Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 21.03.2016, 13:22   #1
SirTobi
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Liebes Trojaner Board,
bei mir häufen sich die Probleme und irgendwie werde ich sie nicht mehr los. Ich habe versucht mich an Eure Anleitung zu orientieren und habe ein paar Log-Dateien erstellt. Es fing an mit Patched.Ren.Gen, angeblich immer entfernt von meiner Virusprogramm, aber dann doch wieder aufgetaucht. Vorhin ist dann Luhe.Fiha.A. dazugekommen und jetzt bekomme ich langsam Angst.

Leider bin ich selber nur Nutzer und steige bei dieser Komplexität langsam aus, wenn ich also etwas vergessen habe oder mir nicht mehr zu helfen ist, dann einfach melden.
Danke für Eure Unterstützung:

Gruß Tobias

FRST
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Nutzer (Administrator) auf NUTZER-HP (21-03-2016 12:43:44)
Gestartet von C:\Users\Nutzer\Downloads
Geladene Profile: Nutzer (Verfügbare Profile: Nutzer & Tine & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(IPAS GmbH) C:\Program Files (x86)\IPAS GmbH\ComBridge Studio\bin\CemiService.exe
(IPAS GmbH) C:\Program Files (x86)\IPAS GmbH\ComBridge Studio\bin\CBMCGSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
() C:\Windows\System32\fpCSEvtSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SESDBN.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SEPWDN.EXE
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SEPSPZ.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\ooditray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\Nutzer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(© 2015 Microsoft Corporation) C:\Users\Nutzer\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(Mindjet) C:\Program Files (x86)\Mindjet\MindManager 14\MmReminderService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Axentra Corporation) C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe
(Synology Inc.) C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Synology Inc.) C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Synology Inc.) C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Dropbox, Inc.) C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.19020.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16719_none_11647d1561f368c0\TiWorker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
 
 
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SEQLU] => C:\Program Files\EPSON_P2\Printer Software\SEQLUZ.EXE [950704 2012-11-16] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SESMPSP] => C:\Program Files\EPSON_P2\Status Monitor\SEPSPZ.EXE [459184 2012-11-16] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2014-08-20] (Broadcom Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-03-31] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe [9574112 2015-12-09] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [6360824 2015-08-28] (O&O Software GmbH)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2015-09-09] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2014-10-16] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2010-01-18] (CANON INC.)
HKLM-x32\...\Run: [MMReminderService] => C:\Program Files (x86)\Mindjet\MindManager 14\MMReminderService.exe [42312 2013-09-06] (Mindjet)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HipServ Agent] => C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe [2722920 2014-01-27] (Axentra Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [14952 2016-02-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [Amazon Cloud Player] => C:\Users\Nutzer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [761064 2015-06-29] (Adobe Systems Incorporated)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [Dropbox Update] => C:\Users\Nutzer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [BingSvc] => C:\Users\Nutzer\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\MountPoints2: {132320fd-603f-11e5-9c01-028037ec0200} - "D:\LaunchU3.exe" -a
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2015-08-28] (O&O Software GmbH)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe [2015-12-30] ()
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2016-03-20]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
 
==================== Internet (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 
Tcpip\..\Interfaces\{00e337c2-2a81-46a1-963a-31f2294d9825}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{87dc13c9-ca95-45c6-9efe-5a7f4e8c2580}: [DhcpNameServer] 192.168.14.1 192.168.14.1
Tcpip\..\Interfaces\{b63e91dc-3102-4765-8651-9a0a6546b831}: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{e93d9ec1-d8cf-4d32-af98-e4036ddd5a1d}: [NameServer] 139.7.30.126 139.7.30.125
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
hxxp://www.fibercheck.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> 51B8090724154198AC9D55380858D24C URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=2dea3aaf-fd01-4f6d-8b86-de643d5aaf49&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=14/05/2013&type=hp1000
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {2F241019-B5B5-4A3B-9777-05796CC07CE4} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Keine Datei
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll [2013-09-06] (Mindjet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-01-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-28] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D122814-AE3372CAF8274412FA2F&form=CONMHP&conlogo=CT3330942
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Homepage: hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de
www.google.de
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-08-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3737527253-1174571278-2646331852-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-09-29] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\searchplugins\bingp.xml [2014-11-09]
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\searchplugins\google-images.xml [2014-06-19]
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\searchplugins\google-maps.xml [2014-06-19]
FF Extension: Fox!Box - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2015-05-29]
FF Extension: Avira Browser Safety - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\abs@avira.com [2016-03-16]
FF Extension: Bing Search - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-01-20]
FF Extension: HP Detect - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-08-22] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-08-06] [ist nicht signiert]
FF HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\extensions\cliqz@cliqz.com => nicht gefunden
 
Chrome: 
=======
CHR Profile: C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-07]
CHR Extension: (Google Docs) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-07]
CHR Extension: (Google Drive) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-07]
CHR Extension: (YouTube) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-03-07]
CHR Extension: (Google Tabellen) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-07]
CHR Extension: (Avira Browserschutz) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-03-15]
CHR Extension: (Google Docs Offline) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-07]
CHR Extension: (Google Mail) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-07]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
 
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2288384 2015-12-24] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 CBEIBnetIPService; C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\CemiService.exe [249856 2009-09-16] (IPAS GmbH) [Datei ist nicht signiert]
R2 CBStudioMCGService; C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\CBMCGSvc.exe [503808 2009-09-16] (IPAS GmbH) [Datei ist nicht signiert]
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287712 2015-10-06] ()
R2 fpCsEvtSvc; C:\Windows\system32\fpCSEvtSvc.exe [13824 2015-12-09] ()
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-11-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-11-01] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe [712432 2015-12-09] ()
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7766264 2015-08-28] (O&O Software GmbH)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2015-12-30] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2015-12-30] ()
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [536848 2012-03-21] ()
R2 SESMPWD; C:\Program Files\EPSON_P2\Status Monitor\SEPWDN.EXE [155568 2012-11-16] (SEIKO EPSON CORPORATION)
R2 SESMSDB; C:\Program Files\EPSON_P2\Status Monitor\SESDBN.EXE [343472 2012-11-16] (SEIKO EPSON CORPORATION)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [24224 2016-02-26] (Avira Operations GmbH & Co. KG)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-03-31] (IDT, Inc.) [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-03] (Synaptics Incorporated)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2014-02-25] ()
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [53248 2015-12-09] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580144 2015-08-06] (WiseCleaner.com)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2014-08-20] (Broadcom Corporation) [Datei ist nicht signiert]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
 
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
R3 ARCVCAM; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-07-29] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-07-29] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-07-29] (BitDefender)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-11] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-11] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [208192 2015-12-24] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7480496 2013-09-13] (Broadcom Corporation)
R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2015-01-06] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2015-01-06] (BitDefender LLC)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468752 2014-07-28] (Intel Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.99.0\gzflt.sys [155912 2015-12-09] (BitDefender LLC)
R3 h36wgps; C:\Windows\system32\DRIVERS\h36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-02] (REALiX(tm))
R3 johci; C:\Windows\System32\drivers\johci.sys [26208 2013-11-06] (JMicron Technology Corp.)
S3 KOBCCEX; C:\Windows\System32\drivers\KOBCCEX.sys [25344 2009-10-08] (KOBIL Systems GmbH) [Datei ist nicht signiert]
S3 massfilter_LTE; C:\Windows\System32\drivers\massfilter_LTE.sys [18456 2011-04-28] (HandSet Incorporated)
S3 massfilter_LTE; C:\Windows\SysWOW64\drivers\massfilter_LTE.sys [15896 2011-04-28] (HandSet Incorporated)
R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185088 2015-12-02] (Intel Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2015-08-28] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2015-08-28] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2015-08-28] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2015-08-28] (O&O Software GmbH)
S3 pmxdrv; C:\windows\system32\drivers\pmxdrv.sys [31152 2013-09-01] ()
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [28624 2015-12-30] () [Datei ist nicht signiert]
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [700128 2015-11-13] (Sunplus)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102576 2015-08-10] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25904 2015-08-10] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [701232 2015-08-10] ()
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-10-16] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-12-09] (HP)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2015-12-23] (wisecleaner.com)
R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [284912 2013-11-25] (Ericsson AB)
S3 zgdcat; C:\Windows\System32\DRIVERS\zgdcat.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcat; C:\Windows\SysWOW64\DRIVERS\zgdcat.sys [113168 2011-04-28] (ZTE Incorporated)
S3 zgdcdiag; C:\Windows\System32\DRIVERS\zgdcdiag.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcdiag; C:\Windows\SysWOW64\DRIVERS\zgdcdiag.sys [113168 2011-04-28] (ZTE Incorporated)
S3 zgdcmdm; C:\Windows\System32\DRIVERS\zgdcmdm.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcmdm; C:\Windows\SysWOW64\DRIVERS\zgdcmdm.sys [113168 2011-04-28] (ZTE Incorporated)
S3 zgdcnet; C:\Windows\System32\DRIVERS\zgdcnet.sys [163352 2011-04-28] (ZTE Incorporated)
S3 zgdcnet; C:\Windows\SysWOW64\DRIVERS\zgdcnet.sys [138264 2011-04-28] (ZTE Incorporated)
S3 zgdcnmea; C:\Windows\System32\DRIVERS\zgdcnmea.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcnmea; C:\Windows\SysWOW64\DRIVERS\zgdcnmea.sys [113168 2011-04-28] (ZTE Incorporated)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
 
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 
==================== Ein Monat: Erstellte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2016-03-21 12:43 - 2016-03-21 12:44 - 00049406 _____ C:\Users\Nutzer\Downloads\FRST.txt
2016-03-21 12:43 - 2016-03-21 12:43 - 00000000 ____D C:\FRST
2016-03-21 12:42 - 2016-03-21 12:43 - 02374144 _____ (Farbar) C:\Users\Nutzer\Downloads\FRST64.exe
2016-03-21 12:29 - 2016-03-21 12:29 - 00016148 _____ C:\WINDOWS\system32\NUTZER-HP_Nutzer_HistoryPrediction.bin
2016-03-21 09:45 - 2016-03-21 09:45 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-15 10:00 - 2016-03-15 10:00 - 00184296 _____ C:\Users\Nutzer\Downloads\Umsaetze_KtoNr142332600_EUR_15-03-2016_1000.CSV
2016-03-14 12:09 - 2016-03-14 12:10 - 00010487 _____ C:\Users\Nutzer\Downloads\FiberC_elster_14.03.2016_12.09.pfx
2016-03-09 11:45 - 2016-02-23 15:53 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 11:45 - 2016-02-23 15:52 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-09 11:45 - 2016-02-23 15:51 - 00633184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-03-09 11:45 - 2016-02-23 15:51 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 11:45 - 2016-02-23 15:50 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 11:45 - 2016-02-23 15:48 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 11:45 - 2016-02-23 15:48 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-09 11:45 - 2016-02-23 15:48 - 01123952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-09 11:45 - 2016-02-23 15:41 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 11:45 - 2016-02-23 15:41 - 00299600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-03-09 11:45 - 2016-02-23 15:41 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-03-09 11:45 - 2016-02-23 15:40 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-03-09 11:45 - 2016-02-23 15:38 - 00272752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 11:45 - 2016-02-23 15:36 - 00080128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-03-09 11:45 - 2016-02-23 15:11 - 00781984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 11:45 - 2016-02-23 15:11 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-09 11:45 - 2016-02-23 15:11 - 00103776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-03-09 11:45 - 2016-02-23 15:08 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-09 11:45 - 2016-02-23 15:07 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-09 11:45 - 2016-02-23 14:39 - 00607416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 11:45 - 2016-02-23 14:30 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 11:45 - 2016-02-23 14:25 - 01085632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-09 11:45 - 2016-02-23 14:23 - 00952968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 11:45 - 2016-02-23 14:21 - 00529456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 11:45 - 2016-02-23 14:21 - 00141152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 11:45 - 2016-02-23 14:11 - 00249976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-03-09 11:45 - 2016-02-23 14:11 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-03-09 11:45 - 2016-02-23 14:11 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-03-09 11:45 - 2016-02-23 14:09 - 00229352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 11:45 - 2016-02-23 14:06 - 00069232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-03-09 11:45 - 2016-02-23 13:58 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-03-09 11:45 - 2016-02-23 13:50 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-09 11:45 - 2016-02-23 13:50 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-03-09 11:45 - 2016-02-23 13:42 - 00658536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 11:45 - 2016-02-23 13:42 - 00467296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-09 11:45 - 2016-02-23 13:42 - 00078176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-03-09 11:45 - 2016-02-23 13:39 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-09 11:45 - 2016-02-23 13:38 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-09 11:45 - 2016-02-23 13:35 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 11:45 - 2016-02-23 13:20 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-03-09 11:45 - 2016-02-23 13:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-03-09 11:45 - 2016-02-23 13:16 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 11:45 - 2016-02-23 13:15 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 11:45 - 2016-02-23 13:15 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-03-09 11:45 - 2016-02-23 12:59 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-03-09 11:45 - 2016-02-23 12:59 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-09 11:45 - 2016-02-23 12:57 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-09 11:45 - 2016-02-23 12:55 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 11:45 - 2016-02-23 12:45 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-09 11:45 - 2016-02-23 12:45 - 06788608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 11:45 - 2016-02-23 12:42 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 11:45 - 2016-02-23 12:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 11:45 - 2016-02-23 12:38 - 02663424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-09 11:45 - 2016-02-23 12:37 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-03-09 11:45 - 2016-02-23 12:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-09 11:45 - 2016-02-23 12:25 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 11:45 - 2016-02-23 12:18 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 11:45 - 2016-02-23 12:17 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-03-09 11:45 - 2016-02-23 12:17 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-03-09 11:45 - 2016-02-23 12:14 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-03-09 11:45 - 2016-02-23 12:08 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 11:45 - 2016-02-23 12:04 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 11:45 - 2016-02-23 12:03 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 11:45 - 2016-02-23 12:03 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 11:45 - 2016-02-23 12:02 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 11:45 - 2016-02-23 11:55 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 11:45 - 2016-02-23 11:55 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 11:45 - 2016-02-23 11:51 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 11:45 - 2016-02-23 11:51 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 11:45 - 2016-02-23 11:48 - 21859840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 11:45 - 2016-02-23 11:48 - 05157376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 11:45 - 2016-02-23 11:46 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 11:45 - 2016-02-23 11:45 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 11:45 - 2016-02-23 11:45 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-03-09 11:45 - 2016-02-23 11:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 11:45 - 2016-02-23 11:45 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 11:45 - 2016-02-23 11:44 - 01821696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-09 11:45 - 2016-02-23 11:38 - 07524864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 11:45 - 2016-02-23 11:29 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-03-09 11:45 - 2016-02-23 11:17 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 11:45 - 2016-02-23 11:17 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 11:45 - 2016-02-23 11:11 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 11:45 - 2016-02-23 11:03 - 01495040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 11:45 - 2016-02-23 11:00 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-09 11:45 - 2016-02-23 11:00 - 05457408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 11:45 - 2016-02-23 10:58 - 18800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-08 11:48 - 2016-03-08 11:48 - 00001176 _____ C:\Users\Nutzer\Downloads\BAHN_Fahrplan.ics
2016-03-07 15:06 - 2016-03-15 10:19 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-07 15:06 - 2016-03-15 10:19 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-07 15:04 - 2016-03-07 15:05 - 00987728 _____ (Google Inc.) C:\Users\Nutzer\Downloads\ChromeSetup.exe
2016-03-02 13:50 - 2016-03-16 18:17 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForNutzer.job
2016-03-02 13:50 - 2016-03-16 13:56 - 00003252 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForNutzer
2016-03-02 10:29 - 2016-03-02 10:30 - 00000000 ____D C:\Users\Nutzer\Desktop\futuresax
2016-03-02 10:21 - 2016-03-02 10:21 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2016-02-29 21:34 - 2016-02-29 21:43 - 00000000 ____D C:\Users\Nutzer\Desktop\steuer_2014
2016-02-29 17:15 - 2016-03-20 16:06 - 00000504 _____ C:\WINDOWS\Tasks\OO DiskImage {dbb774bd-d681-428d-8b24-df4d3382d2f1}.job
2016-02-29 17:15 - 2016-02-29 17:15 - 00003096 _____ C:\WINDOWS\System32\Tasks\OO DiskImage {dbb774bd-d681-428d-8b24-df4d3382d2f1}
2016-02-29 16:30 - 2016-03-20 16:07 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-02-29 16:30 - 2016-02-29 16:30 - 00002525 _____ C:\Users\Public\Desktop\O&O DiskImage.lnk
2016-02-29 16:30 - 2016-02-29 16:30 - 00001292 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-02-29 16:30 - 2016-02-29 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2016-02-29 16:30 - 2016-02-29 16:30 - 00000000 ____D C:\Program Files\OO Software
2016-02-29 13:45 - 2016-03-01 10:38 - 00000000 ____D C:\Users\Nutzer\Desktop\arbeitsamt
2016-02-29 12:48 - 2016-03-20 16:07 - 00000000 ___RD C:\Users\Nutzer\Google Drive
2016-02-29 12:48 - 2016-02-29 12:48 - 00001818 _____ C:\Users\Nutzer\Desktop\Google Drive.lnk
2016-02-29 12:46 - 2016-03-21 11:51 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-29 12:46 - 2016-03-20 16:06 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-29 12:46 - 2016-03-14 14:53 - 00001962 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-02-29 12:46 - 2016-03-14 14:53 - 00001960 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-02-29 12:46 - 2016-03-14 14:53 - 00001950 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-02-29 12:46 - 2016-02-29 12:46 - 00004188 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-29 12:46 - 2016-02-29 12:46 - 00003956 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-29 12:46 - 2016-02-29 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-02-29 12:45 - 2016-02-29 12:46 - 00987728 _____ (Google Inc.) C:\Users\Nutzer\Downloads\googledrivesync(2).exe
2016-02-28 16:57 - 2016-02-28 16:57 - 00000000 ____D C:\Users\Nutzer\AppData\LocalLow\Temp
2016-02-28 16:47 - 2016-02-28 16:54 - 00024994 _____ C:\Users\Nutzer\Desktop\Simple PERT Chart.eddx
2016-02-28 09:55 - 2016-02-28 21:15 - 00000000 ____D C:\Users\Nutzer\Desktop\promotion
2016-02-27 10:47 - 2016-02-27 10:47 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAB
2016-02-27 10:47 - 2016-02-27 10:47 - 00000000 ____D C:\Program Files\SAB
2016-02-25 16:34 - 2016-02-25 16:34 - 01456800 _____ C:\WINDOWS\ProcessedPackets.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00576088 _____ C:\WINDOWS\Packet.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00043862 _____ C:\WINDOWS\Control.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00001177 _____ C:\WINDOWS\SentOSPackets.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00000286 _____ C:\WINDOWS\NGIControl.KTL
2016-02-25 11:58 - 2016-02-25 11:58 - 00000000 ____D C:\Users\Nutzer\Documents\Edraw Max
2016-02-25 11:58 - 2016-02-25 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edraw Max 7.9
2016-02-25 11:58 - 2016-02-25 11:58 - 00000000 ____D C:\Program Files (x86)\Edraw Max
2016-02-25 11:26 - 2016-02-25 11:58 - 80442944 _____ (EdrawSoft ) C:\Users\Nutzer\Downloads\edrawmax-de.exe
2016-02-25 10:05 - 2016-02-25 10:05 - 00035121 _____ C:\Users\Nutzer\Desktop\Flussdiagramm.vsdx
2016-02-24 12:40 - 2016-02-27 10:47 - 79114984 _____ C:\Users\Nutzer\Downloads\InstallPrano_FZR1420_JRE_64bit.exe
2016-02-24 12:06 - 2016-02-24 12:08 - 00000000 ____D C:\Users\Nutzer\Desktop\Inventur
2016-02-22 11:03 - 2016-02-28 21:15 - 00000000 ____D C:\Users\Nutzer\Desktop\Smart
2016-02-21 14:26 - 2016-02-21 14:26 - 00002162 _____ C:\Users\Public\Desktop\roomeon Portal.lnk
2016-02-21 14:26 - 2016-02-21 14:26 - 00002125 _____ C:\Users\Public\Desktop\roomeon 3D-Planer.lnk
2016-02-21 14:26 - 2016-02-21 14:26 - 00000000 ____D C:\Users\Nutzer\AppData\Local\roomeon
2016-02-21 14:26 - 2016-02-21 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon
2016-02-21 14:26 - 2016-02-21 14:26 - 00000000 ____D C:\Program Files (x86)\roomeon GmbH
2016-02-21 14:23 - 2016-02-21 14:25 - 14467023 _____ C:\Users\Nutzer\Downloads\roomeon_3D-Planer_DE_1.6.2(1).exe.part
2016-02-21 14:09 - 2016-02-21 14:25 - 55614231 _____ C:\Users\Nutzer\Downloads\roomeon_3D-Planer_DE_1.6.2.exe
2016-02-20 16:09 - 2016-02-20 16:09 - 00003628 _____ C:\WINDOWS\System32\Tasks\Inst_Rep
2016-02-20 16:09 - 2016-02-20 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2016-02-20 16:08 - 2016-02-20 16:09 - 00000000 ____D C:\Program Files (x86)\mbot_de_014010244
2016-02-20 16:08 - 2016-02-20 16:08 - 00000000 ____D C:\Users\Nutzer\AppData\Local\mbot_de_014010244
2016-02-20 16:05 - 2016-02-22 15:39 - 00000000 ____D C:\Users\Nutzer\Desktop\keygen__15344_il2310679
2016-02-20 15:56 - 2016-02-20 16:07 - 00172620 _____ (Feme ) C:\Users\Nutzer\Downloads\tropico_4_keygen.exe.part
2016-02-20 15:41 - 2016-02-20 15:41 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Tropico 4
2016-02-20 15:36 - 2016-02-20 15:36 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Kalypso Media
2016-02-20 14:52 - 2016-02-20 15:11 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
 
