Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojaner und Malware nach Installation von Programm

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 31.07.2016, 21:45   #16
phaos
 
Trojaner und Malware nach Installation von Programm - Standard

Trojaner und Malware nach Installation von Programm



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-07-2016
durchgeführt von Michael (2016-07-31 22:34:40)
Gestartet von C:\Users\Michael\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-13 04:27:47)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2586861132-1115668423-923210709-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2586861132-1115668423-923210709-503 - Limited - Disabled)
Gast (S-1-5-21-2586861132-1115668423-923210709-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2586861132-1115668423-923210709-1004 - Limited - Enabled)
Michael (S-1-5-21-2586861132-1115668423-923210709-1000 - Administrator - Enabled) => C:\Users\Michael
Unterricht (S-1-5-21-2586861132-1115668423-923210709-1005 - Limited - Enabled) => C:\Users\Unterricht

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACD/Labs Software in C:\ACDFREE12\ (HKLM-x32\...\ACDLabs in C__ACDFREE12_) (Version: v12.00, FREE - ACD/Labs)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version:  - )
AK Labor 2011 (HKLM-x32\...\{693D9054-A325-4254-96B9-5954329A6144}) (Version: 1.2.243 - AK Kappenberg)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avogadro (HKLM-x32\...\Avogadro) (Version: 1.1.0 - Humanity)
Basic FX Suite (HKLM-x32\...\InstallShield_{45BBAD53-80DB-4DD2-9C50-B5E09EFFAEA7}) (Version: 1.0.0 - Yamaha Corporation)
Basic FX Suite (Version: 1.0.0 - Yamaha Corporation) Hidden
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
Camel Audio Alchemy64 (HKLM-x32\...\Camel Audio Alchemy64) (Version: 1.25.0 - Camel Audio)
capella professional 2008 (HKLM-x32\...\{3EA428C9-0B98-4E71-A4C5-4F6A98EA2774}) (Version: 6.00.9200 - capella-software)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP)
Client Security - Password Manager (HKLM\...\{3FD730D4-755F-439B-8082-B55E00924A44}) (Version: 8.30.0045.00 - Lenovo Group Limited)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.43.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
CVPiano-Modeled (HKLM-x32\...\CVPiano-Modeled) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0316 - DT Soft Ltd)
DarkWave Studio 4.1.7 (HKLM-x32\...\DarkWave Studio) (Version: 4.1.7 - ExperimentalScene)
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.43.1 - Dropbox, Inc.) Hidden
Elemente Chemie Arbeitsblätter 1 (HKLM-x32\...\{0C9D0858-4CFD-4AA4-8863-EC6CD8EDFBDD}) (Version: 1.00 - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.2.1182 - Steinberg Media Technologies GmbH)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.0.0.10960 - Landesfinanzdirektion Thüringen)
Epson Event Manager (HKLM-x32\...\{116DBCAF-9544-4592-9156-AC99F6C2D426}) (Version: 3.10.0016 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.1.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
Game of Life (HKLM-x32\...\GameOfLife) (Version: 1.5 - Edwin Martin)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (x32 Version: 1.3.2.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.07 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\cbe8636f7dd0cf1d) (Version: 1.5.1.0 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.062.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0013 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.7.5.0 - Hermann Schinagl)
