3.29 - Nero AG)
Nero BackItUp 12 Essentials (HKLM-x32\...\{0E3368AC-FB29-4C5E-938E-FA11C12D035E}) (Version: 12.0.01200 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Panzer Elite Action - Dunes Of War (HKLM-x32\...\{577D1191-A6DF-4534-8D97-805BCBAC5D1D}_is1) (Version: - Nordic Games)
Panzer Elite Action - Fields Of Glory (HKLM-x32\...\{1DDAD87D-576E-43DE-8814-65ACC87CFED6}_is1) (Version: - Nordic Games)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge)
phonostar-Player Version 3.03.5 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.14 - Samsung Electronics CO., LTD.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
sirAdos Datenmanager Januar 2014 (HKLM-x32\...\{CC9E22A1-8012-493E-9BEC-381189F8F152}) (Version: 1.3.615 - sirAdos)
Snagit 11 (HKLM-x32\...\{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}) (Version: 11.0.0 - TechSmith Corporation)
SoundTap Audiostream-Rekorder (HKLM-x32\...\SoundTap) (Version: 2.27 - NCH Software)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2012 (HKLM-x32\...\{1A4C9497-7D4B-466D-8D3A-FE0D925386DC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.0.0 - Synaptics Incorporated)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version: - Atari)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VRally3 (HKLM-x32\...\VRally3_is1) (Version: - )
WEKA DATANORM 3.6 (HKLM-x32\...\{124C8673-FB8C-426D-A5BA-2A7400EC5994}) (Version: - )
WEKA Handwerksbüro 1.22.1.1 (HKLM-x32\...\weka-hwb-X22) (Version: X22 - WEKA)
WEKA Handwerksbüro X22 - 11.14 (HKLM-x32\...\de.bwso.hwb.Hwb.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (HKLM-x32\...\de.bwso.hwb.HwbMulti.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA Handwerksbüro X22 - 11.14 (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA LauncherService 1.2 (HKLM-x32\...\3599-1427-7716-9681) (Version: - )
WEKA Update Center (HKLM-x32\...\{A8217164-542A-4C4B-9031-2AB445CA314A}) (Version: 1.00.00.0003 - WEKA MEDIA GmbH & Co. KG)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Windows-Treiberpaket - Sunplus (SPCP825K) Ports (07/01/2010 1.0.9.0) (HKLM\...\20986CDBFBCA238AA12329A115B1CC9D88E9C06C) (Version: 07/01/2010 1.0.9.0 - Sunplus)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
XnView 1.99.6 (HKLM-x32\...\XnView_is1) (Version: 1.99.6 - Gougelet Pierre-e)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {064796D5-6EFE-4B6D-A6F2-C50AFB733BF4} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-08-06] (SEC)
Task: {066FD32E-526F-4152-8F54-1896683DE177} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {0C478103-75E9-47F3-B24C-99AEDD11111E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1C0C6668-0270-462C-A41A-BA63A59A5CC5} - System32\Tasks\fvw3_1zl0tlux => C:\windows\TEMP\fvw3_k81mor7p.bat
Task: {1D4B8A78-1690-435C-8D6B-2E52F1CF5528} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-08-18] (Samsung Electronics CO., LTD.)
Task: {23B69281-D5F6-4E21-89D0-2B63E4A1F11E} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {34E6A3BC-6282-4F88-8D82-823135A2C919} - System32\Tasks\fvw3_av2pyhbc => C:\windows\TEMP\fvw3_p3h8wcih.bat
Task: {39F4E803-4332-40D3-85BE-4DB071C9B32C} - System32\Tasks\{63161025-A1C7-4386-A44C-B193CF3D00E5} => pcalua.exe -a C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb\GMX_MailCheck_ClickOnce.exe -d C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb
Task: {3A2ED25E-2FB1-46B4-87D0-539222DA8DDD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {4BBDF6D8-ED26-4E8F-B6A1-99762E238F32} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {5384A262-92B6-48EC-AF30-C5A370864CE8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {7BBAED33-F6CB-43A7-B397-FB3CBF40962F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {8C6FBA75-C331-4694-B87A-BC734E21936F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-andreas-woelfle@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {911C4932-0B21-48B1-8C62-6859B7C1FB98} - System32\Tasks\fvw3_1mwm5xo4 => C:\windows\TEMP\fvw3_rqztrkf1.bat
Task: {91D39EA6-AD37-4EA8-8E1F-4468910D3869} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-19] (Adobe Systems Incorporated)
Task: {98987C6A-1276-41DD-AD76-25123DA08F20} - System32\Tasks\fvw3_kcm2lata => C:\windows\TEMP\fvw3_qgb9ejzg.bat
Task: {99BE832F-AC40-4DD1-9661-5C22AEED9282} - System32\Tasks\fvw3_dx9jiowd => C:\windows\TEMP\fvw3_o9bredg3.bat
Task: {9C5A89A8-0063-45EB-BC35-7259812BE801} - System32\Tasks\fvw3_rov77k4o => C:\windows\TEMP\fvw3_48r36voi.bat
Task: {ACD48289-DE50-487C-8893-DFC82D9C97CA} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-10] (Samsung Electronics CO., LTD.)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C9A2E220-897F-4F25-9014-D2A5A02F6026} - System32\Tasks\fvw3_ubbskhag => C:\windows\TEMP\fvw3_mhsqjyso.bat
Task: {CE69CB7B-E9EF-46E5-B27E-57A383D83D3A} - System32\Tasks\fvw3_emppjlpd => C:\windows\TEMP\fvw3_y820i7ze.bat
Task: {E2C1EFFF-A1B3-46F2-AEB1-0E4979FC84B6} - System32\Tasks\fvw3_fc8bp7ib => C:\windows\TEMP\fvw3_xw12iuq6.bat
Task: {EF2D71FE-5E65-4B9C-B410-05659FAA692D} - System32\Tasks\fvw3_9c6qebtr => C:\windows\TEMP\fvw3_smop7nzg.bat
Task: {EFA6F466-F044-40BE-BBD3-A23D567E8AE7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F5256FB0-D739-4735-AA28-844B82416C50} - System32\Tasks\fvw3_y8u0cpcj => C:\windows\TEMP\fvw3_i81jm8r1.bat
Task: {F938041D-0CFD-43E5-945C-D3D0646C07D8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F94F8D43-48EC-4A5C-9FCC-DA90725F1D07} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-11-03 11:25 - 2013-11-11 04:27 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2008-09-09 11:22 - 2008-09-09 11:22 - 00022016 _____ () C:\WINDOWS\System32\sst1cl6.dll