==================== Ein Monat: Geänderte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2016-03-21 12:21 - 2013-03-20 11:50 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Skype
2016-03-21 12:12 - 2012-05-05 19:15 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-21 11:50 - 2015-08-03 15:32 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Packages
2016-03-21 11:47 - 2015-06-17 12:30 - 00001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3737527253-1174571278-2646331852-1001UA.job
2016-03-21 11:38 - 2015-12-24 10:27 - 00000000 ____D C:\ProgramData\MFAData
2016-03-21 09:45 - 2013-07-21 14:28 - 00000000 ___RD C:\Users\Nutzer\Dropbox
2016-03-21 09:45 - 2013-07-21 14:25 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Dropbox
2016-03-21 09:38 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-21 09:35 - 2013-09-06 09:04 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\vlc
2016-03-20 16:17 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-20 16:12 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-20 16:11 - 2015-08-03 15:12 - 02266390 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-20 16:11 - 2015-07-10 17:34 - 00952100 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-20 16:11 - 2015-07-10 17:34 - 00221546 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-20 16:11 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2016-03-20 16:08 - 2015-12-29 12:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-20 16:08 - 2013-03-17 17:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-20 16:07 - 2015-12-23 15:27 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Wise Care 365
2016-03-20 16:07 - 2015-06-24 11:25 - 00000000 ___RD C:\Users\Nutzer\CloudStation
2016-03-20 16:07 - 2015-03-04 14:55 - 00000000 ___RD C:\Users\Nutzer\Desktop\FC_Cloud
2016-03-20 16:06 - 2015-12-18 15:53 - 00002402 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-03-20 16:06 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-20 16:06 - 2013-03-04 22:02 - 00000000 ____D C:\ProgramData\Validity
2016-03-19 15:14 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-17 10:53 - 2015-08-03 15:12 - 00000000 ____D C:\Users\Nutzer
2016-03-15 12:46 - 2013-05-15 05:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-03-12 13:00 - 2015-12-24 10:28 - 00001009 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-03-12 13:00 - 2015-12-24 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-11 12:54 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-11 11:22 - 2013-03-16 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-11 11:21 - 2013-05-09 16:12 - 00068936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-03-11 11:21 - 2013-03-20 12:03 - 00137952 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-03-11 11:21 - 2013-03-20 12:03 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-03-11 10:07 - 2015-08-03 15:34 - 00002429 _____ C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-11 10:07 - 2015-08-03 15:34 - 00000000 ___RD C:\Users\Nutzer\OneDrive
2016-03-09 17:55 - 2015-08-03 15:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-09 17:47 - 2016-01-11 16:34 - 00402568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 16:32 - 2013-07-16 15:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 16:26 - 2013-03-12 15:46 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 16:24 - 2009-07-14 03:34 - 00000478 _____ C:\WINDOWS\win.ini
2016-03-08 08:10 - 2015-07-10 12:06 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 15:44 - 2014-03-05 10:48 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Google
2016-03-07 15:05 - 2014-03-05 10:48 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-06 02:27 - 2015-12-11 15:53 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-03-01 13:45 - 2014-05-11 11:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-29 21:44 - 2013-04-23 17:08 - 00000000 ____D C:\Users\Nutzer\Documents\Steuerfälle
2016-02-29 20:53 - 2013-04-23 16:40 - 00000000 ____D C:\ProgramData\AAV
2016-02-29 16:30 - 2015-12-03 15:04 - 00003430 _____ C:\WINDOWS\System32\Tasks\Avira System Speedup Tray
2016-02-29 16:30 - 2014-12-15 13:55 - 00000000 ____D C:\ProgramData\OO Software
2016-02-29 16:29 - 2013-03-16 09:51 - 00000000 ____D C:\Program Files (x86)\Avira
2016-02-29 14:16 - 2013-12-11 17:06 - 00000000 ____D C:\Users\Nutzer\Desktop\cafe100
2016-02-29 12:45 - 2013-09-13 11:28 - 00000000 ____D C:\Users\Nutzer\Desktop\ideentransfer
2016-02-28 21:15 - 2013-04-16 21:27 - 00000000 ____D C:\Users\Nutzer\Desktop\privat
2016-02-27 14:56 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2016-02-27 10:54 - 2015-10-30 08:30 - 00000000 ____D C:\Users\Nutzer\.oracle_jre_usage
2016-02-26 23:28 - 2015-07-10 11:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-02-26 23:28 - 2015-07-10 11:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-02-26 23:28 - 2015-07-10 11:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-02-26 23:28 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-02-25 09:50 - 2013-03-04 21:55 - 00017272 _____ C:\WINDOWS\system32\results.xml
2016-02-24 13:27 - 2012-05-05 19:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-24 13:26 - 2011-07-29 00:51 - 00000000 ____D C:\swsetup
2016-02-23 18:10 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-02-21 14:25 - 2014-06-06 12:38 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Downloaded Installations
 
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 
2015-08-06 12:59 - 2015-08-06 12:59 - 0000000 _____ () C:\Program Files (x86)\JMicr
2015-08-06 12:59 - 2015-08-06 12:59 - 0000000 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-06 12:59 - 2015-08-06 12:59 - 0000000 _____ () C:\Program Files (x86)\StarMoney 9.0
2014-06-19 13:17 - 2014-06-19 13:32 - 0009089 _____ () C:\Users\Nutzer\AppData\Roaming\.freeciv-client-rc-2.4
2013-06-19 13:44 - 2013-11-12 12:41 - 0000116 _____ () C:\Users\Nutzer\AppData\Roaming\BEVI.CFG
2013-09-02 16:27 - 2013-09-02 16:27 - 0033193 _____ () C:\Users\Nutzer\AppData\Roaming\UserTile.png
2015-11-05 11:35 - 2015-11-05 11:35 - 0000122 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Einige Dateien in TEMP:
====================
C:\Users\Nutzer\AppData\Local\Temp\avgnt.exe
C:\Users\Nutzer\AppData\Local\Temp\i4jdel0.exe
C:\Users\Nutzer\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Nutzer\AppData\Local\Temp\jre-8u74-windows-au.exe
C:\Users\Nutzer\AppData\Local\Temp\proxy_vole2479119636678680774.dll
C:\Users\Nutzer\AppData\Local\Temp\setup_mbot_de.exe
C:\Users\Nutzer\AppData\Local\Temp\SIntf16.dll
C:\Users\Nutzer\AppData\Local\Temp\SIntf32.dll
C:\Users\Nutzer\AppData\Local\Temp\SIntfNT.dll
C:\Users\Nutzer\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap =================
 
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 
LastRegBack: 2016-03-12 14:53
 
==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 21.03.2016, 13:23   #2
SirTobi
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Teil 2:

ich hoffe das ist nicht viel zu viel und ich mülle Euer Forum voll.


Log Addition:FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Nutzer (2016-03-21 12:44:37)
Gestartet von C:\Users\Nutzer\Downloads
Windows 10 Pro (X64) (2015-08-03 14:32:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3737527253-1174571278-2646331852-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3737527253-1174571278-2646331852-503 - Limited - Disabled)
Gast (S-1-5-21-3737527253-1174571278-2646331852-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3737527253-1174571278-2646331852-1003 - Limited - Enabled)
Nutzer (S-1-5-21-3737527253-1174571278-2646331852-1001 - Administrator - Enabled) => C:\Users\Nutzer
Sonos (S-1-5-21-3737527253-1174571278-2646331852-1011 - Limited - Enabled)
Tine (S-1-5-21-3737527253-1174571278-2646331852-1010 - Limited - Enabled) => C:\Users\Tine

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Ad-Aware Antivirus (Enabled - Up to date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AV: AVG AntiVirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Ad-Aware Antivirus (Enabled - Up to date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: Ad-Aware Firewall (Enabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Ad-Aware Antivirus (HKLM\...\{9A711B34-77B5-4DDA-A97E-2FD6663729E1}_AdAwareUpdater) (Version: 11.9.696.8769 - Lavasoft)
AdAwareInstaller (Version: 11.9.696.8769 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.9.696.8769 - Lavasoft) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.12 - Adobe Systems)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
AntimalwareEngine (Version: 3.0.99.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.4205.0 - Lavasoft) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.38 - ArcSoft)
AvcEngine (Version: 3.11.11387.0 - Lavasoft) Hidden
AVG (Version: 16.51.7497 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4545 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.51.7497 - AVG Technologies)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 2.1.13.1163 - Avira Operations GmbH & Co. KG)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5300 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version:  - Broadcom Corporation)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon MG5600 series On-screen Manual (HKLM-x32\...\Canon MG5600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Canon MX700 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX700_series) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6312.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.6312.0 - Ihr Firmenname) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.1.1 - CEWE Stiftung u Co. KGaA)
Dropbox (HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Edraw Max 7.9 (HKLM-x32\...\Edraw Max_is1) (Version:  - EdrawSoft)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.02 - Sierra)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
EPSON AL-CX29 Dienstprogramme Ver.1.0.2.2 (HKLM-x32\...\{DF01BFBF-D3FA-4266-A036-74D5C5A04202}) (Version: 1.0.2.2 - EPSON)
EPSON AL-CX29 Scannertreiber (HKLM-x32\...\{6BC087EC-7486-4021-A387-88B9A946F07C}) (Version: 1.0.2.2 - EPSON)
EPSON Printer Software (HKLM-x32\...\{7612D261-8150-4B33-ADEE-3D3C086F0815}) (Version: 1.000.00.00 - EPSON)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{B64F0818-316F-4237-8CB4-35BC2DA784C2}) (Version: 5.1.12.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{0ABC7C72-64F0-4D7F-B9A4-9E82A56EC874}) (Version: 1.1.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}) (Version: 2.3.1 - Hewlett-Packard Company)
HP GPS and Location (HKLM-x32\...\{23A7D0B7-51CF-4986-8248-2ACE6629A00C}) (Version: 1.2.9.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{57FA60DA-585F-456A-B80E-17D1CDD22A30}) (Version: 5.0.27.1 - Hewlett-Packard Company)
HP Mobile Broadband Drivers (HKLM-x32\...\{646E8C34-C88B-42F9-9F41-985A801219E1}) (Version: 7.2.8.1 - Ericsson AB)
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{f41e84dd-bf67-4276-a972-df8f69ff28b6}) (Version: 4.0.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{658A8756-7B1E-44FD-A434-D777DD906232}) (Version: 8.5.2.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{3A61A282-4F08-4D43-920C-DC30ECE528E8}) (Version: 2.6.1 - Hewlett-Packard Company)
HP Universal Camera Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.8.2 - SunplusIT)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 3.0.0.1 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.27.17 - Roxio)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.5.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
IP Controller N350E Version 1.2 (HKLM-x32\...\IPControllerN350E_v0102000) (Version: 1.2.1 - IPAS GmbH)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
KNX eteC Falcon Runtime v2.1 (x32 Version: 2.1.5213.27900 - KNX Association cvba) Hidden
KOBIL CCID driver x64x86 (x32 Version: 1.013.02121 - KOBIL Systems) Hidden
LifeCloud Desktop Applications (HKLM-x32\...\{54DC3D01-80CC-44DA-830E-B942F063975B}) (Version: 1.4.4 - Axentra Corporation)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Media Go (HKLM-x32\...\{C9ACDF2C-F9A5-4F17-A6FA-97FF908DC4AA}) (Version: 3.0.278 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.101.05210 (HKLM-x32\...\{78D0E870-B5F7-8AE8-35DC-18060AAD9C7A}) (Version: 2.20.101.05210 - Sony)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mindjet 14 (HKLM-x32\...\{1EF1FE03-DF66-45CC-AF57-A6C986EE1EDA}) (Version: 14.0.334 - Mindjet)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NWZ-E380 WALKMAN Guide (HKLM-x32\...\{D98ED583-338D-4425-B2EF-A4C7FB93CE88}) (Version: 2.2.0.05230 - Sony Corporation)
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.10.102 - O&O Software GmbH)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paragon Drive Copy™ 2015 Kompakt (HKLM\...\{24371D30-7CFF-11DE-B053-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
roomeon 3D-Planer (HKLM-x32\...\{E94EF5B3-85D9-40C0-97DB-FA2BB29814E5}) (Version: 1.6.2 - roomeon GmbH)
Roxio MyDVD Business 2010 (HKLM-x32\...\{9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}) (Version: 12.1.79.10 - Roxio)
Roxio Secure Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 2.0.31.24 - Roxio)
SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 31.3.22220 - Sonos, Inc.)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
StarMoney (x32 Version: 4.0.1.51 - StarFinanz) Hidden
StarMoney (x32 Version: 5.0.1.83 - StarFinanz) Hidden
SteuerSparErklärung 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.38.173 - Akademische Arbeitsgemeinschaft)
sv.net (HKLM-x32\...\sv.net) (Version: 16.0 - ITSG GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Cloud Station (remove only) (HKLM\...\Synology Cloud Station) (Version: 3.2.3479 - Synology, Inc.)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.0.4055 - Synology, Inc.)
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
TOPSIM - Startup! Production - Instructor (HKLM-x32\...\TOPSIM - Startup! Production - Instructor) (Version: 4.2e - TATA Interactive Systems GmbH)
TOPSIM - Startup! Production - Participant (HKLM-x32\...\TOPSIM - Startup! Production - Participant) (Version: 4.2e - TATA Interactive Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Tropico 4 1.00 (HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Tropico 4) (Version: 1.00 - Kalypso Media)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114831) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{319F14FC-24A0-4A07-B84C-C7450AF9422F}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114831) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{319F14FC-24A0-4A07-B84C-C7450AF9422F}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114831) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{319F14FC-24A0-4A07-B84C-C7450AF9422F}) (Version:  - Microsoft)
Validity Fingerprint Sensor Driver (HKLM\...\{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}) (Version: 4.4.228.0 - Validity Sensors, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CF}) (Version: 15.0.10039 - WinZip Computing, S.L. )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{6295A54D-BD2A-4CF7-A288-62B0D91F7879}\InprocServer32 -> C:\Program Files (x86)\Outlook Backup Assistant\AddIn\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Nutzer\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> "C:\WINDOWS\system32\igfxEM.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A67C8DD-33EE-4329-8608-F53E9FEFA0E9} - System32\Tasks\{A7AB272E-F812-4F69-9F73-52F93B9E1D73} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {0B0E2F1F-4373-42AD-B4CB-A5124882DC8E} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2015-12-18] (WiseCleaner.COM)
Task: {0C87D0AC-4FC8-452C-AE5F-03E458F5472C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {0ECABA45-8B74-49AA-BB63-63EAECC1E94B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {13F78521-B9A2-4178-84B6-5EE63F97023D} - System32\Tasks\{EFDC83F2-7F6B-4B85-9837-6BF55E2A77DD} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {143040D8-5699-4326-A704-6D076351DA64} - System32\Tasks\{D72EBB27-CA82-4C11-8605-A7BB07F8CC0A} => pcalua.exe -a "C:\Users\Nutzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QYJVND3Z\Setup.exe" -d C:\Users\Nutzer\Desktop
Task: {15431E71-02A4-4F05-A5D5-C143EC5B98A6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {1999A78D-127C-4F53-A5E8-B719E83489A0} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-10-16] (IObit)
Task: {1A61118E-726C-42EA-B82F-275600F3D033} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {22B3EF99-DC1B-454E-B242-1F27A1515051} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {24456101-7D86-4623-A41B-17C4EFEE8010} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-29] (Google Inc.)
Task: {28BEF1F7-A9C8-40D4-80A9-4E0DDE0C39FE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2EBF671B-668A-4585-B6E5-730E198E26D9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {3010AF0D-2801-42CE-B5EE-252446A45839} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {32B68455-CE0A-4861-9AA2-953EB013498B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {33086BA8-4696-4184-B03B-BDCD817BFF19} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {332244E2-E122-4651-BAA0-E0B60CAD8821} - System32\Tasks\HPCeeScheduleForNutzer => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {34FE859E-DE35-4265-B26A-9E4BF71C46B9} - System32\Tasks\{75C86994-8BDB-4F20-8E21-8504B332336E} => pcalua.exe -a "D:\ZTE LTE gedöns\Mobile Broadband Programmordner\USBDriverInstaller_x86.exe" -d "D:\ZTE LTE gedöns\Mobile Broadband Programmordner"
Task: {385A9EBC-11B7-4162-9DAF-56B17D107B4D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3C0BF4E8-124D-4357-9B13-5390AA30B27E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {3E4B8AC8-FFCD-4969-8597-65760AB97161} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {40E45BD3-1D54-4590-ADA0-5E1D117BB48E} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2016-02-26] (Avira Operations GmbH & Co. KG)
Task: {46D51C68-D2EE-4593-AB4C-E432F506D8A3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {473F802C-AA6A-4F5C-8171-80DBFDC913BC} - System32\Tasks\{EAEB549C-926F-4484-B857-399BC834F256} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {474C6300-F3BD-47FE-9347-D5EA885691F6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {49216CAA-D31C-46F9-9FD2-1118A291918B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {4A1A8106-FBEA-4FB7-B818-5E7F1FAACF93} - System32\Tasks\{7F948EE1-BB31-4488-A337-D1A759D7DAD4} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {4ACF19A0-18D9-4942-8671-A9761F0CBF04} - System32\Tasks\Inst_Rep => C:\Users\Nutzer\AppData\Local\Installer\Install_28551\ytdieamodc_amodc_inst.exe <==== ACHTUNG
Task: {4BE15629-C013-4FB2-A546-21C5DB89B362} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {4F2926BD-32B1-43E5-8F06-6E08B0994CAB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {5329A848-6ABF-4B58-92B2-82244BB4FEE8} - System32\Tasks\{0640D58F-1962-4B24-AC92-788AF466BFE4} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {5337E1D7-A2FF-49E9-AAA6-BBC3313C568D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {53708585-7C52-4066-A7D3-1E693FF5CA37} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {5AB30464-A1ED-45F5-BA45-2D6173E9B272} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {619D78D5-318B-4017-BB35-599D0859C399} - System32\Tasks\DriverNavigator Scheduled Scan => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe [2015-05-11] (Easeware)
Task: {62F49A00-303D-457F-9AEE-93255D0E2685} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {6867A26F-7E4C-4566-91CA-B575FBA2EF65} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {68969C73-3A8A-43DD-910D-55CFB914B43D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {69201E11-47B4-47F7-AA47-19DCA45207A5} - System32\Tasks\{A5EE62B5-9FE1-4024-A00B-6DDECF5FCF83} => pcalua.exe -a "C:\Program Files (x86)\Mobile Broadband\Bin\ReloadCD.exe" -d "C:\Program Files (x86)\Mobile Broadband\Bin"
Task: {6B036B3B-EEEE-473E-B3E0-C8B9640E8BC9} - System32\Tasks\{56C3B111-8198-4882-B343-21C206330E25} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {72D602F8-94C5-4589-B60B-A75E8128064C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {760DE5DC-AB3A-42E5-A696-065304873092} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {790918BA-6E99-4EC5-BB84-3E946E999BBA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {794FE8F5-78C4-4CE2-9B25-438034932F1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {79D4DD8B-FAB8-40D5-B5A6-25AFB8A038B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3737527253-1174571278-2646331852-1001Core => C:\Users\Nutzer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {7A7ADB1C-D5AE-45FE-A4AA-88D9F96D812D} - System32\Tasks\{4B40D705-7996-4A50-8EF5-4B2F2E359FE8} => Firefox.exe hxxp://ui.skype.com/ui/0/7.17.0.105/de/abandoninstall?page=tsMain
Task: {7B308D0F-D3AA-45EC-AC19-B4F153AD96B9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3737527253-1174571278-2646331852-1001UA => C:\Users\Nutzer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {7F5FFBA5-CA55-4356-9225-2138CA8DA687} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {80EBBDF4-83C1-4B3C-A01F-AC4E0FB2210D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {830A60B6-026B-49A7-AE10-7E2AD5C82DEA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {85B026EB-9A6A-4862-B7AE-CC13C45E1987} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8C38F9E6-9D29-4132-B21F-1D17CE903807} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {933E958F-3183-4E9A-B8D7-F87F124F9C21} - System32\Tasks\{B5E3F0AA-FEFA-474D-9ADA-A96F3096C657} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{27D28586-BEF1-4E06-8787-3B1FC3A41489}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {94332C9E-D85B-4C11-B4DD-E993A241655F} - System32\Tasks\{62760AD0-D414-4A81-B2AE-4EB9D2D8E1D5} => pcalua.exe -a "C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe" -d "C:\Program Files (x86)\Infogrames Interactive\Civilization III"
Task: {979E19C8-A68E-4842-8EAB-09FC73C2C4B5} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2015-12-18] (WiseCleaner.com)
Task: {9C2F811C-F33C-4D45-90FD-63FB116C697F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {9E5D58F4-F37F-48D3-9780-A476BB6EEE91} - System32\Tasks\{ED9C8788-0ABE-45B1-BCEB-357FDC6ED276} => pcalua.exe -a C:\Users\Nutzer\Downloads\jxpiinstall(6).exe -d C:\Users\Nutzer\Downloads
Task: {9FACF6A2-1019-423E-88A9-805E446AAF98} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Keine Datei <==== ACHTUNG
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {A2921467-1FCB-4822-A4AB-8DE64526964E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A3861788-D99F-4FCB-B6AD-8258590FC5D3} - System32\Tasks\{EDE51190-7ACF-4E7E-9C33-674FF74FD3C3} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {A52ADB5E-31E4-40FF-AC10-9F229D63D407} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {A52B96C0-992D-43A8-A100-029D71EF2F20} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {A5BBE2CB-30F9-45F3-9F65-3FF30A76417D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {A87CDEB1-E0DC-45EA-B8B2-91400BF91A18} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {ABDCCEB5-800D-42E4-97D9-D0AD9872C8FC} - System32\Tasks\{9F311309-C30C-4465-BEBB-A6ECA3602F7F} => Firefox.exe hxxp://ui.skype.com/ui/0/7.5.0.102/de/abandoninstall?page=tsBing
Task: {B14ED790-A780-4927-88DF-57D2E6F69956} - System32\Tasks\{4AC70EE1-71A4-46B7-BCBF-8664BE18CC4A} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {B31ECD44-EECC-47F1-8C52-0FA9E088102A} - System32\Tasks\{7B6F07F0-7DDE-430E-85F7-28366655149C} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {B34BD371-5676-40BC-90A3-7F974611605E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {BA97B0B2-43A6-42C0-B7D1-086320DD2B13} - System32\Tasks\{22777835-F88A-4879-82A2-C9B5640B936F} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {BAD162FF-4B59-4852-B473-6D8A3010AAC9} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {C830ED52-25DE-4082-A688-F3E776F8DCCD} - System32\Tasks\{D16DA170-FAC2-463F-8DE8-FF5E897C8B55} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {CD9B13A0-7B86-4012-B8E0-DF0DF24C3D58} - System32\Tasks\Driver Booster SkipUAC (Nutzer) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-10-22] (IObit)
Task: {CE3F11A4-572D-409A-BEB8-50717802FDE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-29] (Google Inc.)
Task: {D1C6CD1D-68DC-4E7E-9194-A94657080810} - System32\Tasks\{DF5CF138-8101-409A-B423-3682299C1A39} => Firefox.exe hxxp://ui.skype.com/ui/0/7.17.0.105/de/abandoninstall?page=tsMain
Task: {D8152306-ACBE-414D-9E8A-A47766212091} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {DB1A6192-2C99-4317-836D-8B0D0E9E807B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {DF247EF8-004C-4EA7-9690-2F0E19140259} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {E1AC05C3-662A-4AE1-9BA6-4A60992A1A99} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)
Task: {E6325A9E-2155-4BC3-A4F8-054879721942} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E7333B22-9985-4135-B1C9-A2D0A01AD62E} - System32\Tasks\{DBAE00CF-D580-4188-8666-C79021D6CC7A} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {E813F596-E65E-4F9E-B4AC-2B5D6A2CE575} - System32\Tasks\OO DiskImage {dbb774bd-d681-428d-8b24-df4d3382d2f1} => C:\Program Files\OO Software\DiskImage\oodiag.exe [2015-08-28] (O&O Software GmbH)
Task: {EBDCBB9F-CA37-4E4D-AA4C-AF26DCD02FDA} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Keine Datei <==== ACHTUNG
Task: {EF372039-A898-4A20-8AA3-CA196B030473} - System32\Tasks\{D819E347-7CB7-474B-8201-BDC3E4489722} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {F2DEF0D4-8A14-477B-A29D-2F16E8D9D4CB} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {FCA5D5E8-5FE9-49B1-8BEE-5B60244A3EDE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FDE804EF-5A70-40BD-97AC-C2025FC33C37} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3737527253-1174571278-2646331852-1001Core.job => C:\Users\Nutzer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3737527253-1174571278-2646331852-1001UA.job => C:\Users\Nutzer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForNutzer.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\OO DiskImage {dbb774bd-d681-428d-8b24-df4d3382d2f1}.job => C:\Program Files\OO Software\DiskImage\oodiag.exe,/run {dbb774bd-d681-428d-8b24-df4d3382d2f1}WORKGROUP\NUTZER-HP$BC:\ProgramData\OO Software\DiskImage\Aufgaben\Aufgabe20160229.xml