LMMS 1.1.3 (HKLM-x32\...\LMMS) (Version: 1.1.3 - LMMS Developers)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MediaCoder 2011 (HKLM-x32\...\MediaCoder) (Version: 2011 - Broad Intelligence)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive for Business 2013 - de-de (HKLM\...\GrooveRetail - de-de) (Version: 15.0.4841.1002 - Microsoft Corporation)
Microsoft OneNote 2013 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 15.0.4841.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 2 (HKLM-x32\...\{D0969A82-E79E-45D9-95D2-B2824880F780}) (Version: 2.0.2 - Werner Schweer and Others)
Neue Zeitschrift f Musik (HKLM-x32\...\com.mirado.app.desktop.NeueZeitschriftFurMusik) (Version: 6.1.73 - Schott Music GmbH & Co. KG)
Neue Zeitschrift f Musik (x32 Version: 6.1.73 - Schott Music GmbH & Co. KG) Hidden
Nexus Radio (HKLM-x32\...\{8763793B-4D7D-49C8-A859-5C582EC02640}) (Version: 5.6.6 - Talam Group, LLC)
NVIDIA PhysX v8.10.29 (HKLM-x32\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1041 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 38.0.2220.41 (HKLM-x32\...\Opera 38.0.2220.41) (Version: 38.0.2220.41 - Opera Software)
Orbital Viewer (HKLM-x32\...\Orbital Viewer) (Version:  - )
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Pfadfinder 2.0 (HKLM-x32\...\{26160589-3DEA-4CE4-A040-C06D836F69C6}) (Version: 2.0.30 - Bildungshaus Schulbuchverlage GmbH, Braunschweig)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.52 - NCH Software)
PureSync (x32 Version: 3.8.1 - Jumping Bytes) Hidden
PureSync 3.8.1 (HKLM-x32\...\PureSync) (Version: 3.8.1 - Jumping Bytes)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
roomeon 3D-Planer (HKLM-x32\...\{E94EF5B3-85D9-40C0-97DB-FA2BB29814E5}) (Version: 1.6.2 - roomeon GmbH)
Rund um (2.0) ... Chemie heute Einführungsphase NRW (HKLM-x32\...\{EB566FB2-5390-4E7D-A7A0-2E879721A3D2}) (Version: 1.00.0000 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Rund um (2.0) ... Chemie heute Qualifikationsphase NRW (HKLM-x32\...\{C23AF385-C5F1-4A80-9740-229094C6B224}) (Version: 1.00.0000 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Rund um (2.0) ... Chemie heute SI - Kontext (HKLM-x32\...\{1A39EA92-E934-4839-B079-0B4277153EC2}) (Version: 1.00.0000 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 5.10 (64-bit) (HKLM\...\Sandboxie) (Version: 5.10 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Sibelius 6 (HKLM-x32\...\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}) (Version: 6.0.0 - Sibelius Software)
Sibelius Scorch (Firefox, Opera, Netscape, Chrome only) (HKLM-x32\...\{41626CC0-A854-4402-AD06-D7939515C282}) (Version: 6.2.0 - Sibelius Software, a division of Avid Technology, Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version:  - )
Steinberg Cubase LE AI Elements 8 64bit (HKLM\...\{C801D1E6-30E3-46BE-368D-0106B42CCE17}) (Version: 8.0.35 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.20 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.20 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg UR44 Applications (HKLM-x32\...\InstallShield_{198D55AF-37B4-4463-A61C-94C9136B7BF2}) (Version: 2.0.0 - Yamaha Corporation)
Steinberg UR44 Applications (Version: 2.0.0 - Yamaha Corporation) Hidden
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
streamWriter (HKLM-x32\...\streamWriter_is1) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.85 - Synaptics Incorporated)
Syncrosoft Lizenz Kontrolle (HKLM-x32\...\Syncrosoft License Control) (Version:  - SIA Syncrosoft)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.97 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.75 - Lenovo)
TV-Browser 3.1RC2 (HKLM-x32\...\tvbrowser) (Version: 3.1RC2 - TV-Browser Team)
Unreal Tournament 3 (LG) (HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}) (Version: 1.00.0000 - Epic Games)