2014-02-04 18:18 - 2009-09-08 13:12 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-01-15 16:47 - 2010-03-03 15:03 - 00140288 _____ () C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Tools\Media\Notepad++\NppShell_05.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-17 11:09 - 2014-12-04 10:38 - 00042496 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2014-08-24 20:36 - 2014-04-08 08:13 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2014-10-10 20:35 - 2014-10-10 20:35 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2016-01-04 17:01 - 2016-01-04 17:01 - 01745920 _____ () C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
2015-01-15 16:47 - 2015-01-15 16:47 - 00109056 _____ () C:\Program Files (x86)\Weka\WEKA Launcher\.install4j\i4jinst.dll
2015-12-25 13:34 - 2014-05-13 12:04 - 00109400 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00167768 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00416600 _____ () C:\Tools\System\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-25 13:34 - 2012-08-23 10:38 - 00574840 _____ () C:\Tools\System\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-25 13:34 - 2012-04-03 17:06 - 00565640 _____ () C:\Tools\System\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-08-24 20:36 - 2014-04-08 08:08 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext.dll
2014-11-03 11:29 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2014-03-09 12:10 - 00000900 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Autodesk Licensing Service => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SDScannerService => 3
MSCONFIG\Services: SDUpdateService => 3
MSCONFIG\Services: SDWSCService => 3
HKLM\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "WekaUpdateCenter"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "AdobeBridge"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E57D093D-23BE-4F77-9FE9-6F2955099C74}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{022638D9-68C7-499E-8779-8BE231349811}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{3D94CD91-C46E-4257-AFB4-0AC6D4F792EE}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [UDP Query User{969D4125-127F-4843-BBA4-49E1BC41023C}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [TCP Query User{5FFCF8EC-A5E2-4CE1-A792-034E7A7248C1}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [{776E44D0-898E-459F-85B7-8951E9B2CD19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{446FFFFD-EF97-43D6-9283-1469B1F6D4E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{023E90DA-A9F5-4CE8-9DA5-AF65B6C2C5F3}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{C6840099-6C64-44AB-A765-5AEF62C06543}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{214D6990-8124-46C8-8BCA-A462010E23C1}] => (Allow) LPort=1900
FirewallRules: [{D379275B-B611-47CF-8C8E-4028C1DA0DC5}] => (Allow) LPort=2869
FirewallRules: [{B1E7914B-EE0B-4F90-B3FF-4A2D94020834}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B246AA25-94FA-44A0-BC33-B1AD84A64E38}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{66A6F094-3B80-40EB-B0F9-99B5B90DFAD9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{A9F3D847-5291-47E6-AD52-8A96DB503987}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [UDP Query User{41F7081D-4F8B-40E6-A5E0-9A2A5A99D644}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [TCP Query User{929F69C4-02A4-4371-AB84-FB1B08F470A7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9470EF6A-5F5B-45AE-B64C-CD53059503DB}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{73DD42E9-6DF5-4A56-9F8C-583639E0220E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{8B514598-2843-4118-B8F8-A0BDFCD35C27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{076DD059-1B7F-4E05-85C5-0FEFB9936868}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{55DA511A-CB94-43EF-B4C3-1226496AB4AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{7C5F8CAD-BA1E-49FE-B784-53BCCFC25C64}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{477D68FA-4343-4154-AEF2-D2CD027D8371}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{82747307-574E-4A60-B87A-969FBB0DCD1F}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{A70959CA-E670-41D3-B8D9-CA5FCDE02931}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{8DFED69A-677D-4CE5-A94D-0CE3292050D8}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{4B0F9AF1-F2E2-45B7-8492-CA47D123C10B}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{53204618-E591-4E3E-9C81-7080EB3FADC1}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [UDP Query User{29DB62F4-6B27-497A-ACC5-1D5B2BF4A030}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{7D4EAA75-92E8-4F64-9882-6CA933D6480D}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{65313E84-34CD-4458-911A-2E040EBCC83A}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{E6A62001-1882-4154-AE24-D087E855B823}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{F05B8AD7-125C-41C1-A20A-40ED1BCADCC2}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [{2C909032-398A-46FD-83DC-AF39131A4992}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{1BF29DAA-7BF1-4CF2-8931-524E317EFAA3}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{805A1286-AE32-4CFF-8ADF-1330A5A7F6B6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{9ECC36F3-66E0-4E25-B7EF-089877F027EA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{0F5E95A8-4C95-4D6B-A648-1EF18AC74769}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