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-03 15:47 - 2015-07-15 03:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2008-10-24 15:35 - 2008-10-24 15:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-28 09:10 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-06 12:05 - 2015-10-06 12:05 - 00287712 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2015-12-09 08:44 - 2015-12-09 08:44 - 00013824 _____ () C:\WINDOWS\system32\fpCSEvtSvc.exe
2015-12-09 17:55 - 2015-12-09 17:55 - 00712432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe
2015-12-09 17:58 - 2015-12-09 17:58 - 00025856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_system-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00057096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_date_time-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00123656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_filesystem-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 11671800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareServiceKernel.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 03549904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\RCF.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00911616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_regex-vc120-mt-1_57.dll
2015-12-09 17:59 - 2015-12-09 17:59 - 00107776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_thread-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00035072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_chrono-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00709360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareActivation.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00476928 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareApplicationUpdater.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00847600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareGamingMode.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00101096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareReset.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00123104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTime.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01030912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareDefinitionsUpdater.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00905488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareDefinitionsUpdaterScheduler.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01146608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareIgnoreList.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00243440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareQuarantine.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01571584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareAntiMalwareEngine.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00206080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareAntiRootkitEngine.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01210616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareScannerHistory.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01373928 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareScanner.dll
2015-12-09 17:59 - 2015-12-09 17:59 - 00036096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_timer-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01019640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareScannerScheduler.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01190656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareRealTimeProtection.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 02489592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareIncompatibles.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01468136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareAntiSpam.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01416944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareAntiPhishing.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 03263736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareParentalControl.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 02995960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareWebProtection.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01325816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareEmailProtection.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00059656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_iostreams-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01856768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareNetworkProtection.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01013992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwarePromo.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00365288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareFeedback.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 02958592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareThreatWorkAlliance.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01261800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwarePinCode.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01014504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareNotice.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01542896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareAvcEngine.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 01222416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareRealTimeProtectionHistory.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00475888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareStatistics.dll
2015-12-18 15:53 - 2015-01-06 12:47 - 00156936 _____ () C:\WINDOWS\SYSTEM32\bdfwcore.dll
2016-03-11 12:13 - 2016-03-11 12:13 - 01119064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpbr.mdl
2016-03-11 12:13 - 2016-03-11 12:13 - 00794832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpdsp.mdl
2016-03-11 12:13 - 2016-03-11 12:13 - 03038112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpph.mdl
2016-03-11 12:13 - 2016-03-11 12:13 - 01648408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttprbl.mdl
2015-12-30 22:55 - 2015-12-30 22:55 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-12-30 22:55 - 2015-12-30 22:55 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-02-25 02:28 - 2014-02-25 02:28 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2015-08-28 01:01 - 2015-08-28 01:01 - 00326904 _____ () C:\Program Files\OO Software\DiskImage\oodiagrs.dll
2015-08-28 01:01 - 2015-08-28 01:01 - 00069880 _____ () C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll
2015-10-01 09:18 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 09:18 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 09:18 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-12-11 13:23 - 2015-11-25 05:20 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-11 13:23 - 2015-11-25 05:17 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-11 13:23 - 2015-11-25 05:17 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 09:18 - 2015-09-17 06:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:43 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 09574112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe
2015-12-09 17:58 - 2015-12-09 17:58 - 00492288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_locale-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 02266344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\HtmlFramework.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00868600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTrayDefaultSkin.dll
2015-08-26 12:43 - 2015-08-26 12:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-08-28 01:01 - 2015-08-28 01:01 - 00553720 _____ () C:\Program Files\OO Software\DiskImage\ooditrrs.dll
2014-01-31 16:55 - 2014-01-14 20:46 - 03140608 _____ () C:\Users\Nutzer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2012-09-12 23:38 - 2012-09-12 23:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2012-02-10 23:26 - 2012-02-10 23:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2012-03-21 03:55 - 2012-03-21 03:55 - 00536848 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2016-01-21 09:36 - 2016-01-21 09:37 - 03563008 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.19020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-15 08:45 - 2015-12-15 08:45 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.19020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-03-04 09:48 - 2016-03-04 09:48 - 00016384 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-04 09:48 - 2016-03-04 09:48 - 16062976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-04 09:48 - 2016-03-04 09:48 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-08-28 01:01 - 2015-08-28 01:01 - 00345336 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2015-06-29 14:43 - 2015-06-29 14:43 - 04891368 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\X64\AdobePDFMakerX.dll
2014-09-25 12:33 - 2014-09-25 12:33 - 02210480 _____ () C:\Program Files\Microsoft Office\Office15\tmpod.dll
2015-10-13 15:10 - 2015-10-13 15:10 - 01428648 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2013-07-05 18:24 - 2009-09-16 10:17 - 00118784 _____ () C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\ccext2.dll
2013-07-05 18:24 - 2009-09-16 10:17 - 00135168 _____ () C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\ccgnu2.dll
2013-07-05 18:24 - 2009-09-16 10:17 - 00728064 _____ () C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\libxml2.dll
2013-07-05 18:24 - 2009-09-16 10:17 - 00073728 _____ () C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\zlib.dll
2013-09-06 07:28 - 2011-07-13 09:10 - 00065576 ____R () C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\MBMDebug.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-03-20 16:07 - 2016-03-20 16:07 - 00098816 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32api.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00110080 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\pywintypes27.dll
2016-03-20 16:07 - 2016-03-20 16:07 - 00364544 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\pythoncom27.dll
2016-03-20 16:07 - 2016-03-20 16:07 - 00320512 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32com.shell.shell.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00776704 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\_hashlib.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 01176576 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\wx._core_.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00806400 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\wx._gdi_.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00816128 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\wx._windows_.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 01067008 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\wx._controls_.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00733184 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\wx._misc_.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00682496 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\pysqlite2._sqlite.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00088064 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\_ctypes.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00119808 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32file.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00108544 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32security.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00007168 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\hashobjs_ext.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00017920 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\thumbnails_ext.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00088064 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\usb_ext.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00167936 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32gui.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00018432 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32event.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00046080 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\_socket.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 01208320 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\_ssl.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00128512 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\_elementtree.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00127488 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\pyexpat.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00013824 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\common.time34.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00036864 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\_psutil_windows.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00038912 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32inet.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00525240 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\windows._lib_cacheinvalidation.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00011264 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32crypt.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00077312 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\wx._html2.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00027136 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\_multiprocessing.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00020480 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\_yappi.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00035840 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32process.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00686080 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\unicodedata.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00078848 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\wx._animate.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00123392 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\wx._wizard.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00024064 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32pipe.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00010240 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\select.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00025600 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32pdh.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00017408 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32profile.pyd
2016-03-20 16:07 - 2016-03-20 16:07 - 00022528 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI104682\win32ts.pyd
2013-09-06 12:23 - 2013-09-06 12:23 - 00151848 _____ () C:\Program Files (x86)\Mindjet\MindManager 14\zlib.dll
2014-01-27 15:46 - 2014-01-27 15:46 - 00241664 _____ () C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\libupnp.dll
2014-01-27 15:46 - 2014-01-27 15:46 - 00984064 _____ () C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\libxml2.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00123918 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 01026062 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00524460 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 02949660 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 01798570 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00115214 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 03095505 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 21565192 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00712704 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00031744 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00046080 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00032768 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00516608 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00243200 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00431616 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-12 23:39 - 2012-09-12 23:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2015-12-24 10:27 - 2015-12-24 10:24 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-02-15 09:04 - 2016-02-15 09:04 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\7b13d2efeacfb9e3d842fb2f97375a4c\PSIClient.ni.dll
2013-03-04 21:50 - 2013-11-01 11:16 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-12-14 10:44 - 2016-02-23 19:19 - 00034768 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-03-21 09:45 - 2016-02-23 19:20 - 00019408 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-03-21 09:45 - 2016-02-23 19:19 - 00116688 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-14 10:44 - 2016-02-23 19:19 - 00093640 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-14 10:44 - 2016-02-23 19:19 - 00018376 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-14 10:44 - 2016-03-12 01:18 - 00019760 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00105928 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-03-21 09:45 - 2016-02-23 19:19 - 00392144 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-14 10:44 - 2016-03-12 01:18 - 00381752 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-14 10:44 - 2016-02-23 19:19 - 00692688 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00020816 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-14 10:44 - 2016-02-23 19:20 - 00112592 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 01682760 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00020808 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-14 10:44 - 2016-03-12 01:18 - 00020800 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-14 10:44 - 2016-03-12 01:18 - 00021840 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00038696 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-03-21 09:45 - 2016-02-23 19:21 - 00020936 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00024528 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00114640 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00124880 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-12 11:44 - 2016-03-12 01:18 - 00021832 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00024016 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00175560 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00030160 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00043472 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00028616 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00048592 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00026456 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00057808 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00024016 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00117056 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00024392 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-03-21 09:45 - 2016-02-23 19:21 - 00036296 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\librsync.dll
2016-03-21 09:45 - 2016-03-12 01:18 - 00031568 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2016-03-21 09:45 - 2016-02-13 01:24 - 00293392 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2015-12-14 10:44 - 2016-03-12 01:18 - 00023376 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-14 10:44 - 2016-02-23 19:19 - 00134608 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-03-21 09:45 - 2016-02-23 19:19 - 00134088 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-03-21 09:45 - 2016-02-23 19:20 - 00240584 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00052024 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-12 11:44 - 2016-03-12 01:18 - 00020800 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-12 11:44 - 2016-03-12 01:18 - 00021824 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-12 11:44 - 2016-03-12 01:18 - 00019776 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-12 11:44 - 2016-03-12 01:18 - 00020800 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00020280 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-14 10:44 - 2016-02-23 19:21 - 00350152 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-12 11:44 - 2016-03-12 01:18 - 00022352 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00084792 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-03-21 09:45 - 2016-03-12 01:18 - 01826096 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-14 10:44 - 2016-02-23 19:20 - 00083912 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\sip.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 03928880 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 01971504 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00531248 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00132912 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00223544 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00207672 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00158008 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00042808 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-03-21 09:45 - 2016-02-23 19:23 - 00017864 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-03-21 09:45 - 2016-02-23 19:23 - 01631184 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-14 10:44 - 2016-03-12 01:18 - 00024904 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00546096 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-03-21 09:45 - 2016-03-12 01:18 - 00357680 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2016-02-23 19:25 - 00697304 _____ () C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]
AlternateDataStreams: C:\Users\Nutzer\Downloads\AVG AntiVirus Pro - CHIP-Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\ChromeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\edrawmax-de.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\ee_update_de_1004_2000.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\googledrivesync(2).exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Gothic_3_Downloader.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Gothic_3_EE_Patch_v1.75.14_Int_Full.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\InstallPrano_FZR1420_JRE_64bit.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Java_Update.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\mediago_setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\roomeon_3D-Planer_DE_1.6.2(1).exe.part:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\roomeon_3D-Planer_DE_1.6.2.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Total Commander - CHIP-Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\tropico_4_keygen.exe.part:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Wise Care 365 Pro - CHIP-Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Wolfenstein Enemy Territory - CHIP-Installer.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7867 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzer\Desktop\FC_Cloud\Bilder\Flügelbilder\1301898213-3565-1.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{DE664960-97F3-49CB-9CFD-DE6C68922764}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{11EC010B-DCBD-49A8-ADC8-B285F50EC219}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{E3A0A688-6434-4523-9E9C-3327483AA7FA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{07F74C0C-3394-4EC9-8C59-753BDBCBA79D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{4288196C-A26B-476E-BC10-4003D396D378}] => (Allow) C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe
FirewallRules: [{AD46657E-EFC7-418F-AFA3-16A54CE04FEE}] => (Allow) C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe
FirewallRules: [{5251E192-F0DD-4DC1-B751-0BD9433DC820}] => (Allow) C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\QuickConnect\AxentraSmartShortcut.exe
FirewallRules: [{4148DF4A-0108-4C66-8E42-F94AD9C058AA}] => (Allow) C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\QuickConnect\AxentraSmartShortcut.exe
FirewallRules: [UDP Query User{6FA29AA1-D104-498E-99FE-7ABDF98EBDC9}C:\program files (x86)\medion\lifecloud desktop applications\quickconnect\axentrasmartshortcut.exe] => (Allow) C:\program files (x86)\medion\lifecloud desktop applications\quickconnect\axentrasmartshortcut.exe
FirewallRules: [TCP Query User{1E0056D1-F40C-4684-948D-CAB2BBC49853}C:\program files (x86)\medion\lifecloud desktop applications\quickconnect\axentrasmartshortcut.exe] => (Allow) C:\program files (x86)\medion\lifecloud desktop applications\quickconnect\axentrasmartshortcut.exe
FirewallRules: [UDP Query User{83E1E1BF-20AA-4B74-A676-F402D5240AEF}C:\program files (x86)\medion\lifecloud desktop applications\hipservagent\hipservagent.exe] => (Allow) C:\program files (x86)\medion\lifecloud desktop applications\hipservagent\hipservagent.exe
FirewallRules: [TCP Query User{88D21185-C5C4-4405-8BBA-62D004C0AF78}C:\program files (x86)\medion\lifecloud desktop applications\hipservagent\hipservagent.exe] => (Allow) C:\program files (x86)\medion\lifecloud desktop applications\hipservagent\hipservagent.exe
FirewallRules: [{682DA164-CD3D-45E3-9242-490E1573C48B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1562EAF5-9ABC-4757-8B71-BD459DD4F1CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{32258EE4-0328-4140-8892-70ECFC9456F8}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{C63CFCB7-B6BA-498D-B54B-F7DE57980497}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{4E6D30F0-AB16-4CFE-9CBE-345C94B57C43}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BBAB7B4F-8FB9-41E3-B140-562172F4AF4A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5620BA2A-62F8-4ABD-8F7A-210798A77AB8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6AFC0200-CFED-4099-BDEF-A2332C1B8FFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91FCE51E-CD3D-4B0D-B3DF-604C702FF424}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3BB61C0D-51B8-4BE3-97A8-83428F3F03AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [UDP Query User{F7E1EC01-1401-4194-BCFB-F810A4157E65}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{FB0BC6C3-79DE-4D48-9179-E80B430B12B3}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{106D224A-BB1E-4AF5-B6A3-53574BB9B919}] => (Allow) LPort=1900
FirewallRules: [{119718C1-3415-47C9-B99C-B8D2A3589390}] => (Allow) LPort=2869
FirewallRules: [{439ED1CB-493B-4EE3-B06F-BD651778C19E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{695154E4-57DA-4220-AFF0-980593538F85}] => (Allow) LPort=53
FirewallRules: [{DB4BA0BA-41AB-412A-BDBF-872E8FE29FB6}] => (Allow) LPort=1542
FirewallRules: [{AC1E35EA-C243-4A7C-9E9E-D36C2399A23F}] => (Allow) LPort=1542
FirewallRules: [UDP Query User{DCE67709-9176-4E2F-A088-A3C1BFC75116}C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{C787F85F-2770-4F0B-B975-645CA132A0F2}C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{222F3BA3-7297-4B13-B6A9-47BDF9FC1183}] => (Allow) C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C479CB8A-20E6-426E-838E-6688F225114F}] => (Allow) C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{76D8CA19-8750-4783-AB3D-3712B9040595}] => (Allow) F:\fsetup.exe
FirewallRules: [{583A2BA8-4183-4DFB-A033-82D4AF97B442}] => (Allow) F:\fsetup.exe
FirewallRules: [{6EE37AD8-CFC8-4D0A-9DE3-A7785F3A0E25}] => (Allow) F:\fsetup.exe
FirewallRules: [{87BCF88E-4A3B-47E0-96DE-52A04F5DA7FA}] => (Allow) F:\fsetup.exe
FirewallRules: [{D33769FD-0A0E-41CD-9E2C-C3254869FB0E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7E9EBBA3-B3EE-451D-9167-F5ECBADE271B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8795FCCB-5A51-4CF7-9405-46E68AB3F8A4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A28665AF-323F-4293-B410-E1F440A63421}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{38151839-3884-4393-9FBD-959EA25C8530}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{075DA87F-1851-4A19-B783-66F9ABA165AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{60E3ADC5-0DFC-45BE-8AC2-B94696435674}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AC0C5C6B-60E6-41FD-8187-08940AFE0A97}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{5368AE24-9E3E-4490-990C-A03D0617A10F}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{B5B03075-DA0E-41CA-ADF3-71781EB1A904}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F5302B0D-8460-436D-B5CC-A469D59044A4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{230656C5-BB2A-46B8-9E4D-602BFB687740}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{50019326-535E-4B34-AB0B-7EFEB0A9E9B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A003391B-E2A7-4EB8-A3E9-9C9CBE73A667}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4ECFC9F8-ABD9-4B30-B7B9-8C13B20FEB5E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D9183FE8-63E6-4C41-AD33-20A48926F9E3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E473CA51-5A31-43DE-B157-116A22A6E992}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{F5381E0E-6583-4F35-98F8-8AB48E7E106D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{1F5C98DF-95A6-4CFA-A065-1AD36EB54F73}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{DEFAE08E-E253-4DAF-B262-B1DE2FF4DE41}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{917228C7-882E-45C2-9E3E-CE7B48A5129B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C80274D7-740D-43F3-990C-3570809EDF50}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{1474EC85-9DDC-45F6-B72D-76394AEA7882}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

09-03-2016 16:21:41 Windows Update
15-03-2016 12:38:27 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/21/2016 12:30:16 PM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x80070015).