Unreal Tournament 3 (LG) (x32 Version: 1.00.0000 - Epic Games) Hidden
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version:  - )
WhatsApp (HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\WhatsApp) (Version: 0.2.1061 - WhatsApp)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel (MEIx64) System  (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows-Treiberpaket - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows-Treiberpaket - Intel USB  (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows-Treiberpaket - Lenovo (LenovoRd) SmartCardReader  (05/11/2009 4.1.0.1) (HKLM\...\9B84710FFAE6C50914FCE568B59E426F1386E7F6) (Version: 05/11/2009 4.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO steuer:Sparbuch 2016 (HKLM-x32\...\{326DB1CE-FDC8-4F44-B1DF-CEBF1326CDFC}) (Version: 23.05.1404 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{44C43F5B-BF5D-4B70-9B81-EB9A51228617}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{A6BA3C40-EA3A-4A23-A02D-DC25EFBAF093}) (Version: 1.8.3 - Yamaha Corporation)
Yamaha Steinberg USB Driver (Version: 1.8.3 - Yamaha Corporation) Hidden
Zattoo Live TV (HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\6d7aa3e3bf931c56) (Version: 1.0.0.47 - Zattoo Europa AG)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2586861132-1115668423-923210709-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2586861132-1115668423-923210709-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2586861132-1115668423-923210709-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2586861132-1115668423-923210709-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2586861132-1115668423-923210709-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2586861132-1115668423-923210709-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2586861132-1115668423-923210709-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0C024F80-4649-46C6-B10A-AC92E95BEC8C} - System32\Tasks\EPSON XP-610 Series Update {A5F51BBB-EA1E-4DB3-B131-F9A8D5B170F1} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {0CEB39A4-E2EE-404A-89D1-64ADBEEA8C5C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {0D12E138-D7F3-4DE3-851F-896D8297FD0E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0F3D2144-5143-4334-B51F-E209ADA72B68} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {10E8A59C-7492-423A-877F-7A9FF56D976A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {22E17761-DBE3-41C9-A88E-52C2C0156E00} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {26E63843-B9EC-44A7-AB23-6AE27919EF90} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {2CD452C0-09EA-4A81-BADC-0B4CCADA167C} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-09-29] ()
Task: {2F3BE966-56D2-46EF-BEFC-E7AB642FEA01} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {2F3F5400-EA15-4D2F-8B97-C6EB0E27BE14} - System32\Tasks\{E302369F-4416-437F-847D-90F5926ADF54} => pcalua.exe -a C:\Users\Michael\Desktop\Musikprogramme\KRISTAL_AE_Setup_dml.exe -d C:\Users\Michael\Desktop\Musikprogramme
Task: {3BF8607E-CC88-4A25-BF0F-D98D9BD2C5E7} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2586861132-1115668423-923210709-1000 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {3CAA32AD-684F-4974-8405-7133F84BEB05} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe control iMControllerService 128
Task: {47A8009C-2CB7-4B2D-AC88-1FCEA7213291} - System32\Tasks\Mlekgrocach Server => C:\Program Files (x86)\Mlekgrocach\MlekgrocachserverTask.exe <==== ACHTUNG
Task: {4CB00FE0-BAAF-46A8-A3C2-F73C69316F1C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4D8B70E8-6923-4F26-9FEE-D1C11773D95F} - System32\Tasks\Trusted Insatller => C:\Users\Michael\AppData\Local\Temp\BUHX49BZO\K4VZILAON.exe [2016-07-29] () <==== ACHTUNG