{51DB62F3-E033-4AD7-AF11-DF595A68E2A1}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{1D2CB13A-75DB-4331-A1C6-BA8E785770B9}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{1FA25717-7A9B-4494-BB83-870162589F35}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{909D2F1E-2B6D-40A5-BAA1-72A4906B9E94}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{79A5F39A-F6B3-4322-8268-F9A9F570716F}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9A3F8BCA-6DE5-410E-96F1-980515C8A785}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{FE127B2E-61C4-4065-9527-97EC6617CE8D}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{C2F5BF75-9441-4FB1-A14A-ABA89AC8EBD5}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{850B8798-B0F4-4F90-9BEF-63F1805A6087}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{47E06B7E-4B60-4444-B042-E6FA577CF60F}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [TCP Query User{F1D1C2F1-0914-48A3-8D2D-FE8F739BC850}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [UDP Query User{8A4B326C-BEEB-43FB-AC27-35A9E634A181}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [{FD9BEC80-8F7F-48D5-8438-4431993E9183}] => (Allow) LPort=50248
FirewallRules: [{92CB16C5-48FA-499A-A0A7-B70C2B873F9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1605453B-F84D-48AC-9238-8679CF8B2AC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50078D83-F3B9-4EDC-AD6F-67799BF08033}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{773EB3DD-0783-4DA9-AB05-02F13862A106}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{00052CCD-CDB8-4B0F-9FF5-65D19FDA6EA5}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{8761E1F7-DFA1-4AB5-981C-05E69D18C334}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{2C7F9478-3AC9-434D-8795-916B542A168E}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{B98E81AB-784F-403B-81DD-F5FA9751A26C}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{1BA3AEE4-31E5-4E4A-83FC-49EA4D02F651}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [UDP Query User{5E43DE58-3515-488D-82B8-255F65925A5F}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [{B5DCD1E8-5162-4A8D-929F-04DD8C7A7D7B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{861976C2-A93A-44A3-B0F6-88C2733725B0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{255F4592-3F05-42CA-8F0F-47212DAF4CA1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EEA4923D-649A-46C4-B6B7-1A625426D849}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2347BA7F-8A58-48F0-A589-58DE813740E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81E26DFC-D188-48B6-9550-A7D4A4F5B198}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
31-12-2015 11:16:39 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/31/2015 12:34:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/31/2015 12:29:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0x7e8
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5
Error: (12/31/2015 11:22:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/28/2015 11:42:49 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/28/2015 10:37:28 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/28/2015 10:12:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0xfb8
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5
Error: (12/28/2015 10:08:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 16.1.0.0, Zeitstempel: 0x521e80f5
Name des fehlerhaften Moduls: MurocApi.dll, Version: 16.1.0.0, Zeitstempel: 0x521e7ff7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026570
ID des fehlerhaften Prozesses: 0x534
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5
Error: (12/28/2015 10:07:52 AM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (12/28/2015 10:07:52 AM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (12/25/2015 02:05:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Systemfehler:
=============
Error: (01/01/2016 01:12:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.
Error: (01/01/2016 01:11:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.
Error: (01/01/2016 01:11:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.
Error: (12/28/2015 10:12:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/26/2015 03:31:05 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
Error: (12/26/2015 03:31:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 26.12.2015 um 00:10:29 unerwartet heruntergefahren.
Error: (12/25/2015 10:40:31 AM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
Error: (12/23/2015 03:06:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (12/23/2015 09:37:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/23/2015 09:35:46 AM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8079.39 MB
Verfügbarer physikalischer RAM: 4048.39 MB
Summe virtueller Speicher: 10383.39 MB
Verfügbarer virtueller Speicher: 5523.41 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:378.94 GB) (Free:147.67 GB) NTFS
Drive d: (Daten) (Fixed) (Total:292.97 GB) (Free:161.07 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 50960A65)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
| Themen zu Makrovirus "Berger Antriebstechnik" |
| antivirus, avira, bergers antriebstechnik, bonjour, canon, desktop, device driver, dnsapi.dll, doc-datei, ebanking, email, excel, failed, firefox, flash player, frage, google, homepage, makroviren, mozilla, mp3, problem, realtek, registry, safer networking, scan, schadsoftware eingefangen, senioren, svchost.exe, system, trojaner, updates, usb, windows, wiso |
Baum-Darstellung