Error: (03/21/2016 12:30:16 PM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x80070015.

Error: (03/21/2016 12:14:32 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.   0xc0041801 (0xc0041801)

Error: (03/21/2016 12:14:32 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4810 - base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayerpages.h (593)} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.

Details:
	Die Daten sind unzulässig.   0x8007000d (0x8007000d)

Error: (03/20/2016 04:11:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: SQLAgent$KNXETS4perf-MSSQL10_50.KNXETS4-sqlagtctr.dll8

Error: (03/20/2016 04:11:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSSQL$KNXETS4perf-MSSQL$KNXETS4-sqlctr10.52.4000.0.dll8

Error: (03/19/2016 03:14:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Nutzer-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/19/2016 02:34:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Nutzer-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/19/2016 11:06:44 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: SQLAgent$KNXETS4perf-MSSQL10_50.KNXETS4-sqlagtctr.dll8

Error: (03/19/2016 11:06:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSSQL$KNXETS4perf-MSSQL$KNXETS4-sqlctr10.52.4000.0.dll8


Systemfehler:
=============
Error: (03/21/2016 11:11:45 AM) (Source: DCOM) (EventID: 10016) (User: Nutzer-HP)
Description: ComputerstandardLokalAktivierung{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}Nutzer-HPNutzerS-1-5-21-3737527253-1174571278-2646331852-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarS-1-15-2-2933524601-2558760240-3094956902-3177105555-2816452107-35306386-3612650560

Error: (03/21/2016 10:29:43 AM) (Source: DCOM) (EventID: 10016) (User: Nutzer-HP)
Description: ComputerstandardLokalAktivierung{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}Nutzer-HPNutzerS-1-5-21-3737527253-1174571278-2646331852-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarS-1-15-2-2410672001-4086349119-3573616563-1275477694-4178069654-3083558607-4191977646

Error: (03/20/2016 04:22:29 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/20/2016 04:06:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/20/2016 04:06:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS

Error: (03/20/2016 04:06:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (03/20/2016 04:06:28 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT-AUTORITÄT)
Description: Fehler "126" beim Laden der Kennwortbenachrichtigungs-DLL "c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll". Stellen Sie sicher, dass der in der Registrierung definierte DLL-Pfad "HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages" sich auf einen korrekten und absoluten Pfad (<Laufwerk>:\<Pfad>\<Dateiname>.<Erw.>) bezieht und nicht auf einen relativen oder ungültigen Pfad. Wenn der DLL-Pfad falsch ist, stellen Sie sicher, dass sich alle Hilfsdateien im gleichen Verzeichnis befinden und dass das Systemkonto sowohl auf den DLL-Pfad als auch die Hilfsdateien Lesezugriff hat.  Wenden Sie sich an den Anbieter der Benachrichtigungs-DLL, um weitere Unterstützung zu erhalten. Weitere Informationen finden Sie im Internet unter "hxxp://go.microsoft.com/fwlink/?LinkId=245898".

Error: (03/19/2016 03:14:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WWAN - automatische Konfiguration" wurde mit folgendem Fehler beendet: 
%%997

Error: (03/19/2016 03:14:42 PM) (Source: DCOM) (EventID: 10010) (User: Nutzer-HP)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (03/19/2016 03:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-03-21 12:43:48.577
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-21 12:43:48.552
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-21 12:43:44.690
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-21 12:43:44.660
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-21 09:35:44.339
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-21 09:35:44.318
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-20 16:07:41.418
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-20 16:07:41.392
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-20 16:07:41.092
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-20 16:07:41.069
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 75%
Installierter physikalischer RAM: 8055.55 MB
Verfügbarer physikalischer RAM: 1995.84 MB
Summe virtueller Speicher: 16247.55 MB
Verfügbarer virtueller Speicher: 10367.05 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:214.92 GB) (Free:69.23 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.91 GB) FAT32
Drive g: (HP_RECOVERY) (Fixed) (Total:21.25 GB) (Free:3.24 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive l: () (Removable) (Total:7.5 GB) (Free:2.91 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 2F9A7B5F)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=214.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
--- --- ---
Und ein Auszug aus der AntiVir Ereigniss (es waren deutlich mehr, aber immer die gleichen)

21.03.2016 12:26 [Echtzeit-Scanner] Malware gefunden
Muster 'ADWARE/Amonetize.A.24550 [adware]'
in Datei
'C:\Windows\Temp\5e3e946b-f43f-4d23-88a3-3eeb516c0544\tmp00006f36\tmp00075847
gefunden.
Durchgeführte Aktion: Zugriff verweigern

21.03.2016 12:09 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen2 [trojan]'
in Datei
'C:\Windows\Temp\5e3e946b-f43f-4d23-88a3-3eeb516c0544\tmp00006f36\tmp000547ea
gefunden.
Durchgeführte Aktion: Zugriff verweigern

21.03.2016 12:06 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Patched.Ren.Gen [trojan]'
in Datei
'C:\Windows\Temp\5e3e946b-f43f-4d23-88a3-3eeb516c0544\tmp00006f36\tmp0004fd7c
gefunden.
Durchgeführte Aktion: Zugriff verweigern


Was habe ich vergessen?
Nochmals danke,
Tobias
__________________


Geändert von SirTobi (21.03.2016 um 13:38 Uhr)

Alt 21.03.2016, 14:05   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Code:
ATTFilter
2016-02-20 16:05 - 2016-02-22 15:39 - 00000000 ____D C:\Users\Nutzer\Desktop\keygen__15344_il2310679
2016-02-20 15:56 - 2016-02-20 16:07 - 00172620 _____ (Feme ) C:\Users\Nutzer\Downloads\tropico_4_keygen.exe.part
         
Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
__________________

Alt 21.03.2016, 20:01   #4
SirTobi
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Danke schon mal für den Hinweis, keine Ahnung wie das auf meinen Rechner gekommen ist, aber das Datum passt doch auch ganz gut zu den anderen Problemen. Vielleicht haben meine Kinder sich das Ding besorgt, das Spiel hatten wir uns mal aus der Bücherei ausgeliehen, aber es funktionierte nicht.

Ich habe den Ordner und den Download gelöscht, damit sollte ich nun keine illegalen Sachen mehr auf dem Rechner haben.

Gruß und schönen Abend,
Tobias

PS: die Hilfe mit komplett neu machen würde ich acuh in Anspruch nehmen. Damit habe ich vielleicht ein ganz sauberen Rechner und die Leistung steigt wieder.

Alt 21.03.2016, 21:33   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Zitat:
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Enabled - Up to date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AV: AVG AntiVirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Ad-Aware Antivirus (Enabled - Up to date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: AVG AntiVirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: Ad-Aware Firewall (Enabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}
Erstmal deinen zugekleisterten Rechner befreien. Alles deinstallieren. Belass es erstmal nur beim Windows Defener. Wenn wir hier durch sind, kannst du auf ein anderes AV umsteigen.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.03.2016, 09:59   #6
SirTobi
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Windows Defener habe ich aktuallisiert und aktiviert und die anderen Programm deinstalliert.

Alt 22.03.2016, 10:33   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.03.2016, 10:56   #8
SirTobi
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Teil 1 FRST
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Nutzer (Administrator) auf NUTZER-HP (22-03-2016 10:50:37)
Gestartet von C:\Users\Nutzer\Downloads
Geladene Profile: Nutzer (Verfügbare Profile: Nutzer & Tine & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(IPAS GmbH) C:\Program Files (x86)\IPAS GmbH\ComBridge Studio\bin\CBMCGSvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(IPAS GmbH) C:\Program Files (x86)\IPAS GmbH\ComBridge Studio\bin\CemiService.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
() C:\Windows\System32\fpCSEvtSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SESDBN.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SEPWDN.EXE
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Printer Software\SEQLUZ.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SEPSPZ.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\ooditray.exe
() C:\Users\Nutzer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(© 2015 Microsoft Corporation) C:\Users\Nutzer\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Axentra Corporation) C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Synology Inc.) C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Synology Inc.) C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(Synology Inc.) C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SEQLU] => C:\Program Files\EPSON_P2\Printer Software\SEQLUZ.EXE [950704 2012-11-16] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SESMPSP] => C:\Program Files\EPSON_P2\Status Monitor\SEPSPZ.EXE [459184 2012-11-16] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2014-08-20] (Broadcom Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [6360824 2015-08-28] (O&O Software GmbH)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2015-09-09] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2014-10-16] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2010-01-18] (CANON INC.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HipServ Agent] => C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe [2722920 2014-01-27] (Axentra Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [14952 2016-02-26] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [Amazon Cloud Player] => C:\Users\Nutzer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [761064 2015-06-29] (Adobe Systems Incorporated)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [Dropbox Update] => C:\Users\Nutzer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [BingSvc] => C:\Users\Nutzer\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\MountPoints2: {132320fd-603f-11e5-9c01-028037ec0200} - "D:\LaunchU3.exe" -a
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [   01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [   02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [   03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [   04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [   05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2015-08-28] (O&O Software GmbH)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe [2015-12-30] ()
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2016-03-22]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{00e337c2-2a81-46a1-963a-31f2294d9825}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{87dc13c9-ca95-45c6-9efe-5a7f4e8c2580}: [DhcpNameServer] 192.168.14.1 192.168.14.1
Tcpip\..\Interfaces\{b63e91dc-3102-4765-8651-9a0a6546b831}: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{e93d9ec1-d8cf-4d32-af98-e4036ddd5a1d}: [NameServer] 139.7.30.126 139.7.30.125