Task: {5017CCDB-5242-4734-BB9C-B62613A99011} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {51376539-ABC9-4D03-BA8C-B8967D76978B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {55241966-A525-483A-80B3-912957AB1D5B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {58296C58-069E-4908-888A-3AEF3DFFDCDA} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {5A410E04-11C2-4024-8002-799914156DBC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {5BA07DE9-AFE8-4F78-BA8C-DD084C955095} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {5C40BB70-B96A-45D8-9966-73E4A5109376} - System32\Tasks\{B65DDBAB-1B1F-4E33-AEDC-4DC927F163F1} => pcalua.exe -a C:\Users\Michael\Desktop\Synaptics_v15_2_20_C_XP64_Vista64_Win7-64_Signed_Marketing_SGS94_UI-Scrybe.exe -d C:\Users\Michael\Desktop
Task: {63F4A3F2-352C-4773-A114-06E8C9AE1C11} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe [2011-03-30] (Lenovo Group Limited)
Task: {6620AE60-7FD9-4C82-852A-4C59BE211304} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6D8247F1-2793-44EA-8594-F74737F2A75E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {70DE389C-1BF0-4A63-B1A1-EE9455422552} - System32\Tasks\EPSON XP-610 Series Invitation {84F84767-3990-4920-92EB-9378C9E762A4} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {81B9AE31-23E3-4E62-BCFF-F4E245BF02F6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {83393ADC-A165-41F4-97BF-2D5C1A5B770F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {8A6F6665-22CB-4A09-87C6-E04B977D0151} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {99034466-6566-4A91-A140-35788A3AA45B} - System32\Tasks\EPSON XP-610 Series Invitation {A5F51BBB-EA1E-4DB3-B131-F9A8D5B170F1} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {9AD258D4-FA3C-4752-BD25-9C1C92ABB6D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {A1B491D2-3F94-4DA5-950F-B488DE727980} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A57CDDA4-929F-4106-A334-0367875C4063} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {BD13DE06-B699-47D0-9469-B0D784E0E16C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BD48051B-8673-4A23-B73A-2C5088B28570} - System32\Tasks\EPSON XP-610 Series Update {84F84767-3990-4920-92EB-9378C9E762A4} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {BDEBD14F-6EDE-4FE2-85A7-C053DDA39F67} - System32\Tasks\{9E85E0E7-2E1F-4CD8-9A69-05BCDD1CF25C} => pcalua.exe -a C:\Downloads\MML_Installer-v1.5.4090.2(1).exe -d C:\Windows\SysWOW64 -c /embed"{EB54ABB8-E70B-43D5-8C8F-4DB880F8356F}" /hide_splash /hide_progress /runprerequisites"Language,Motorola,MotorolaMediaLink,SUE" /l1031
Task: {C421AFD3-E9F2-44A7-BEC8-03ACB2E8E28C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {C79A93CB-CFE1-4A24-8597-5CB7CCBDAFA3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {CBF5BBC6-8397-42A6-8C88-968311A3945A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {CE47A082-0881-4AA7-A508-83DDCD3488D0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D223161B-365D-496A-AAD9-F18997F84221} - System32\Tasks\Opera scheduled Autoupdate 1422526577 => C:\Program Files (x86)\Opera\launcher.exe [2016-07-01] (Opera Software)
Task: {D8D937D2-8E84-4F41-AA15-368D19A4AD0A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {D98C6D61-054B-41BE-BF91-67CCD7846385} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {E16D10A5-B7D6-47F5-874B-A9F02CF6B288} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-07] (Dropbox, Inc.)
Task: {EA37BCE6-3039-4A99-9769-3E5D20BBE018} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-07] (Dropbox, Inc.)
Task: {EF19F11F-F341-48CA-B4EF-EE727F3EC5D8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {F030A6A8-E074-454D-B7A5-A6AB8E738883} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {F1C5AE8B-4725-4396-966B-E04C50DC1BD2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F7CC83C4-F8B9-41BD-95F5-FACEBB6A99B0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-15] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {84F84767-3990-4920-92EB-9378C9E762A4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {A5F51BBB-EA1E-4DB3-B131-F9A8D5B170F1}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {84F84767-3990-4920-92EB-9378C9E762A4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{84F84767-3990-4920-92EB-9378C9E762A4} /F:Update WORKGROUP\MICHAEL-THINK$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {A5F51BBB-EA1E-4DB3-B131-F9A8D5B170F1}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{A5F51BBB-EA1E-4DB3-B131-F9A8D5B170F1} /F:Update WORKGROUP\MICHAEL-THINK$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2014-10-06 21:39 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-05-01 20:47 - 2014-05-27 11:42 - 02480640 _____ () C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe
2016-07-14 21:29 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-14 21:29 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-09 09:37 - 2016-07-09 09:37 - 00959168 _____ () C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-08-25 17:37 - 2010-10-26 10:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2009-05-27 22:09 - 2009-05-27 22:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2016-01-03 23:04 - 2015-12-24 18:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-03 23:04 - 2015-12-24 18:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-03 23:04 - 2015-12-24 18:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-03 23:04 - 2015-12-24 18:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-03 23:04 - 2015-12-24 18:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-03 23:04 - 2015-12-24 18:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-05-01 20:47 - 2014-06-02 09:40 - 00159744 _____ () C:\Program Files (x86)\KlimaLoggPro\sHID.dll
2012-09-06 20:18 - 2012-09-06 20:18 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2016-07-09 09:37 - 2016-07-09 09:37 - 00679624 _____ () C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
2016-02-23 22:00 - 2016-02-23 22:00 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2016-07-12 09:51 - 2016-06-07 03:58 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-07-12 09:51 - 2016-06-07 03:58 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-07-12 09:51 - 2016-06-07 03:59 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-07-12 09:51 - 2016-06-07 03:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-07-12 09:51 - 2016-06-07 03:58 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-07-12 09:51 - 2016-06-07 03:58 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-07-12 09:51 - 2016-06-07 03:58 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-07-12 09:51 - 2016-07-05 20:00 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-07-12 09:51 - 2016-06-07 03:58 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-07-12 09:51 - 2016-07-05 19:59 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-07-12 09:51 - 2016-06-07 03:59 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-07-12 09:51 - 2016-07-05 19:59 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-07-12 09:51 - 2016-07-05 19:59 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-07-12 09:51 - 2016-07-05 19:59 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-07-12 09:51 - 2016-06-07 03:58 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-07-12 09:51 - 2016-06-07 03:59 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-07-12 09:51 - 2016-07-05 19:59 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-07-12 09:51 - 2016-06-07 04:01 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-07-12 09:51 - 2016-07-05 20:00 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-07-12 09:51 - 2016-03-12 02:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-07-12 09:51 - 2016-07-05 20:00 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-12 09:51 - 2016-07-05 20:00 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-07-12 09:51 - 2016-06-07 03:59 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-07-12 09:51 - 2016-06-07 04:00 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-07-12 09:51 - 2016-07-05 20:00 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-02-23 22:00 - 2016-02-23 22:00 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2016-07-07 18:29 - 2016-07-07 18:28 - 67945512 _____ () C:\Program Files (x86)\Opera\38.0.2220.41\opera.dll