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
hxxp://www.fibercheck.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> 51B8090724154198AC9D55380858D24C URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=2dea3aaf-fd01-4f6d-8b86-de643d5aaf49&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=14/05/2013&type=hp1000
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {2F241019-B5B5-4A3B-9777-05796CC07CE4} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Keine Datei
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-01-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-28] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D122814-AE3372CAF8274412FA2F&form=CONMHP&conlogo=CT3330942
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Homepage: hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de
www.google.de
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-08-13] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3737527253-1174571278-2646331852-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-09-29] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\searchplugins\bingp.xml [2014-11-09]
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\searchplugins\google-images.xml [2014-06-19]
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\searchplugins\google-maps.xml [2014-06-19]
FF Extension: Fox!Box - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2015-05-29]
FF Extension: Avira Browser Safety - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\abs@avira.com [2016-03-16]
FF Extension: Bing Search - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-01-20]
FF Extension: HP Detect - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-08-22] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-08-06] [ist nicht signiert]
FF HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-07]
CHR Extension: (Google Docs) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-07]
CHR Extension: (Google Drive) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-07]
CHR Extension: (YouTube) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-03-07]
CHR Extension: (Google Tabellen) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-07]
CHR Extension: (Avira Browserschutz) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-03-15]
CHR Extension: (Google Docs Offline) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-07]
CHR Extension: (Google Mail) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-07]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2288384 2015-12-24] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 CBEIBnetIPService; C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\CemiService.exe [249856 2009-09-16] (IPAS GmbH) [Datei ist nicht signiert]
R2 CBStudioMCGService; C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\CBMCGSvc.exe [503808 2009-09-16] (IPAS GmbH) [Datei ist nicht signiert]
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287712 2015-10-06] ()
R2 fpCsEvtSvc; C:\Windows\system32\fpCSEvtSvc.exe [13824 2015-12-09] ()
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-11-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-11-01] (Intel Corporation)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7766264 2015-08-28] (O&O Software GmbH)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2015-12-30] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2015-12-30] ()
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [536848 2012-03-21] ()
R2 SESMPWD; C:\Program Files\EPSON_P2\Status Monitor\SEPWDN.EXE [155568 2012-11-16] (SEIKO EPSON CORPORATION)
R2 SESMSDB; C:\Program Files\EPSON_P2\Status Monitor\SESDBN.EXE [343472 2012-11-16] (SEIKO EPSON CORPORATION)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [24224 2016-02-26] (Avira Operations GmbH & Co. KG)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-03] (Synaptics Incorporated)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2014-02-25] ()
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [53248 2015-12-09] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580144 2015-08-06] (WiseCleaner.com)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2014-08-20] (Broadcom Corporation) [Datei ist nicht signiert]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ARCVCAM; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [208192 2015-12-24] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7480496 2013-09-13] (Broadcom Corporation)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468752 2014-07-28] (Intel Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
R3 h36wgps; C:\Windows\system32\DRIVERS\h36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-02] (REALiX(tm))
R3 johci; C:\Windows\System32\drivers\johci.sys [26208 2013-11-06] (JMicron Technology Corp.)
S3 KOBCCEX; C:\Windows\System32\drivers\KOBCCEX.sys [25344 2009-10-08] (KOBIL Systems GmbH) [Datei ist nicht signiert]
S3 massfilter_LTE; C:\Windows\System32\drivers\massfilter_LTE.sys [18456 2011-04-28] (HandSet Incorporated)
S3 massfilter_LTE; C:\Windows\SysWOW64\drivers\massfilter_LTE.sys [15896 2011-04-28] (HandSet Incorporated)
R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185088 2015-12-02] (Intel Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2015-08-28] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2015-08-28] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2015-08-28] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2015-08-28] (O&O Software GmbH)
S3 pmxdrv; C:\windows\system32\drivers\pmxdrv.sys [31152 2013-09-01] ()
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [28624 2015-12-30] () [Datei ist nicht signiert]
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [700128 2015-11-13] (Sunplus)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102576 2015-08-10] ()
S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25904 2015-08-10] ()
S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [701232 2015-08-10] ()
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-10-16] (Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-12-09] (HP)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2015-12-23] (wisecleaner.com)
R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [284912 2013-11-25] (Ericsson AB)
S3 zgdcat; C:\Windows\System32\DRIVERS\zgdcat.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcat; C:\Windows\SysWOW64\DRIVERS\zgdcat.sys [113168 2011-04-28] (ZTE Incorporated)
S3 zgdcdiag; C:\Windows\System32\DRIVERS\zgdcdiag.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcdiag; C:\Windows\SysWOW64\DRIVERS\zgdcdiag.sys [113168 2011-04-28] (ZTE Incorporated)
S3 zgdcmdm; C:\Windows\System32\DRIVERS\zgdcmdm.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcmdm; C:\Windows\SysWOW64\DRIVERS\zgdcmdm.sys [113168 2011-04-28] (ZTE Incorporated)
S3 zgdcnet; C:\Windows\System32\DRIVERS\zgdcnet.sys [163352 2011-04-28] (ZTE Incorporated)
S3 zgdcnet; C:\Windows\SysWOW64\DRIVERS\zgdcnet.sys [138264 2011-04-28] (ZTE Incorporated)
S3 zgdcnmea; C:\Windows\System32\DRIVERS\zgdcnmea.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcnmea; C:\Windows\SysWOW64\DRIVERS\zgdcnmea.sys [113168 2011-04-28] (ZTE Incorporated)
S3 avchv; \SystemRoot\system32\DRIVERS\avchv.sys [X]
U3 idsvc; kein ImagePath
S3 STHDA; \SystemRoot\system32\DRIVERS\stwrt64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-22 10:36 - 2016-03-22 10:36 - 00016148 _____ C:\WINDOWS\system32\NUTZER-HP_Nutzer_HistoryPrediction.bin
2016-03-21 13:07 - 2016-03-21 13:07 - 00343542 _____ C:\Users\Nutzer\Documents\Ereignisse_AntiVir.txt
2016-03-21 12:44 - 2016-03-21 12:47 - 00100750 _____ C:\Users\Nutzer\Downloads\Addition.txt
2016-03-21 12:43 - 2016-03-22 10:51 - 00041941 _____ C:\Users\Nutzer\Downloads\FRST.txt
2016-03-21 12:43 - 2016-03-22 10:50 - 00000000 ____D C:\FRST
2016-03-21 12:42 - 2016-03-21 12:43 - 02374144 _____ (Farbar) C:\Users\Nutzer\Downloads\FRST64.exe
2016-03-21 09:45 - 2016-03-21 09:45 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-15 10:00 - 2016-03-15 10:00 - 00184296 _____ C:\Users\Nutzer\Downloads\Umsaetze_KtoNr142332600_EUR_15-03-2016_1000.CSV
2016-03-14 12:09 - 2016-03-14 12:10 - 00010487 _____ C:\Users\Nutzer\Downloads\FiberC_elster_14.03.2016_12.09.pfx
2016-03-09 11:45 - 2016-02-23 15:53 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 11:45 - 2016-02-23 15:52 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-09 11:45 - 2016-02-23 15:51 - 00633184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-03-09 11:45 - 2016-02-23 15:51 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 11:45 - 2016-02-23 15:50 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 11:45 - 2016-02-23 15:48 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 11:45 - 2016-02-23 15:48 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-09 11:45 - 2016-02-23 15:48 - 01123952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-09 11:45 - 2016-02-23 15:41 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 11:45 - 2016-02-23 15:41 - 00299600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-03-09 11:45 - 2016-02-23 15:41 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-03-09 11:45 - 2016-02-23 15:40 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-03-09 11:45 - 2016-02-23 15:38 - 00272752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 11:45 - 2016-02-23 15:36 - 00080128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-03-09 11:45 - 2016-02-23 15:11 - 00781984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 11:45 - 2016-02-23 15:11 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-09 11:45 - 2016-02-23 15:11 - 00103776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-03-09 11:45 - 2016-02-23 15:08 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-09 11:45 - 2016-02-23 15:07 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-09 11:45 - 2016-02-23 14:39 - 00607416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 11:45 - 2016-02-23 14:30 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 11:45 - 2016-02-23 14:25 - 01085632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-09 11:45 - 2016-02-23 14:23 - 00952968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 11:45 - 2016-02-23 14:21 - 00529456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 11:45 - 2016-02-23 14:21 - 00141152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 11:45 - 2016-02-23 14:11 - 00249976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-03-09 11:45 - 2016-02-23 14:11 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-03-09 11:45 - 2016-02-23 14:11 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-03-09 11:45 - 2016-02-23 14:09 - 00229352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 11:45 - 2016-02-23 14:06 - 00069232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-03-09 11:45 - 2016-02-23 13:58 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-03-09 11:45 - 2016-02-23 13:50 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-09 11:45 - 2016-02-23 13:50 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-03-09 11:45 - 2016-02-23 13:42 - 00658536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 11:45 - 2016-02-23 13:42 - 00467296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-09 11:45 - 2016-02-23 13:42 - 00078176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-03-09 11:45 - 2016-02-23 13:39 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-09 11:45 - 2016-02-23 13:38 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-09 11:45 - 2016-02-23 13:35 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 11:45 - 2016-02-23 13:20 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-03-09 11:45 - 2016-02-23 13:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-03-09 11:45 - 2016-02-23 13:16 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 11:45 - 2016-02-23 13:15 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 11:45 - 2016-02-23 13:15 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-03-09 11:45 - 2016-02-23 12:59 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-03-09 11:45 - 2016-02-23 12:59 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-09 11:45 - 2016-02-23 12:57 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-09 11:45 - 2016-02-23 12:55 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 11:45 - 2016-02-23 12:45 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-09 11:45 - 2016-02-23 12:45 - 06788608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 11:45 - 2016-02-23 12:42 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 11:45 - 2016-02-23 12:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 11:45 - 2016-02-23 12:38 - 02663424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-09 11:45 - 2016-02-23 12:37 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-03-09 11:45 - 2016-02-23 12:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-09 11:45 - 2016-02-23 12:25 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 11:45 - 2016-02-23 12:18 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 11:45 - 2016-02-23 12:17 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-03-09 11:45 - 2016-02-23 12:17 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-03-09 11:45 - 2016-02-23 12:14 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-03-09 11:45 - 2016-02-23 12:08 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 11:45 - 2016-02-23 12:04 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 11:45 - 2016-02-23 12:03 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 11:45 - 2016-02-23 12:03 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 11:45 - 2016-02-23 12:02 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 11:45 - 2016-02-23 11:55 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 11:45 - 2016-02-23 11:55 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 11:45 - 2016-02-23 11:51 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 11:45 - 2016-02-23 11:51 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 11:45 - 2016-02-23 11:48 - 21859840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 11:45 - 2016-02-23 11:48 - 05157376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 11:45 - 2016-02-23 11:46 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 11:45 - 2016-02-23 11:45 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 11:45 - 2016-02-23 11:45 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-03-09 11:45 - 2016-02-23 11:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 11:45 - 2016-02-23 11:45 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 11:45 - 2016-02-23 11:44 - 01821696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-09 11:45 - 2016-02-23 11:38 - 07524864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 11:45 - 2016-02-23 11:29 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-03-09 11:45 - 2016-02-23 11:17 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 11:45 - 2016-02-23 11:17 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 11:45 - 2016-02-23 11:11 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 11:45 - 2016-02-23 11:03 - 01495040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 11:45 - 2016-02-23 11:00 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-09 11:45 - 2016-02-23 11:00 - 05457408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 11:45 - 2016-02-23 10:58 - 18800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-08 11:48 - 2016-03-08 11:48 - 00001176 _____ C:\Users\Nutzer\Downloads\BAHN_Fahrplan.ics
2016-03-07 15:06 - 2016-03-15 10:19 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-07 15:06 - 2016-03-15 10:19 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-07 15:04 - 2016-03-07 15:05 - 00987728 _____ (Google Inc.) C:\Users\Nutzer\Downloads\ChromeSetup.exe
2016-03-02 13:50 - 2016-03-21 14:16 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForNutzer.job
2016-03-02 13:50 - 2016-03-21 13:56 - 00003252 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForNutzer
2016-03-02 10:29 - 2016-03-02 10:30 - 00000000 ____D C:\Users\Nutzer\Desktop\futuresax
2016-02-29 21:34 - 2016-02-29 21:43 - 00000000 ____D C:\Users\Nutzer\Desktop\steuer_2014
2016-02-29 17:15 - 2016-03-22 10:01 - 00000504 _____ C:\WINDOWS\Tasks\OO DiskImage {dbb774bd-d681-428d-8b24-df4d3382d2f1}.job
2016-02-29 17:15 - 2016-02-29 17:15 - 00003096 _____ C:\WINDOWS\System32\Tasks\OO DiskImage {dbb774bd-d681-428d-8b24-df4d3382d2f1}
2016-02-29 16:30 - 2016-03-22 10:01 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-02-29 16:30 - 2016-02-29 16:30 - 00002525 _____ C:\Users\Public\Desktop\O&O DiskImage.lnk
2016-02-29 16:30 - 2016-02-29 16:30 - 00001292 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-02-29 16:30 - 2016-02-29 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2016-02-29 16:30 - 2016-02-29 16:30 - 00000000 ____D C:\Program Files\OO Software
2016-02-29 13:45 - 2016-03-01 10:38 - 00000000 ____D C:\Users\Nutzer\Desktop\arbeitsamt
2016-02-29 12:48 - 2016-03-22 10:01 - 00000000 ___RD C:\Users\Nutzer\Google Drive
2016-02-29 12:48 - 2016-02-29 12:48 - 00001818 _____ C:\Users\Nutzer\Desktop\Google Drive.lnk
2016-02-29 12:46 - 2016-03-22 10:51 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-29 12:46 - 2016-03-22 10:01 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-29 12:46 - 2016-03-14 14:53 - 00001962 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-02-29 12:46 - 2016-03-14 14:53 - 00001960 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-02-29 12:46 - 2016-03-14 14:53 - 00001950 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-02-29 12:46 - 2016-02-29 12:46 - 00004188 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-29 12:46 - 2016-02-29 12:46 - 00003956 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-29 12:46 - 2016-02-29 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-02-29 12:45 - 2016-02-29 12:46 - 00987728 _____ (Google Inc.) C:\Users\Nutzer\Downloads\googledrivesync(2).exe
2016-02-28 16:57 - 2016-02-28 16:57 - 00000000 ____D C:\Users\Nutzer\AppData\LocalLow\Temp
2016-02-28 16:47 - 2016-02-28 16:54 - 00024994 _____ C:\Users\Nutzer\Desktop\Simple PERT Chart.eddx
2016-02-28 09:55 - 2016-02-28 21:15 - 00000000 ____D C:\Users\Nutzer\Desktop\promotion
2016-02-27 10:47 - 2016-02-27 10:47 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAB
2016-02-27 10:47 - 2016-02-27 10:47 - 00000000 ____D C:\Program Files\SAB
2016-02-25 16:34 - 2016-02-25 16:34 - 01456800 _____ C:\WINDOWS\ProcessedPackets.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00576088 _____ C:\WINDOWS\Packet.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00043862 _____ C:\WINDOWS\Control.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00001177 _____ C:\WINDOWS\SentOSPackets.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00000286 _____ C:\WINDOWS\NGIControl.KTL
2016-02-25 11:58 - 2016-02-25 11:58 - 00000000 ____D C:\Users\Nutzer\Documents\Edraw Max
2016-02-25 11:58 - 2016-02-25 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edraw Max 7.9
2016-02-25 11:58 - 2016-02-25 11:58 - 00000000 ____D C:\Program Files (x86)\Edraw Max
2016-02-25 11:26 - 2016-02-25 11:58 - 80442944 _____ (EdrawSoft ) C:\Users\Nutzer\Downloads\edrawmax-de.exe
2016-02-25 10:05 - 2016-02-25 10:05 - 00035121 _____ C:\Users\Nutzer\Desktop\Flussdiagramm.vsdx
2016-02-24 12:40 - 2016-02-27 10:47 - 79114984 _____ C:\Users\Nutzer\Downloads\InstallPrano_FZR1420_JRE_64bit.exe
2016-02-24 12:06 - 2016-02-24 12:08 - 00000000 ____D C:\Users\Nutzer\Desktop\Inventur
2016-02-22 11:03 - 2016-02-28 21:15 - 00000000 ____D C:\Users\Nutzer\Desktop\Smart
2016-02-21 14:26 - 2016-02-21 14:26 - 00002162 _____ C:\Users\Public\Desktop\roomeon Portal.lnk
2016-02-21 14:26 - 2016-02-21 14:26 - 00002125 _____ C:\Users\Public\Desktop\roomeon 3D-Planer.lnk
2016-02-21 14:26 - 2016-02-21 14:26 - 00000000 ____D C:\Users\Nutzer\AppData\Local\roomeon
2016-02-21 14:26 - 2016-02-21 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon
2016-02-21 14:26 - 2016-02-21 14:26 - 00000000 ____D C:\Program Files (x86)\roomeon GmbH
2016-02-21 14:23 - 2016-02-21 14:25 - 14467023 _____ C:\Users\Nutzer\Downloads\roomeon_3D-Planer_DE_1.6.2(1).exe.part
2016-02-21 14:09 - 2016-02-21 14:25 - 55614231 _____ C:\Users\Nutzer\Downloads\roomeon_3D-Planer_DE_1.6.2.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-22 10:47 - 2015-06-17 12:30 - 00001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3737527253-1174571278-2646331852-1001UA.job
2016-03-22 10:41 - 2015-08-03 15:32 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Packages
2016-03-22 10:27 - 2013-07-21 14:28 - 00000000 ___RD C:\Users\Nutzer\Dropbox
2016-03-22 10:12 - 2012-05-05 19:15 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-22 10:06 - 2015-08-03 15:12 - 02266390 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-22 10:06 - 2015-07-10 17:34 - 00952100 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-22 10:06 - 2015-07-10 17:34 - 00221546 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-22 10:06 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2016-03-22 10:01 - 2016-01-11 16:34 - 00404440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-22 10:01 - 2015-12-23 15:27 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Wise Care 365
2016-03-22 10:01 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-22 10:01 - 2015-06-24 11:25 - 00000000 ___RD C:\Users\Nutzer\CloudStation
2016-03-22 10:01 - 2015-03-04 14:55 - 00000000 ___RD C:\Users\Nutzer\Desktop\FC_Cloud
2016-03-22 10:01 - 2013-07-21 14:25 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Dropbox
2016-03-22 10:01 - 2013-03-04 22:02 - 00000000 ____D C:\ProgramData\Validity
2016-03-22 10:00 - 2015-12-24 10:27 - 00000000 ____D C:\ProgramData\MFAData
2016-03-22 10:00 - 2015-12-24 10:23 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Avg
2016-03-22 10:00 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-22 10:00 - 2013-03-16 09:51 - 00000000 ____D C:\Program Files (x86)\Avira
2016-03-22 09:52 - 2014-05-11 11:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-22 09:52 - 2013-03-16 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-22 09:52 - 2013-03-16 09:51 - 00000000 ____D C:\ProgramData\Avira
2016-03-22 09:51 - 2015-12-24 10:28 - 00000000 ___HD C:\$AVG
2016-03-22 09:51 - 2015-12-24 10:23 - 00000000 ____D C:\Users\Nutzer\AppData\Local\AvgSetupLog
2016-03-22 09:51 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-03-22 09:49 - 2014-07-31 09:04 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-03-22 09:48 - 2015-12-01 13:09 - 00000000 ____D C:\ProgramData\CyberLink
2016-03-22 09:48 - 2013-03-04 21:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-22 09:47 - 2014-09-28 09:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-03-22 09:47 - 2013-03-04 22:02 - 00000000 ____D C:\ProgramData\Skype
2016-03-22 09:46 - 2013-03-20 11:50 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Skype
2016-03-22 09:45 - 2014-12-19 11:23 - 00000000 ____D C:\Program Files\dm
2016-03-22 09:43 - 2013-03-16 09:56 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Avira
2016-03-21 21:05 - 2015-08-03 15:12 - 00000000 ____D C:\Users\Nutzer
2016-03-21 19:56 - 2016-02-20 14:52 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
2016-03-21 14:32 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-21 14:16 - 2015-12-29 12:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-21 14:16 - 2013-03-17 17:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-21 09:38 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-21 09:35 - 2013-09-06 09:04 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\vlc
2016-03-20 16:12 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-15 12:46 - 2013-05-15 05:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-03-11 12:54 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-11 10:07 - 2015-08-03 15:34 - 00002429 _____ C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-11 10:07 - 2015-08-03 15:34 - 00000000 ___RD C:\Users\Nutzer\OneDrive
2016-03-09 17:55 - 2015-08-03 15:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 16:32 - 2013-07-16 15:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 16:26 - 2013-03-12 15:46 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 16:24 - 2009-07-14 03:34 - 00000478 _____ C:\WINDOWS\win.ini
2016-03-08 08:10 - 2015-07-10 12:06 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 15:44 - 2014-03-05 10:48 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Google
2016-03-07 15:05 - 2014-03-05 10:48 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-06 02:27 - 2015-12-11 15:53 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-02-29 21:44 - 2013-04-23 17:08 - 00000000 ____D C:\Users\Nutzer\Documents\Steuerfälle
2016-02-29 20:53 - 2013-04-23 16:40 - 00000000 ____D C:\ProgramData\AAV
2016-02-29 16:30 - 2015-12-03 15:04 - 00003430 _____ C:\WINDOWS\System32\Tasks\Avira System Speedup Tray
2016-02-29 16:30 - 2014-12-15 13:55 - 00000000 ____D C:\ProgramData\OO Software
2016-02-29 14:16 - 2013-12-11 17:06 - 00000000 ____D C:\Users\Nutzer\Desktop\cafe100
2016-02-29 12:45 - 2013-09-13 11:28 - 00000000 ____D C:\Users\Nutzer\Desktop\ideentransfer
2016-02-28 21:15 - 2013-04-16 21:27 - 00000000 ____D C:\Users\Nutzer\Desktop\privat
2016-02-27 14:56 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2016-02-27 10:54 - 2015-10-30 08:30 - 00000000 ____D C:\Users\Nutzer\.oracle_jre_usage
2016-02-26 23:28 - 2015-07-10 11:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-02-26 23:28 - 2015-07-10 11:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-02-26 23:28 - 2015-07-10 11:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-02-26 23:28 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-02-25 09:50 - 2013-03-04 21:55 - 00017272 _____ C:\WINDOWS\system32\results.xml
2016-02-24 13:27 - 2012-05-05 19:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-24 13:26 - 2011-07-29 00:51 - 00000000 ____D C:\swsetup
2016-02-23 18:10 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-02-21 14:25 - 2014-06-06 12:38 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Downloaded Installations

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-06 12:59 - 2015-08-06 12:59 - 0000000 _____ () C:\Program Files (x86)\JMicr
2015-08-06 12:59 - 2015-08-06 12:59 - 0000000 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-06 12:59 - 2015-08-06 12:59 - 0000000 _____ () C:\Program Files (x86)\StarMoney 9.0
2014-06-19 13:17 - 2014-06-19 13:32 - 0009089 _____ () C:\Users\Nutzer\AppData\Roaming\.freeciv-client-rc-2.4
2013-06-19 13:44 - 2013-11-12 12:41 - 0000116 _____ () C:\Users\Nutzer\AppData\Roaming\BEVI.CFG
2013-09-02 16:27 - 2013-09-02 16:27 - 0033193 _____ () C:\Users\Nutzer\AppData\Roaming\UserTile.png
2015-11-05 11:35 - 2015-11-05 11:35 - 0000122 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Nutzer\AppData\Local\Temp\avgnt.exe
C:\Users\Nutzer\AppData\Local\Temp\i4jdel0.exe
C:\Users\Nutzer\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Nutzer\AppData\Local\Temp\jre-8u74-windows-au.exe
C:\Users\Nutzer\AppData\Local\Temp\proxy_vole2479119636678680774.dll
C:\Users\Nutzer\AppData\Local\Temp\setup_mbot_de.exe
C:\Users\Nutzer\AppData\Local\Temp\SIntf16.dll
C:\Users\Nutzer\AppData\Local\Temp\SIntf32.dll
C:\Users\Nutzer\AppData\Local\Temp\SIntfNT.dll
C:\Users\Nutzer\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-12 14:53

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 22.03.2016, 10:57   #9
SirTobi
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Teil 2:Addition Text

FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Nutzer (2016-03-22 10:51:13)
Gestartet von C:\Users\Nutzer\Downloads
Windows 10 Pro (X64) (2015-08-03 14:32:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3737527253-1174571278-2646331852-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3737527253-1174571278-2646331852-503 - Limited - Disabled)
Gast (S-1-5-21-3737527253-1174571278-2646331852-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3737527253-1174571278-2646331852-1003 - Limited - Enabled)
Nutzer (S-1-5-21-3737527253-1174571278-2646331852-1001 - Administrator - Enabled) => C:\Users\Nutzer
Sonos (S-1-5-21-3737527253-1174571278-2646331852-1011 - Limited - Enabled)
Tine (S-1-5-21-3737527253-1174571278-2646331852-1010 - Limited - Enabled) => C:\Users\Tine

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.12 - Adobe Systems)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.38 - ArcSoft)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5300 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version:  - Broadcom Corporation)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon MG5600 series On-screen Manual (HKLM-x32\...\Canon MG5600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Canon MX700 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX700_series) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dropbox (HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.02 - Sierra)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
EPSON AL-CX29 Dienstprogramme Ver.1.0.2.2 (HKLM-x32\...\{DF01BFBF-D3FA-4266-A036-74D5C5A04202}) (Version: 1.0.2.2 - EPSON)
EPSON AL-CX29 Scannertreiber (HKLM-x32\...\{6BC087EC-7486-4021-A387-88B9A946F07C}) (Version: 1.0.2.2 - EPSON)
EPSON Printer Software (HKLM-x32\...\{7612D261-8150-4B33-ADEE-3D3C086F0815}) (Version: 1.000.00.00 - EPSON)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{B64F0818-316F-4237-8CB4-35BC2DA784C2}) (Version: 5.1.12.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{0ABC7C72-64F0-4D7F-B9A4-9E82A56EC874}) (Version: 1.1.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}) (Version: 2.3.1 - Hewlett-Packard Company)
HP GPS and Location (HKLM-x32\...\{23A7D0B7-51CF-4986-8248-2ACE6629A00C}) (Version: 1.2.9.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{57FA60DA-585F-456A-B80E-17D1CDD22A30}) (Version: 5.0.27.1 - Hewlett-Packard Company)
HP Mobile Broadband Drivers (HKLM-x32\...\{646E8C34-C88B-42F9-9F41-985A801219E1}) (Version: 7.2.8.1 - Ericsson AB)
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{f41e84dd-bf67-4276-a972-df8f69ff28b6}) (Version: 4.0.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{658A8756-7B1E-44FD-A434-D777DD906232}) (Version: 8.5.2.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{3A61A282-4F08-4D43-920C-DC30ECE528E8}) (Version: 2.6.1 - Hewlett-Packard Company)
HP Universal Camera Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.8.2 - SunplusIT)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 3.0.0.1 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.27.17 - Roxio)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.5.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
IP Controller N350E Version 1.2 (HKLM-x32\...\IPControllerN350E_v0102000) (Version: 1.2.1 - IPAS GmbH)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
KNX eteC Falcon Runtime v2.1 (x32 Version: 2.1.5213.27900 - KNX Association cvba) Hidden
KOBIL CCID driver x64x86 (x32 Version: 1.013.02121 - KOBIL Systems) Hidden
LifeCloud Desktop Applications (HKLM-x32\...\{54DC3D01-80CC-44DA-830E-B942F063975B}) (Version: 1.4.4 - Axentra Corporation)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Media Go (HKLM-x32\...\{C9ACDF2C-F9A5-4F17-A6FA-97FF908DC4AA}) (Version: 3.0.278 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.10.102 - O&O Software GmbH)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
roomeon 3D-Planer (HKLM-x32\...\{E94EF5B3-85D9-40C0-97DB-FA2BB29814E5}) (Version: 1.6.2 - roomeon GmbH)
Roxio MyDVD Business 2010 (HKLM-x32\...\{9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}) (Version: 12.1.79.10 - Roxio)
Roxio Secure Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 2.0.31.24 - Roxio)
SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 31.3.22220 - Sonos, Inc.)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
StarMoney (x32 Version: 4.0.1.51 - StarFinanz) Hidden
StarMoney (x32 Version: 5.0.1.83 - StarFinanz) Hidden
SteuerSparErklärung 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.38.173 - Akademische Arbeitsgemeinschaft)
sv.net (HKLM-x32\...\sv.net) (Version: 16.0 - ITSG GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Cloud Station (remove only) (HKLM\...\Synology Cloud Station) (Version: 3.2.3479 - Synology, Inc.)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.0.4055 - Synology, Inc.)
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
TOPSIM - Startup! Production - Instructor (HKLM-x32\...\TOPSIM - Startup! Production - Instructor) (Version: 4.2e - TATA Interactive Systems GmbH)
TOPSIM - Startup! Production - Participant (HKLM-x32\...\TOPSIM - Startup! Production - Participant) (Version: 4.2e - TATA Interactive Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114831) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{319F14FC-24A0-4A07-B84C-C7450AF9422F}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114831) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{319F14FC-24A0-4A07-B84C-C7450AF9422F}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114831) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{319F14FC-24A0-4A07-B84C-C7450AF9422F}) (Version:  - Microsoft)
Validity Fingerprint Sensor Driver (HKLM\...\{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}) (Version: 4.4.228.0 - Validity Sensors, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CF}) (Version: 15.0.10039 - WinZip Computing, S.L. )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{6295A54D-BD2A-4CF7-A288-62B0D91F7879}\InprocServer32 -> C:\Program Files (x86)\Outlook Backup Assistant\AddIn\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Nutzer\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> "C:\WINDOWS\system32\igfxEM.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A67C8DD-33EE-4329-8608-F53E9FEFA0E9} - System32\Tasks\{A7AB272E-F812-4F69-9F73-52F93B9E1D73} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {0B0E2F1F-4373-42AD-B4CB-A5124882DC8E} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2015-12-18] (WiseCleaner.COM)
Task: {0C87D0AC-4FC8-452C-AE5F-03E458F5472C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {0ECABA45-8B74-49AA-BB63-63EAECC1E94B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {13F78521-B9A2-4178-84B6-5EE63F97023D} - System32\Tasks\{EFDC83F2-7F6B-4B85-9837-6BF55E2A77DD} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {143040D8-5699-4326-A704-6D076351DA64} - System32\Tasks\{D72EBB27-CA82-4C11-8605-A7BB07F8CC0A} => pcalua.exe -a "C:\Users\Nutzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QYJVND3Z\Setup.exe" -d C:\Users\Nutzer\Desktop
Task: {15431E71-02A4-4F05-A5D5-C143EC5B98A6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {1999A78D-127C-4F53-A5E8-B719E83489A0} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-10-16] (IObit)
Task: {1A61118E-726C-42EA-B82F-275600F3D033} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {22B3EF99-DC1B-454E-B242-1F27A1515051} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {24456101-7D86-4623-A41B-17C4EFEE8010} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-29] (Google Inc.)
Task: {28BEF1F7-A9C8-40D4-80A9-4E0DDE0C39FE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2EBF671B-668A-4585-B6E5-730E198E26D9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {3010AF0D-2801-42CE-B5EE-252446A45839} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {32B68455-CE0A-4861-9AA2-953EB013498B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {33086BA8-4696-4184-B03B-BDCD817BFF19} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {332244E2-E122-4651-BAA0-E0B60CAD8821} - System32\Tasks\HPCeeScheduleForNutzer => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {34FE859E-DE35-4265-B26A-9E4BF71C46B9} - System32\Tasks\{75C86994-8BDB-4F20-8E21-8504B332336E} => pcalua.exe -a "D:\ZTE LTE gedöns\Mobile Broadband Programmordner\USBDriverInstaller_x86.exe" -d "D:\ZTE LTE gedöns\Mobile Broadband Programmordner"
Task: {385A9EBC-11B7-4162-9DAF-56B17D107B4D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3C0BF4E8-124D-4357-9B13-5390AA30B27E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {3E4B8AC8-FFCD-4969-8597-65760AB97161} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {40E45BD3-1D54-4590-ADA0-5E1D117BB48E} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2016-02-26] (Avira Operations GmbH & Co. KG)
Task: {46D51C68-D2EE-4593-AB4C-E432F506D8A3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {473F802C-AA6A-4F5C-8171-80DBFDC913BC} - System32\Tasks\{EAEB549C-926F-4484-B857-399BC834F256} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {474C6300-F3BD-47FE-9347-D5EA885691F6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {49216CAA-D31C-46F9-9FD2-1118A291918B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {4A1A8106-FBEA-4FB7-B818-5E7F1FAACF93} - System32\Tasks\{7F948EE1-BB31-4488-A337-D1A759D7DAD4} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {4ACF19A0-18D9-4942-8671-A9761F0CBF04} - System32\Tasks\Inst_Rep => C:\Users\Nutzer\AppData\Local\Installer\Install_28551\ytdieamodc_amodc_inst.exe <==== ACHTUNG
Task: {4BE15629-C013-4FB2-A546-21C5DB89B362} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {4F2926BD-32B1-43E5-8F06-6E08B0994CAB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {5329A848-6ABF-4B58-92B2-82244BB4FEE8} - System32\Tasks\{0640D58F-1962-4B24-AC92-788AF466BFE4} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {5337E1D7-A2FF-49E9-AAA6-BBC3313C568D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {53708585-7C52-4066-A7D3-1E693FF5CA37} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {5AB30464-A1ED-45F5-BA45-2D6173E9B272} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {619D78D5-318B-4017-BB35-599D0859C399} - System32\Tasks\DriverNavigator Scheduled Scan => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe [2015-05-11] (Easeware)
Task: {62F49A00-303D-457F-9AEE-93255D0E2685} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {6867A26F-7E4C-4566-91CA-B575FBA2EF65} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {68969C73-3A8A-43DD-910D-55CFB914B43D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {69201E11-47B4-47F7-AA47-19DCA45207A5} - System32\Tasks\{A5EE62B5-9FE1-4024-A00B-6DDECF5FCF83} => pcalua.exe -a "C:\Program Files (x86)\Mobile Broadband\Bin\ReloadCD.exe" -d "C:\Program Files (x86)\Mobile Broadband\Bin"
Task: {6B036B3B-EEEE-473E-B3E0-C8B9640E8BC9} - System32\Tasks\{56C3B111-8198-4882-B343-21C206330E25} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {72D602F8-94C5-4589-B60B-A75E8128064C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {760DE5DC-AB3A-42E5-A696-065304873092} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {790918BA-6E99-4EC5-BB84-3E946E999BBA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {794FE8F5-78C4-4CE2-9B25-438034932F1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {79D4DD8B-FAB8-40D5-B5A6-25AFB8A038B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3737527253-1174571278-2646331852-1001Core => C:\Users\Nutzer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {7A7ADB1C-D5AE-45FE-A4AA-88D9F96D812D} - System32\Tasks\{4B40D705-7996-4A50-8EF5-4B2F2E359FE8} => Firefox.exe hxxp://ui.skype.com/ui/0/7.17.0.105/de/abandoninstall?page=tsMain
Task: {7B308D0F-D3AA-45EC-AC19-B4F153AD96B9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3737527253-1174571278-2646331852-1001UA => C:\Users\Nutzer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {7F5FFBA5-CA55-4356-9225-2138CA8DA687} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {80EBBDF4-83C1-4B3C-A01F-AC4E0FB2210D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {830A60B6-026B-49A7-AE10-7E2AD5C82DEA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {85B026EB-9A6A-4862-B7AE-CC13C45E1987} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8C38F9E6-9D29-4132-B21F-1D17CE903807} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {933E958F-3183-4E9A-B8D7-F87F124F9C21} - System32\Tasks\{B5E3F0AA-FEFA-474D-9ADA-A96F3096C657} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{27D28586-BEF1-4E06-8787-3B1FC3A41489}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {94332C9E-D85B-4C11-B4DD-E993A241655F} - System32\Tasks\{62760AD0-D414-4A81-B2AE-4EB9D2D8E1D5} => pcalua.exe -a "C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe" -d "C:\Program Files (x86)\Infogrames Interactive\Civilization III"
Task: {979E19C8-A68E-4842-8EAB-09FC73C2C4B5} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2015-12-18] (WiseCleaner.com)
Task: {9C2F811C-F33C-4D45-90FD-63FB116C697F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {9E5D58F4-F37F-48D3-9780-A476BB6EEE91} - System32\Tasks\{ED9C8788-0ABE-45B1-BCEB-357FDC6ED276} => pcalua.exe -a C:\Users\Nutzer\Downloads\jxpiinstall(6).exe -d C:\Users\Nutzer\Downloads
Task: {9FACF6A2-1019-423E-88A9-805E446AAF98} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Keine Datei <==== ACHTUNG
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {A2921467-1FCB-4822-A4AB-8DE64526964E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A3861788-D99F-4FCB-B6AD-8258590FC5D3} - System32\Tasks\{EDE51190-7ACF-4E7E-9C33-674FF74FD3C3} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {A52ADB5E-31E4-40FF-AC10-9F229D63D407} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {A52B96C0-992D-43A8-A100-029D71EF2F20} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {A5BBE2CB-30F9-45F3-9F65-3FF30A76417D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {A87CDEB1-E0DC-45EA-B8B2-91400BF91A18} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {ABDCCEB5-800D-42E4-97D9-D0AD9872C8FC} - System32\Tasks\{9F311309-C30C-4465-BEBB-A6ECA3602F7F} => Firefox.exe hxxp://ui.skype.com/ui/0/7.5.0.102/de/abandoninstall?page=tsBing
Task: {B14ED790-A780-4927-88DF-57D2E6F69956} - System32\Tasks\{4AC70EE1-71A4-46B7-BCBF-8664BE18CC4A} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {B31ECD44-EECC-47F1-8C52-0FA9E088102A} - System32\Tasks\{7B6F07F0-7DDE-430E-85F7-28366655149C} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {B34BD371-5676-40BC-90A3-7F974611605E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {BA97B0B2-43A6-42C0-B7D1-086320DD2B13} - System32\Tasks\{22777835-F88A-4879-82A2-C9B5640B936F} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {C830ED52-25DE-4082-A688-F3E776F8DCCD} - System32\Tasks\{D16DA170-FAC2-463F-8DE8-FF5E897C8B55} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {CD9B13A0-7B86-4012-B8E0-DF0DF24C3D58} - System32\Tasks\Driver Booster SkipUAC (Nutzer) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-10-22] (IObit)
Task: {CE3F11A4-572D-409A-BEB8-50717802FDE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-29] (Google Inc.)
Task: {D1C6CD1D-68DC-4E7E-9194-A94657080810} - System32\Tasks\{DF5CF138-8101-409A-B423-3682299C1A39} => Firefox.exe hxxp://ui.skype.com/ui/0/7.17.0.105/de/abandoninstall?page=tsMain
Task: {D8152306-ACBE-414D-9E8A-A47766212091} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {DB1A6192-2C99-4317-836D-8B0D0E9E807B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {DF247EF8-004C-4EA7-9690-2F0E19140259} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {E0379394-8486-40B8-BC8E-DEC538AD65CA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {E1AC05C3-662A-4AE1-9BA6-4A60992A1A99} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)
Task: {E6325A9E-2155-4BC3-A4F8-054879721942} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E7333B22-9985-4135-B1C9-A2D0A01AD62E} - System32\Tasks\{DBAE00CF-D580-4188-8666-C79021D6CC7A} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {E813F596-E65E-4F9E-B4AC-2B5D6A2CE575} - System32\Tasks\OO DiskImage {dbb774bd-d681-428d-8b24-df4d3382d2f1} => C:\Program Files\OO Software\DiskImage\oodiag.exe [2015-08-28] (O&O Software GmbH)
Task: {EBDCBB9F-CA37-4E4D-AA4C-AF26DCD02FDA} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Keine Datei <==== ACHTUNG
Task: {EF372039-A898-4A20-8AA3-CA196B030473} - System32\Tasks\{D819E347-7CB7-474B-8201-BDC3E4489722} => C:\Program Files (x86)\Mobile Broadband\Bin\MainApp.exe
Task: {F2DEF0D4-8A14-477B-A29D-2F16E8D9D4CB} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {FCA5D5E8-5FE9-49B1-8BEE-5B60244A3EDE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FDE804EF-5A70-40BD-97AC-C2025FC33C37} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3737527253-1174571278-2646331852-1001Core.job => C:\Users\Nutzer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3737527253-1174571278-2646331852-1001UA.job => C:\Users\Nutzer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForNutzer.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\OO DiskImage {dbb774bd-d681-428d-8b24-df4d3382d2f1}.job => C:\Program Files\OO Software\DiskImage\oodiag.exe,/run {dbb774bd-d681-428d-8b24-df4d3382d2f1}WORKGROUP\NUTZER-HP$BC:\ProgramData\OO Software\DiskImage\Aufgaben\Aufgabe20160229.xml

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-03 15:47 - 2015-07-15 03:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-28 09:10 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2008-10-24 15:35 - 2008-10-24 15:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2015-10-06 12:05 - 2015-10-06 12:05 - 00287712 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-09 08:44 - 2015-12-09 08:44 - 00013824 _____ () C:\WINDOWS\system32\fpCSEvtSvc.exe
2015-12-30 22:55 - 2015-12-30 22:55 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-12-30 22:55 - 2015-12-30 22:55 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-02-25 02:28 - 2014-02-25 02:28 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2015-08-28 01:01 - 2015-08-28 01:01 - 00326904 _____ () C:\Program Files\OO Software\DiskImage\oodiagrs.dll
2015-08-28 01:01 - 2015-08-28 01:01 - 00069880 _____ () C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll
2015-10-01 09:18 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 09:18 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 09:18 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-12-11 13:23 - 2015-11-25 05:20 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-11 13:23 - 2015-11-25 05:17 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-11 13:23 - 2015-11-25 05:17 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 09:18 - 2015-09-17 06:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:43 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-26 12:43 - 2015-08-26 12:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-08-28 01:01 - 2015-08-28 01:01 - 00553720 _____ () C:\Program Files\OO Software\DiskImage\ooditrrs.dll
2014-01-31 16:55 - 2014-01-14 20:46 - 03140608 _____ () C:\Users\Nutzer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2012-09-12 23:38 - 2012-09-12 23:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2015-08-28 01:01 - 2015-08-28 01:01 - 00345336 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2015-06-29 14:43 - 2015-06-29 14:43 - 04891368 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\X64\AdobePDFMakerX.dll
2014-09-25 12:33 - 2014-09-25 12:33 - 02210480 _____ () C:\Program Files\Microsoft Office\Office15\tmpod.dll
2015-10-13 15:10 - 2015-10-13 15:10 - 01428648 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2012-02-10 23:26 - 2012-02-10 23:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2012-03-21 03:55 - 2012-03-21 03:55 - 00536848 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2013-07-05 18:24 - 2009-09-16 10:17 - 00135168 _____ () C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\ccgnu2.dll
2013-07-05 18:24 - 2009-09-16 10:17 - 00118784 _____ () C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\ccext2.dll
2013-07-05 18:24 - 2009-09-16 10:17 - 00728064 _____ () C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\libxml2.dll
2013-07-05 18:24 - 2009-09-16 10:17 - 00073728 _____ () C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\zlib.dll
2013-09-06 07:28 - 2011-07-13 09:10 - 00065576 ____R () C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\MBMDebug.dll
2016-03-22 10:01 - 2016-03-22 10:01 - 00098816 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32api.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00110080 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\pywintypes27.dll
2016-03-22 10:01 - 2016-03-22 10:01 - 00364544 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\pythoncom27.dll
2016-03-22 10:01 - 2016-03-22 10:01 - 00320512 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32com.shell.shell.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00776704 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\_hashlib.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 01176576 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\wx._core_.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00806400 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\wx._gdi_.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00816128 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\wx._windows_.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 01067008 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\wx._controls_.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00733184 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\wx._misc_.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00682496 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\pysqlite2._sqlite.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00088064 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\_ctypes.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00119808 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32file.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00108544 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32security.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00007168 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\hashobjs_ext.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00017920 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\thumbnails_ext.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00088064 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\usb_ext.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00167936 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32gui.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00018432 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32event.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00046080 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\_socket.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 01208320 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\_ssl.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00128512 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\_elementtree.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00127488 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\pyexpat.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00013824 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\common.time34.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00036864 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\_psutil_windows.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00038912 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32inet.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00525240 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\windows._lib_cacheinvalidation.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00011264 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32crypt.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00077312 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\wx._html2.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00027136 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\_multiprocessing.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00020480 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\_yappi.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00035840 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32process.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00686080 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\unicodedata.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00078848 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\wx._animate.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00123392 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\wx._wizard.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00024064 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32pipe.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00010240 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\select.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00025600 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32pdh.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00017408 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32profile.pyd
2016-03-22 10:01 - 2016-03-22 10:01 - 00022528 _____ () C:\Users\Nutzer\AppData\Local\Temp\_MEI70682\win32ts.pyd
2014-01-27 15:46 - 2014-01-27 15:46 - 00241664 _____ () C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\libupnp.dll
2014-01-27 15:46 - 2014-01-27 15:46 - 00984064 _____ () C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\libxml2.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-12 23:39 - 2012-09-12 23:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00123918 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 01026062 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00524460 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 02949660 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 01798570 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00115214 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 03095505 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 21565192 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00712704 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00031744 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00046080 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00032768 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00516608 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00243200 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2015-11-17 18:47 - 2015-11-17 18:47 - 00431616 _____ () C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2016-02-15 09:04 - 2016-02-15 09:04 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\7b13d2efeacfb9e3d842fb2f97375a4c\PSIClient.ni.dll
2013-03-04 21:50 - 2013-11-01 11:16 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]
AlternateDataStreams: C:\Users\Nutzer\Downloads\AVG AntiVirus Pro - CHIP-Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\ChromeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\edrawmax-de.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\googledrivesync(2).exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Gothic_3_Downloader.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Gothic_3_EE_Patch_v1.75.14_Int_Full.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\InstallPrano_FZR1420_JRE_64bit.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Java_Update.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\mediago_setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\roomeon_3D-Planer_DE_1.6.2(1).exe.part:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\roomeon_3D-Planer_DE_1.6.2.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Total Commander - CHIP-Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Wise Care 365 Pro - CHIP-Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\Nutzer\Downloads\Wolfenstein Enemy Territory - CHIP-Installer.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7867 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzer\Desktop\FC_Cloud\Bilder\Flügelbilder\1301898213-3565-1.jpg
DNS Servers: 139.7.30.126 - 139.7.30.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{DE664960-97F3-49CB-9CFD-DE6C68922764}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{11EC010B-DCBD-49A8-ADC8-B285F50EC219}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{E3A0A688-6434-4523-9E9C-3327483AA7FA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{07F74C0C-3394-4EC9-8C59-753BDBCBA79D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{4288196C-A26B-476E-BC10-4003D396D378}] => (Allow) C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe
FirewallRules: [{AD46657E-EFC7-418F-AFA3-16A54CE04FEE}] => (Allow) C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe
FirewallRules: [{5251E192-F0DD-4DC1-B751-0BD9433DC820}] => (Allow) C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\QuickConnect\AxentraSmartShortcut.exe
FirewallRules: [{4148DF4A-0108-4C66-8E42-F94AD9C058AA}] => (Allow) C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\QuickConnect\AxentraSmartShortcut.exe
FirewallRules: [UDP Query User{6FA29AA1-D104-498E-99FE-7ABDF98EBDC9}C:\program files (x86)\medion\lifecloud desktop applications\quickconnect\axentrasmartshortcut.exe] => (Allow) C:\program files (x86)\medion\lifecloud desktop applications\quickconnect\axentrasmartshortcut.exe
FirewallRules: [TCP Query User{1E0056D1-F40C-4684-948D-CAB2BBC49853}C:\program files (x86)\medion\lifecloud desktop applications\quickconnect\axentrasmartshortcut.exe] => (Allow) C:\program files (x86)\medion\lifecloud desktop applications\quickconnect\axentrasmartshortcut.exe
FirewallRules: [UDP Query User{83E1E1BF-20AA-4B74-A676-F402D5240AEF}C:\program files (x86)\medion\lifecloud desktop applications\hipservagent\hipservagent.exe] => (Allow) C:\program files (x86)\medion\lifecloud desktop applications\hipservagent\hipservagent.exe
FirewallRules: [TCP Query User{88D21185-C5C4-4405-8BBA-62D004C0AF78}C:\program files (x86)\medion\lifecloud desktop applications\hipservagent\hipservagent.exe] => (Allow) C:\program files (x86)\medion\lifecloud desktop applications\hipservagent\hipservagent.exe
FirewallRules: [{682DA164-CD3D-45E3-9242-490E1573C48B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1562EAF5-9ABC-4757-8B71-BD459DD4F1CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{32258EE4-0328-4140-8892-70ECFC9456F8}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{C63CFCB7-B6BA-498D-B54B-F7DE57980497}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{4E6D30F0-AB16-4CFE-9CBE-345C94B57C43}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BBAB7B4F-8FB9-41E3-B140-562172F4AF4A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5620BA2A-62F8-4ABD-8F7A-210798A77AB8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6AFC0200-CFED-4099-BDEF-A2332C1B8FFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91FCE51E-CD3D-4B0D-B3DF-604C702FF424}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3BB61C0D-51B8-4BE3-97A8-83428F3F03AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [UDP Query User{F7E1EC01-1401-4194-BCFB-F810A4157E65}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{FB0BC6C3-79DE-4D48-9179-E80B430B12B3}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{106D224A-BB1E-4AF5-B6A3-53574BB9B919}] => (Allow) LPort=1900
FirewallRules: [{119718C1-3415-47C9-B99C-B8D2A3589390}] => (Allow) LPort=2869
FirewallRules: [{439ED1CB-493B-4EE3-B06F-BD651778C19E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{695154E4-57DA-4220-AFF0-980593538F85}] => (Allow) LPort=53
FirewallRules: [{DB4BA0BA-41AB-412A-BDBF-872E8FE29FB6}] => (Allow) LPort=1542
FirewallRules: [{AC1E35EA-C243-4A7C-9E9E-D36C2399A23F}] => (Allow) LPort=1542
FirewallRules: [UDP Query User{DCE67709-9176-4E2F-A088-A3C1BFC75116}C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{C787F85F-2770-4F0B-B975-645CA132A0F2}C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{222F3BA3-7297-4B13-B6A9-47BDF9FC1183}] => (Allow) C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C479CB8A-20E6-426E-838E-6688F225114F}] => (Allow) C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{76D8CA19-8750-4783-AB3D-3712B9040595}] => (Allow) F:\fsetup.exe
FirewallRules: [{583A2BA8-4183-4DFB-A033-82D4AF97B442}] => (Allow) F:\fsetup.exe
FirewallRules: [{6EE37AD8-CFC8-4D0A-9DE3-A7785F3A0E25}] => (Allow) F:\fsetup.exe
FirewallRules: [{87BCF88E-4A3B-47E0-96DE-52A04F5DA7FA}] => (Allow) F:\fsetup.exe
FirewallRules: [{7E9EBBA3-B3EE-451D-9167-F5ECBADE271B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8795FCCB-5A51-4CF7-9405-46E68AB3F8A4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A28665AF-323F-4293-B410-E1F440A63421}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{38151839-3884-4393-9FBD-959EA25C8530}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{075DA87F-1851-4A19-B783-66F9ABA165AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{60E3ADC5-0DFC-45BE-8AC2-B94696435674}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AC0C5C6B-60E6-41FD-8187-08940AFE0A97}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{5368AE24-9E3E-4490-990C-A03D0617A10F}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{B5B03075-DA0E-41CA-ADF3-71781EB1A904}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F5302B0D-8460-436D-B5CC-A469D59044A4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{230656C5-BB2A-46B8-9E4D-602BFB687740}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{50019326-535E-4B34-AB0B-7EFEB0A9E9B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A003391B-E2A7-4EB8-A3E9-9C9CBE73A667}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4ECFC9F8-ABD9-4B30-B7B9-8C13B20FEB5E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E473CA51-5A31-43DE-B157-116A22A6E992}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{F5381E0E-6583-4F35-98F8-8AB48E7E106D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{1F5C98DF-95A6-4CFA-A065-1AD36EB54F73}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{DEFAE08E-E253-4DAF-B262-B1DE2FF4DE41}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{917228C7-882E-45C2-9E3E-CE7B48A5129B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C80274D7-740D-43F3-990C-3570809EDF50}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{1474EC85-9DDC-45F6-B72D-76394AEA7882}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

21-03-2016 21:02:53 Removed NetSpeedMonitor 2.5.4.0 x64

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/22/2016 10:47:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f39ae
Name des fehlerhaften Moduls: SettingsHandlers_StorageSense.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3d87
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000174b9
ID des fehlerhaften Prozesses: 0x25e0
Startzeit der fehlerhaften Anwendung: 0xSystemSettings.exe0
Pfad der fehlerhaften Anwendung: SystemSettings.exe1
Pfad des fehlerhaften Moduls: SystemSettings.exe2
Berichtskennung: SystemSettings.exe3
Vollständiger Name des fehlerhaften Pakets: SystemSettings.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettings.exe5

Error: (03/22/2016 09:49:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f39ae
Name des fehlerhaften Moduls: SettingsHandlers_StorageSense.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3d87
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000174b9
ID des fehlerhaften Prozesses: 0x2abc
Startzeit der fehlerhaften Anwendung: 0xSystemSettings.exe0
Pfad der fehlerhaften Anwendung: SystemSettings.exe1
Pfad des fehlerhaften Moduls: SystemSettings.exe2
Berichtskennung: SystemSettings.exe3
Vollständiger Name des fehlerhaften Pakets: SystemSettings.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettings.exe5

Error: (03/22/2016 09:47:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f39ae
Name des fehlerhaften Moduls: SettingsHandlers_StorageSense.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3d87
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000174b9
ID des fehlerhaften Prozesses: 0x26e4
Startzeit der fehlerhaften Anwendung: 0xSystemSettings.exe0
Pfad der fehlerhaften Anwendung: SystemSettings.exe1
Pfad des fehlerhaften Moduls: SystemSettings.exe2
Berichtskennung: SystemSettings.exe3
Vollständiger Name des fehlerhaften Pakets: SystemSettings.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettings.exe5

Error: (03/22/2016 09:46:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f39ae
Name des fehlerhaften Moduls: SettingsHandlers_StorageSense.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3d87
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000174b9
ID des fehlerhaften Prozesses: 0xc4
Startzeit der fehlerhaften Anwendung: 0xSystemSettings.exe0
Pfad der fehlerhaften Anwendung: SystemSettings.exe1
Pfad des fehlerhaften Moduls: SystemSettings.exe2
Berichtskennung: SystemSettings.exe3
Vollständiger Name des fehlerhaften Pakets: SystemSettings.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettings.exe5

Error: (03/22/2016 09:45:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f39ae
Name des fehlerhaften Moduls: SettingsHandlers_StorageSense.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3d87
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000174b9
ID des fehlerhaften Prozesses: 0x191c
Startzeit der fehlerhaften Anwendung: 0xSystemSettings.exe0
Pfad der fehlerhaften Anwendung: SystemSettings.exe1
Pfad des fehlerhaften Moduls: SystemSettings.exe2
Berichtskennung: SystemSettings.exe3
Vollständiger Name des fehlerhaften Pakets: SystemSettings.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettings.exe5

Error: (03/22/2016 09:43:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f39ae
Name des fehlerhaften Moduls: SettingsHandlers_StorageSense.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3d87
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000174b9
ID des fehlerhaften Prozesses: 0x2db8
Startzeit der fehlerhaften Anwendung: 0xSystemSettings.exe0
Pfad der fehlerhaften Anwendung: SystemSettings.exe1
Pfad des fehlerhaften Moduls: SystemSettings.exe2
Berichtskennung: SystemSettings.exe3
Vollständiger Name des fehlerhaften Pakets: SystemSettings.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettings.exe5

Error: (03/22/2016 09:42:48 AM) (Source: MsiInstaller) (EventID: 11704) (User: Nutzer-HP)
Description: Produkt: Paragon Drive Copy™ 2015 Kompakt -- Fehler 1704. Eine Installation von NWZ-E380 WALKMAN Guide ist im Augenblick unterbrochen. Sie müssen die von dieser Installation vorgenommenen Änderungen rückgängig machen, bevor Sie fortfahren können. Möchten Sie diese Änderungen rückgängig machen?

Error: (03/22/2016 09:33:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30171

Error: (03/22/2016 09:33:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 30171

Error: (03/22/2016 09:33:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (03/22/2016 10:28:58 AM) (Source: DCOM) (EventID: 10016) (User: Nutzer-HP)
Description: ComputerstandardLokalAktivierung{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}Nutzer-HPNutzerS-1-5-21-3737527253-1174571278-2646331852-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarS-1-15-2-3098402258-2313120233-3446569799-462817069-2539914602-559085744-3024337872

Error: (03/22/2016 10:01:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/22/2016 10:01:08 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS

Error: (03/22/2016 10:01:08 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (03/22/2016 10:01:04 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT-AUTORITÄT)
Description: Fehler "126" beim Laden der Kennwortbenachrichtigungs-DLL "c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll". Stellen Sie sicher, dass der in der Registrierung definierte DLL-Pfad "HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages" sich auf einen korrekten und absoluten Pfad (<Laufwerk>:\<Pfad>\<Dateiname>.<Erw.>) bezieht und nicht auf einen relativen oder ungültigen Pfad. Wenn der DLL-Pfad falsch ist, stellen Sie sicher, dass sich alle Hilfsdateien im gleichen Verzeichnis befinden und dass das Systemkonto sowohl auf den DLL-Pfad als auch die Hilfsdateien Lesezugriff hat.  Wenden Sie sich an den Anbieter der Benachrichtigungs-DLL, um weitere Unterstützung zu erhalten. Weitere Informationen finden Sie im Internet unter "hxxp://go.microsoft.com/fwlink/?LinkId=245898".

Error: (03/22/2016 10:00:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WWAN - automatische Konfiguration" wurde mit folgendem Fehler beendet: 
%%997

Error: (03/22/2016 10:00:31 AM) (Source: DCOM) (EventID: 10010) (User: Nutzer-HP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (03/22/2016 10:00:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/22/2016 09:30:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/22/2016 09:30:03 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS


CodeIntegrity:
===================================
  Date: 2016-03-22 10:35:14.660
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-22 09:47:50.797
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-22 09:47:50.744
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-22 09:45:25.926
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-22 09:45:25.891
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-22 09:40:59.106
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-22 09:40:59.083
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-22 09:36:50.251
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-22 09:36:50.230
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-22 09:35:50.191
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8055.55 MB
Verfügbarer physikalischer RAM: 4882.61 MB
Summe virtueller Speicher: 16247.55 MB
Verfügbarer virtueller Speicher: 12820.11 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:214.92 GB) (Free:82.36 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.91 GB) FAT32
Drive g: (HP_RECOVERY) (Fixed) (Total:21.25 GB) (Free:3.24 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 2F9A7B5F)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=214.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         
--- --- ---

Alt 22.03.2016, 11:03   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.03.2016, 12:15   #11
SirTobi
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Hab Mbar zweifach durchgeführt und angeblich ist nichts mehr auf dem Rechner zu finden.
Anbei die Mbar Datei.


Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
main: v2016.03.22.03
rootkit: v2016.03.12.01

Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16724
Nutzer :: NUTZER-HP [administrator]

22.03.2016 11:12:35
mbar-log-2016-03-22 (11-12-35).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 542397
Time elapsed: 20 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 108
C:\Program Files (x86)\mbot_de_014010244\predm.exe (Adware.EoRezo) -> Delete on reboot. [18b34d3db2e7e1554983fe5bdf213ac6]
C:\Users\Nutzer\AppData\Local\Temp\awhEFD.tmp (Adware.Downloader) -> Delete on reboot. [87445b2ff1a8b086be4a619e728f7090]
C:\Users\Nutzer\AppData\Local\Temp\is-3PAC1.tmp\setup.exe (Adware.EoRezo) -> Delete on reboot. [bd0e1179aeebae88bb044b8f17ea35cb]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6b1 (Adware.EoRezo) -> Delete on reboot. [824998f24356c472daf2177f61a07e82]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6d6 (Adware.EoRezo) -> Delete on reboot. [5576d2b80d8c181e4587573f6a9739c7]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6de (Adware.EoRezo) -> Delete on reboot. [8c3f7713c0d983b36666ddb928d959a7]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6e0 (Adware.EoRezo) -> Delete on reboot. [14b77d0d9504fb3b46868e080ef307f9]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6e2 (Adware.EoRezo) -> Delete on reboot. [a427c6c4f9a0280e1cb04b4b3fc26a96]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6e4 (Adware.EoRezo) -> Delete on reboot. [66657f0b1f7a66d09a324d4926db36ca]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6e6 (Adware.EoRezo) -> Delete on reboot. [745723677c1d57df13b92373d829be42]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6e8 (Adware.EoRezo) -> Delete on reboot. [c8030486455486b0a6260f87827f37c9]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp00000030 (Adware.EoRezo) -> Delete on reboot. [b3188efceeab5bdb5874484e976a7a86]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp00000040 (Adware.EoRezo) -> Delete on reboot. [4b80cbbf8c0de650f6d616806b96946c]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp0000004a (Adware.EoRezo) -> Delete on reboot. [b417d4b6a4f5ee489a322472a25fb64a]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp000000a5 (Adware.EoRezo) -> Delete on reboot. [9b3009818217d46268644a4ccc35738d]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp000000d2 (Adware.EoRezo) -> Delete on reboot. [6c5f642648515adc3e8ebadcf50c926e]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp000000d7 (Adware.EoRezo) -> Delete on reboot. [903b1971bfda0b2b24a8b8ded62b41bf]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp000000ff (Adware.EoRezo) -> Delete on reboot. [3695a1e9e1b8e650feced7bfb54cfa06]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp00000100 (Adware.EoRezo) -> Delete on reboot. [e2e9aedc4257ee483b91e8ae4cb54db3]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp00000115 (Adware.EoRezo) -> Delete on reboot. [577499f1ddbc0a2c27a51185867b0000]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp0000028a (Adware.EoRezo) -> Delete on reboot. [9932ef9bedac44f25874fe98ae53c33d]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp000002cd (Adware.EoRezo) -> Delete on reboot. [11ba8efcf8a1b383cb01316528d9a858]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c50 (Adware.EoRezo) -> Delete on reboot. [4b805a306732999d75570d8925dc04fc]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bae (Adware.EoRezo) -> Delete on reboot. [fccfa7e3c6d36fc7dfed088e26db3ac6]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bba (Adware.EoRezo) -> Delete on reboot. [24a7206a4455f541cb0176202ad73bc5]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bc2 (Adware.EoRezo) -> Delete on reboot. [1bb095f5207948eeb01c21754bb67090]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bc4 (Adware.EoRezo) -> Delete on reboot. [e8e322681e7beb4b903cbdd9a1607b85]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bc7 (Adware.EoRezo) -> Delete on reboot. [23a8d8b2eaaf70c605c798fed031fd03]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bc8 (Adware.EoRezo) -> Delete on reboot. [5972f8922673d75fddef7f1745bc758b]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bf2 (Adware.EoRezo) -> Delete on reboot. [587363278910a1952ca0bed8b9489070]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bf4 (Adware.EoRezo) -> Delete on reboot. [c00b2a60108940f613b99303936eec14]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bf6 (Adware.EoRezo) -> Delete on reboot. [21aa56343f5a2a0ca7258115c839aa56]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bfb (Adware.EoRezo) -> Delete on reboot. [715aabdf5d3cfb3ba3293f57e61b5ca4]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c05 (Adware.EoRezo) -> Delete on reboot. [5774bad04257db5b10bc02949b663cc4]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c0d (Adware.EoRezo) -> Delete on reboot. [a12a4c3e633672c407c5ade98e737c84]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c11 (Adware.EoRezo) -> Delete on reboot. [efdc1f6b5c3d0b2bdbf1aee857aab34d]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c15 (Adware.EoRezo) -> Delete on reboot. [e8e3fa903e5b6fc70dbff1a5b54ccc34]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c40 (Adware.EoRezo) -> Delete on reboot. [b219cebcd0c9979fab211d79b74ae719]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c41 (Adware.EoRezo) -> Delete on reboot. [42894545b9e0f244d6f6fd99b74a9a66]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c48 (Adware.EoRezo) -> Delete on reboot. [e8e3e3a7e9b037ff0ebe7e184bb66997]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c4b (Adware.EoRezo) -> Delete on reboot. [28a33654b4e539fda428cdc9926f8977]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c4c (Adware.EoRezo) -> Delete on reboot. [c704e2a88c0da492eddf306632cf07f9]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c52 (Adware.EoRezo) -> Delete on reboot. [3d8ee0aa356416203399a2f411f0956b]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c56 (Adware.EoRezo) -> Delete on reboot. [8843cdbd1683f73f9933bcda778a768a]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c6e (Adware.EoRezo) -> Delete on reboot. [6962ec9e0594f24454785145c041e020]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c83 (Adware.EoRezo) -> Delete on reboot. [26a5f694bddc063065672a6c55ac847c]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c87 (Adware.EoRezo) -> Delete on reboot. [656655356d2c9f97a329afe721e0e020]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c89 (Adware.EoRezo) -> Delete on reboot. [84471f6b613875c115b72571fe03a957]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c8f (Adware.EoRezo) -> Delete on reboot. [a526b8d2bddc0a2cd7f54a4c1ae746ba]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c99 (Adware.EoRezo) -> Delete on reboot. [47847f0b8712092d27a56630de237f81]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007ca1 (Adware.EoRezo) -> Delete on reboot. [deed5b2f1e7b2016547897ff5ba64ab6]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007ca3 (Adware.EoRezo) -> Delete on reboot. [deed04860e8b132310bc6a2c4ab716ea]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007cb1 (Adware.EoRezo) -> Delete on reboot. [cffc5634ebaeda5cd6f68e08a35ef20e]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007d9e5 (Adware.EoRezo) -> Delete on reboot. [00cb3852178205316765e5b1ae538c74]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007d9f4 (Adware.EoRezo) -> Delete on reboot. [f1da701a6f2a3ef8b418dfb79170c23e]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007d9ff (Adware.EoRezo) -> Delete on reboot. [e5e61476dbbe3cfa11bbd7bfaf52fc04]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007da07 (Adware.EoRezo) -> Delete on reboot. [a724c2c8b2e7a492ab212e6868997090]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007da17 (Adware.EoRezo) -> Delete on reboot. [8d3e2b5f1b7e2c0aa4288511dc25c13f]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007da7c (Adware.EoRezo) -> Delete on reboot. [22a90e7ca7f2f4423399395d1be65fa1]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007da84 (Adware.EoRezo) -> Delete on reboot. [cdfe2b5f7d1c31051eaeb2e47b8602fe]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007da98 (Adware.EoRezo) -> Delete on reboot. [03c898f2336623137656484e44bdc937]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dab2 (Adware.EoRezo) -> Delete on reboot. [2e9d46449603ed49e1ebeea8e12046ba]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dace (Adware.EoRezo) -> Delete on reboot. [2aa172189dfcf343b715f2a46c955fa1]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db10 (Adware.EoRezo) -> Delete on reboot. [b91279113c5da98df5d714822cd58c74]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db34 (Adware.EoRezo) -> Delete on reboot. [cffcfd8ddebb9c9ad6f6e5b104fd669a]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db40 (Adware.EoRezo) -> Delete on reboot. [79527812227795a1d5f7e8ae0100817f]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db48 (Adware.EoRezo) -> Delete on reboot. [edde0585fe9b1521616b43533dc44cb4]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db50 (Adware.EoRezo) -> Delete on reboot. [6566503a118852e46567f99d996801ff]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db58 (Adware.EoRezo) -> Delete on reboot. [e6e58dfd7c1dac8a2e9e7026cb36a55b]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db80 (Adware.EoRezo) -> Delete on reboot. [5f6cf694019860d6b5177c1a926f3ec2]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db94 (Adware.EoRezo) -> Delete on reboot. [8d3e5e2ce8b1af879c30197d4fb258a8]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dcd4 (Adware.EoRezo) -> Delete on reboot. [18b3cdbdb2e7bb7b53794a4c7889b24e]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dce3 (Adware.EoRezo) -> Delete on reboot. [fccfc3c78f0aae88d9f39600a55c30d0]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dce4 (Adware.EoRezo) -> Delete on reboot. [b417e3a790090e28a8249afc58a9639d]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dcec (Adware.EoRezo) -> Delete on reboot. [e4e7cfbbbadf74c2fad2078f986901ff]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dcf9 (Adware.EoRezo) -> Delete on reboot. [d3f8c6c4465331058e3e7a1ca859f808]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd05 (Adware.EoRezo) -> Delete on reboot. [7655a9e13960b77f4a821383cb36db25]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd39 (Adware.EoRezo) -> Delete on reboot. [c40724667b1e67cfffcd7a1c02ff30d0]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd4a (Adware.EoRezo) -> Delete on reboot. [804ba2e82e6b42f4527a5f37aa57a759]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd70 (Adware.EoRezo) -> Delete on reboot. [d3f816741e7bd56178548e08748d34cc]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd83 (Adware.EoRezo) -> Delete on reboot. [14b70f7b148595a1a02c9df99170748c]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd8e (Adware.EoRezo) -> Delete on reboot. [339872183b5e34024587573f31d07b85]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007ddb3 (Adware.EoRezo) -> Delete on reboot. [5e6d642697022511bb119cfa976aa25e]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007ddd1 (Adware.EoRezo) -> Delete on reboot. [408bd5b59009bc7af2da870f629fe21e]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de02 (Adware.EoRezo) -> Delete on reboot. [cdfec3c784158aacbb114e48f01133cd]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de24 (Adware.EoRezo) -> Delete on reboot. [f4d7f199bfdaf541ae1e2d69f70ad32d]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de2c (Adware.EoRezo) -> Delete on reboot. [15b65238dabf69cd6a627c1ab34e847c]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de34 (Adware.EoRezo) -> Delete on reboot. [8a413f4b45542b0b6864781ea160669a]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de40 (Adware.EoRezo) -> Delete on reboot. [49829bef1089a98df0dc0096e1206997]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de48 (Adware.EoRezo) -> Delete on reboot. [a12a46448316b87e5973c0d6679a946c]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dfd2 (Adware.EoRezo) -> Delete on reboot. [12b938527a1fb2844c807422ea1736ca]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dfde (Adware.EoRezo) -> Delete on reboot. [bb10adddfc9d1422d5f7187ec73a4fb1]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dfe1 (Adware.EoRezo) -> Delete on reboot. [fccfc5c56534003618b47026847dc040]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dffd (Adware.EoRezo) -> Delete on reboot. [7457d3b7d7c2ff37fcd000966998a55b]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e01a (Adware.EoRezo) -> Delete on reboot. [b615ddad5e3b49ed8745f1a55da4a15f]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0a7 (Adware.EoRezo) -> Delete on reboot. [47847c0e6633e3532e9e197dd8297090]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0b3 (Adware.EoRezo) -> Delete on reboot. [715ab9d13a5f2214bc1074229c65fd03]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0ca (Adware.EoRezo) -> Delete on reboot. [359603871e7b6accf7d5dabcf20f649c]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0e2 (Adware.EoRezo) -> Delete on reboot. [c6055832386157df05c7eaac71901fe1]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0e3 (Adware.EoRezo) -> Delete on reboot. [99327e0c65348da924a8276f7988ee12]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0eb (Adware.EoRezo) -> Delete on reboot. [a427b8d2f5a4dd592d9fe7afc73a53ad]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e1af (Adware.EoRezo) -> Delete on reboot. [2c9f71190891a5919f2d2175a75a35cb]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e1b0 (Adware.EoRezo) -> Delete on reboot. [5c6fef9bbddc1521deee573f6b966898]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e1d1 (Adware.EoRezo) -> Delete on reboot. [4b80a3e79ffa3bfb78549006639ea45c]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e1d3 (Adware.EoRezo) -> Delete on reboot. [b11ab1d9c4d5bd793b91d8be15ec7888]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e1d5 (Adware.EoRezo) -> Delete on reboot. [4685c3c7108989ad22aa870fc63b619f]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db60 (Adware.EoRezo) -> Delete on reboot. [a8235c2eb5e4bb7b8e3ef6a0738e2ed2]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de10 (Adware.EoRezo) -> Delete on reboot. [54778a00e5b4b87e7f4d9cfa79889e62]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Alt 22.03.2016, 12:37   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.03.2016, 12:42   #13
SirTobi
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Danke für den Hinweis, unnötig mehr Arbeit will ich Dir nicht machen. Entschuldigung
Hier ein neuer Versuche:


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.03.22.03
  rootkit: v2016.03.12.01

Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16724
Nutzer :: NUTZER-HP [administrator]

22.03.2016 11:12:35
mbar-log-2016-03-22 (11-12-35).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 542397
Time elapsed: 20 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 108
C:\Program Files (x86)\mbot_de_014010244\predm.exe (Adware.EoRezo) -> Delete on reboot. [18b34d3db2e7e1554983fe5bdf213ac6]
C:\Users\Nutzer\AppData\Local\Temp\awhEFD.tmp (Adware.Downloader) -> Delete on reboot. [87445b2ff1a8b086be4a619e728f7090]
C:\Users\Nutzer\AppData\Local\Temp\is-3PAC1.tmp\setup.exe (Adware.EoRezo) -> Delete on reboot. [bd0e1179aeebae88bb044b8f17ea35cb]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6b1 (Adware.EoRezo) -> Delete on reboot. [824998f24356c472daf2177f61a07e82]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6d6 (Adware.EoRezo) -> Delete on reboot. [5576d2b80d8c181e4587573f6a9739c7]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6de (Adware.EoRezo) -> Delete on reboot. [8c3f7713c0d983b36666ddb928d959a7]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6e0 (Adware.EoRezo) -> Delete on reboot. [14b77d0d9504fb3b46868e080ef307f9]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6e2 (Adware.EoRezo) -> Delete on reboot. [a427c6c4f9a0280e1cb04b4b3fc26a96]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6e4 (Adware.EoRezo) -> Delete on reboot. [66657f0b1f7a66d09a324d4926db36ca]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6e6 (Adware.EoRezo) -> Delete on reboot. [745723677c1d57df13b92373d829be42]
C:\Windows\Temp\b10e4d4a-4881-4c13-9729-30f405dbc3e8\tmp00007183\tmp0000c6e8 (Adware.EoRezo) -> Delete on reboot. [c8030486455486b0a6260f87827f37c9]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp00000030 (Adware.EoRezo) -> Delete on reboot. [b3188efceeab5bdb5874484e976a7a86]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp00000040 (Adware.EoRezo) -> Delete on reboot. [4b80cbbf8c0de650f6d616806b96946c]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp0000004a (Adware.EoRezo) -> Delete on reboot. [b417d4b6a4f5ee489a322472a25fb64a]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp000000a5 (Adware.EoRezo) -> Delete on reboot. [9b3009818217d46268644a4ccc35738d]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp000000d2 (Adware.EoRezo) -> Delete on reboot. [6c5f642648515adc3e8ebadcf50c926e]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp000000d7 (Adware.EoRezo) -> Delete on reboot. [903b1971bfda0b2b24a8b8ded62b41bf]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp000000ff (Adware.EoRezo) -> Delete on reboot. [3695a1e9e1b8e650feced7bfb54cfa06]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp00000100 (Adware.EoRezo) -> Delete on reboot. [e2e9aedc4257ee483b91e8ae4cb54db3]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp00000115 (Adware.EoRezo) -> Delete on reboot. [577499f1ddbc0a2c27a51185867b0000]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp0000028a (Adware.EoRezo) -> Delete on reboot. [9932ef9bedac44f25874fe98ae53c33d]
C:\Windows\Temp\ca57cf30-2705-44a3-a597-375f117c2db7\tmp00007135\tmp000002cd (Adware.EoRezo) -> Delete on reboot. [11ba8efcf8a1b383cb01316528d9a858]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c50 (Adware.EoRezo) -> Delete on reboot. [4b805a306732999d75570d8925dc04fc]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bae (Adware.EoRezo) -> Delete on reboot. [fccfa7e3c6d36fc7dfed088e26db3ac6]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bba (Adware.EoRezo) -> Delete on reboot. [24a7206a4455f541cb0176202ad73bc5]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bc2 (Adware.EoRezo) -> Delete on reboot. [1bb095f5207948eeb01c21754bb67090]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bc4 (Adware.EoRezo) -> Delete on reboot. [e8e322681e7beb4b903cbdd9a1607b85]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bc7 (Adware.EoRezo) -> Delete on reboot. [23a8d8b2eaaf70c605c798fed031fd03]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bc8 (Adware.EoRezo) -> Delete on reboot. [5972f8922673d75fddef7f1745bc758b]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bf2 (Adware.EoRezo) -> Delete on reboot. [587363278910a1952ca0bed8b9489070]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bf4 (Adware.EoRezo) -> Delete on reboot. [c00b2a60108940f613b99303936eec14]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bf6 (Adware.EoRezo) -> Delete on reboot. [21aa56343f5a2a0ca7258115c839aa56]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007bfb (Adware.EoRezo) -> Delete on reboot. [715aabdf5d3cfb3ba3293f57e61b5ca4]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c05 (Adware.EoRezo) -> Delete on reboot. [5774bad04257db5b10bc02949b663cc4]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c0d (Adware.EoRezo) -> Delete on reboot. [a12a4c3e633672c407c5ade98e737c84]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c11 (Adware.EoRezo) -> Delete on reboot. [efdc1f6b5c3d0b2bdbf1aee857aab34d]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c15 (Adware.EoRezo) -> Delete on reboot. [e8e3fa903e5b6fc70dbff1a5b54ccc34]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c40 (Adware.EoRezo) -> Delete on reboot. [b219cebcd0c9979fab211d79b74ae719]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c41 (Adware.EoRezo) -> Delete on reboot. [42894545b9e0f244d6f6fd99b74a9a66]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c48 (Adware.EoRezo) -> Delete on reboot. [e8e3e3a7e9b037ff0ebe7e184bb66997]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c4b (Adware.EoRezo) -> Delete on reboot. [28a33654b4e539fda428cdc9926f8977]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c4c (Adware.EoRezo) -> Delete on reboot. [c704e2a88c0da492eddf306632cf07f9]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c52 (Adware.EoRezo) -> Delete on reboot. [3d8ee0aa356416203399a2f411f0956b]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c56 (Adware.EoRezo) -> Delete on reboot. [8843cdbd1683f73f9933bcda778a768a]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c6e (Adware.EoRezo) -> Delete on reboot. [6962ec9e0594f24454785145c041e020]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c83 (Adware.EoRezo) -> Delete on reboot. [26a5f694bddc063065672a6c55ac847c]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c87 (Adware.EoRezo) -> Delete on reboot. [656655356d2c9f97a329afe721e0e020]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c89 (Adware.EoRezo) -> Delete on reboot. [84471f6b613875c115b72571fe03a957]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c8f (Adware.EoRezo) -> Delete on reboot. [a526b8d2bddc0a2cd7f54a4c1ae746ba]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007c99 (Adware.EoRezo) -> Delete on reboot. [47847f0b8712092d27a56630de237f81]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007ca1 (Adware.EoRezo) -> Delete on reboot. [deed5b2f1e7b2016547897ff5ba64ab6]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007ca3 (Adware.EoRezo) -> Delete on reboot. [deed04860e8b132310bc6a2c4ab716ea]
C:\Windows\Temp\dbb07ed2-c343-4905-b2f7-9623beefb77d\tmp0000357f\tmp00007cb1 (Adware.EoRezo) -> Delete on reboot. [cffc5634ebaeda5cd6f68e08a35ef20e]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007d9e5 (Adware.EoRezo) -> Delete on reboot. [00cb3852178205316765e5b1ae538c74]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007d9f4 (Adware.EoRezo) -> Delete on reboot. [f1da701a6f2a3ef8b418dfb79170c23e]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007d9ff (Adware.EoRezo) -> Delete on reboot. [e5e61476dbbe3cfa11bbd7bfaf52fc04]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007da07 (Adware.EoRezo) -> Delete on reboot. [a724c2c8b2e7a492ab212e6868997090]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007da17 (Adware.EoRezo) -> Delete on reboot. [8d3e2b5f1b7e2c0aa4288511dc25c13f]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007da7c (Adware.EoRezo) -> Delete on reboot. [22a90e7ca7f2f4423399395d1be65fa1]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007da84 (Adware.EoRezo) -> Delete on reboot. [cdfe2b5f7d1c31051eaeb2e47b8602fe]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007da98 (Adware.EoRezo) -> Delete on reboot. [03c898f2336623137656484e44bdc937]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dab2 (Adware.EoRezo) -> Delete on reboot. [2e9d46449603ed49e1ebeea8e12046ba]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dace (Adware.EoRezo) -> Delete on reboot. [2aa172189dfcf343b715f2a46c955fa1]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db10 (Adware.EoRezo) -> Delete on reboot. [b91279113c5da98df5d714822cd58c74]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db34 (Adware.EoRezo) -> Delete on reboot. [cffcfd8ddebb9c9ad6f6e5b104fd669a]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db40 (Adware.EoRezo) -> Delete on reboot. [79527812227795a1d5f7e8ae0100817f]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db48 (Adware.EoRezo) -> Delete on reboot. [edde0585fe9b1521616b43533dc44cb4]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db50 (Adware.EoRezo) -> Delete on reboot. [6566503a118852e46567f99d996801ff]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db58 (Adware.EoRezo) -> Delete on reboot. [e6e58dfd7c1dac8a2e9e7026cb36a55b]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db80 (Adware.EoRezo) -> Delete on reboot. [5f6cf694019860d6b5177c1a926f3ec2]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db94 (Adware.EoRezo) -> Delete on reboot. [8d3e5e2ce8b1af879c30197d4fb258a8]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dcd4 (Adware.EoRezo) -> Delete on reboot. [18b3cdbdb2e7bb7b53794a4c7889b24e]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dce3 (Adware.EoRezo) -> Delete on reboot. [fccfc3c78f0aae88d9f39600a55c30d0]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dce4 (Adware.EoRezo) -> Delete on reboot. [b417e3a790090e28a8249afc58a9639d]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dcec (Adware.EoRezo) -> Delete on reboot. [e4e7cfbbbadf74c2fad2078f986901ff]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dcf9 (Adware.EoRezo) -> Delete on reboot. [d3f8c6c4465331058e3e7a1ca859f808]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd05 (Adware.EoRezo) -> Delete on reboot. [7655a9e13960b77f4a821383cb36db25]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd39 (Adware.EoRezo) -> Delete on reboot. [c40724667b1e67cfffcd7a1c02ff30d0]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd4a (Adware.EoRezo) -> Delete on reboot. [804ba2e82e6b42f4527a5f37aa57a759]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd70 (Adware.EoRezo) -> Delete on reboot. [d3f816741e7bd56178548e08748d34cc]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd83 (Adware.EoRezo) -> Delete on reboot. [14b70f7b148595a1a02c9df99170748c]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dd8e (Adware.EoRezo) -> Delete on reboot. [339872183b5e34024587573f31d07b85]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007ddb3 (Adware.EoRezo) -> Delete on reboot. [5e6d642697022511bb119cfa976aa25e]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007ddd1 (Adware.EoRezo) -> Delete on reboot. [408bd5b59009bc7af2da870f629fe21e]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de02 (Adware.EoRezo) -> Delete on reboot. [cdfec3c784158aacbb114e48f01133cd]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de24 (Adware.EoRezo) -> Delete on reboot. [f4d7f199bfdaf541ae1e2d69f70ad32d]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de2c (Adware.EoRezo) -> Delete on reboot. [15b65238dabf69cd6a627c1ab34e847c]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de34 (Adware.EoRezo) -> Delete on reboot. [8a413f4b45542b0b6864781ea160669a]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de40 (Adware.EoRezo) -> Delete on reboot. [49829bef1089a98df0dc0096e1206997]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de48 (Adware.EoRezo) -> Delete on reboot. [a12a46448316b87e5973c0d6679a946c]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dfd2 (Adware.EoRezo) -> Delete on reboot. [12b938527a1fb2844c807422ea1736ca]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dfde (Adware.EoRezo) -> Delete on reboot. [bb10adddfc9d1422d5f7187ec73a4fb1]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dfe1 (Adware.EoRezo) -> Delete on reboot. [fccfc5c56534003618b47026847dc040]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007dffd (Adware.EoRezo) -> Delete on reboot. [7457d3b7d7c2ff37fcd000966998a55b]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e01a (Adware.EoRezo) -> Delete on reboot. [b615ddad5e3b49ed8745f1a55da4a15f]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0a7 (Adware.EoRezo) -> Delete on reboot. [47847c0e6633e3532e9e197dd8297090]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0b3 (Adware.EoRezo) -> Delete on reboot. [715ab9d13a5f2214bc1074229c65fd03]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0ca (Adware.EoRezo) -> Delete on reboot. [359603871e7b6accf7d5dabcf20f649c]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0e2 (Adware.EoRezo) -> Delete on reboot. [c6055832386157df05c7eaac71901fe1]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0e3 (Adware.EoRezo) -> Delete on reboot. [99327e0c65348da924a8276f7988ee12]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e0eb (Adware.EoRezo) -> Delete on reboot. [a427b8d2f5a4dd592d9fe7afc73a53ad]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e1af (Adware.EoRezo) -> Delete on reboot. [2c9f71190891a5919f2d2175a75a35cb]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e1b0 (Adware.EoRezo) -> Delete on reboot. [5c6fef9bbddc1521deee573f6b966898]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e1d1 (Adware.EoRezo) -> Delete on reboot. [4b80a3e79ffa3bfb78549006639ea45c]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e1d3 (Adware.EoRezo) -> Delete on reboot. [b11ab1d9c4d5bd793b91d8be15ec7888]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007e1d5 (Adware.EoRezo) -> Delete on reboot. [4685c3c7108989ad22aa870fc63b619f]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007db60 (Adware.EoRezo) -> Delete on reboot. [a8235c2eb5e4bb7b8e3ef6a0738e2ed2]
C:\Windows\Temp\838928ca-62ae-4dce-bb84-8007683398d1\tmp00004b36\tmp0007de10 (Adware.EoRezo) -> Delete on reboot. [54778a00e5b4b87e7f4d9cfa79889e62]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 22.03.2016, 12:43   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Anleiotung zu MBAR komplett gelesen? Was sollst du tun, wenn MBAR etwas findet?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.03.2016, 12:47   #15
SirTobi
 
Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Standard

Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.



Ja, habe ich. Hab Mbar zweifach ausgeführt und es gab keine neuen Ergebnisse:
Anbei das Protokoll vom zweiten Scan.


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.03.22.03
  rootkit: v2016.03.12.01

Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16724
Nutzer :: NUTZER-HP [administrator]

22.03.2016 11:38:12
mbar-log-2016-03-22 (11-38-12).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 541939
Time elapsed: 18 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Antwort

Themen zu Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.
ad-aware, antivir, antivirus, avg, avira, bonjour, desktop, dnsapi.dll, entfernen, firefox, flash player, google, homepage, keygen, langsam, malware, mozilla, patched.ren.gen; luhe.fiha.a., prozesse, registry, scan, services.exe, software, system, trojaner, trojaner board, windows



Ähnliche Themen: Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A.


  1. ctrlo.co Malware lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 07.03.2016 (7)
  2. Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware]
    Log-Analyse und Auswertung - 01.08.2015 (17)
  3. Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware
    Log-Analyse und Auswertung - 10.09.2014 (11)
  4. RR Saving - Malware lässt sich nicht entfernen!
    Plagegeister aller Art und deren Bekämpfung - 27.05.2014 (7)
  5. AVG findet nach Entfernung erneut Luhe.Fiha.A
    Plagegeister aller Art und deren Bekämpfung - 22.05.2014 (9)
  6. 2x RR Saving - Malware lässt sich nicht entfernen!
    Mülltonne - 19.05.2014 (1)
  7. RR Saving - Malware lässt sich nicht entfernen!
    Alles rund um Windows - 13.05.2014 (9)
  8. Win 7 Malware ExpKit.Gen3 lässt sich nicht entfernen
    Log-Analyse und Auswertung - 07.02.2014 (5)
  9. Systemwiederherstellungspunkte weg, Malware lässt sich nicht entfernen, Fehlermeldung bei Systemstart
    Plagegeister aller Art und deren Bekämpfung - 03.09.2013 (69)
  10. Malware TA/Sirefef.A.78 lässt sich nicht entfernen
    Log-Analyse und Auswertung - 17.05.2013 (3)
  11. Win64/Patched.A und Luhe.Sirefef.A gefunden
    Log-Analyse und Auswertung - 21.01.2013 (5)
  12. Unbekannter Trojaner und Malware lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 17.07.2012 (2)
  13. Antimalware Doctor - Malware lässt sich nicht komplett entfernen
    Plagegeister aller Art und deren Bekämpfung - 05.12.2010 (6)
  14. Backdoor Malware lässt sich nicht entfernen :-(
    Plagegeister aller Art und deren Bekämpfung - 30.06.2010 (19)
  15. Problem: Anti Malware Doctor lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 11.06.2010 (3)
  16. Anti Malware Doctor lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 01.06.2010 (5)
  17. anti malware doctore lässt sich nicht ganz entfernen
    Plagegeister aller Art und deren Bekämpfung - 09.05.2010 (14)

Zum Thema Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. - Liebes Trojaner Board, bei mir häufen sich die Probleme und irgendwie werde ich sie nicht mehr los. Ich habe versucht mich an Eure Anleitung zu orientieren und habe ein paar - Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A....
Archiv
Du betrachtest: Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.