2004-09-30 19:09 - 2004-09-30 19:09 - 00155648 _____ () C:\Program Files\LinkShellExtension\32\RockallDLL.dll
2016-07-07 18:29 - 2016-07-07 18:27 - 02203176 _____ () C:\Program Files (x86)\Opera\38.0.2220.41\libglesv2.dll
2016-07-07 18:29 - 2016-07-07 18:27 - 00087080 _____ () C:\Program Files (x86)\Opera\38.0.2220.41\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-07-29 18:22 - 00001006 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2586861132-1115668423-923210709-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{37b26881-56f3-4308-a773-7512092a878f}.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKLM\...\StartupApproved\Run: => "AcWin7Hlpr"
HKLM\...\StartupApproved\Run: => "TpShocks"
HKLM\...\StartupApproved\Run: => "ALCKRESI.EXE"
HKLM\...\StartupApproved\Run: => "WINCOM1XF"
HKLM\...\StartupApproved\Run32: => "Lenovo Registration"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "RotateImage"
HKLM\...\StartupApproved\Run32: => "win_en_77"
HKLM\...\StartupApproved\Run32: => "DiskPower"
HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\StartupApproved\Run: => "PureSync"
HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\StartupApproved\Run: => "Todoist"
HKU\S-1-5-21-2586861132-1115668423-923210709-1000\...\StartupApproved\Run: => "SandboxieControl"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{6D24314E-3119-4BD8-923F-6DFFAB1F58C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6BD055DE-76E9-4974-81DC-27E9CE0A38CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{12CAC3F3-E0D7-45B8-85BB-68CE2486B4F7}C:\program files (x86)\chemie\ak labor\apps\analytik\ak_analytik.exe] => (Allow) C:\program files (x86)\chemie\ak labor\apps\analytik\ak_analytik.exe
FirewallRules: [TCP Query User{C489098C-4BA1-4F47-871F-74A7229FC88F}C:\program files (x86)\chemie\ak labor\apps\analytik\ak_analytik.exe] => (Allow) C:\program files (x86)\chemie\ak labor\apps\analytik\ak_analytik.exe
FirewallRules: [{3268F2AF-6871-41DB-923C-5C1FAC416785}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll
FirewallRules: [{EA0FDF3E-3043-4C6C-A3FB-4998D28C6495}] => (Allow) C:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll
FirewallRules: [{DBD25340-B271-4541-8713-183CBD0CBE3B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2977539E-65D7-4204-B12F-C68FC7962265}] => (Allow) LPort=2869
FirewallRules: [{70FD64E0-C525-4C05-A48D-8CD64E1074C7}] => (Allow) LPort=1900
FirewallRules: [{5C34C991-D11A-463C-A58E-92E4D1337B49}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{2E52EAA0-380B-4630-A26B-640CA51EF89E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{A579BEEE-F809-4F21-A774-75960C36FD78}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{1B7024BA-7075-4E83-A66D-024EEBFB6AB1}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{A5B6FCDD-D10B-406C-AF87-77007ED8E83C}] => (Allow) C:\Program Files (x86)\Sibelius Software\Sibelius 6\RegTool.exe
FirewallRules: [{DD0142B1-3FE1-445E-AF8A-611AED8220F1}] => (Allow) C:\Program Files (x86)\Sibelius Software\Sibelius 6\RegTool.exe
FirewallRules: [{6299B5BD-BBAF-4015-B8DE-21F603FBC5BF}] => (Allow) C:\Program Files (x86)\Sibelius Software\Sibelius 6\Sibelius.exe
FirewallRules: [{073793D6-B665-417F-9FEB-D5804CBB88EA}] => (Allow) C:\Program Files (x86)\Sibelius Software\Sibelius 6\Sibelius.exe
FirewallRules: [{3FBED521-59BB-4AF1-BF85-E1CEB047B371}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{94F04B63-DBEA-4EA1-BB2C-7D5FC68F5732}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{54974C09-257B-4D76-B0AC-6140867B8A99}] => (Allow) LPort=7000
FirewallRules: [{F4BB98BA-7DDB-459D-8E68-650D62161B8C}] => (Allow) LPort=7000
FirewallRules: [{818B1811-CC99-4F88-AC37-9B05C6350522}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{4ECEB428-867E-413D-B963-30A729585D51}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{E49B60EF-8679-4888-AFFF-89209EA21D5E}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{C129BBF8-1621-4167-A481-E8406F10346F}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [TCP Query User{C58A92BF-3823-49DC-B465-0D18B70225AE}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{BB300CA1-55E6-449F-B2C1-5A5C007CA36B}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{2F659FCA-A4C5-447E-81E2-EB9EE669D982}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{0822A0FB-B315-47C7-81F0-CB76E84BA0F8}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{C0302F42-991B-4DCD-ACEB-0431796E2403}C:\program files (x86)\icq7.6\icq.exe] => (Block) C:\program files (x86)\icq7.6\icq.exe
FirewallRules: [UDP Query User{C8695427-2CCC-491B-AECA-1469D5613B14}C:\program files (x86)\icq7.6\icq.exe] => (Block) C:\program files (x86)\icq7.6\icq.exe
FirewallRules: [TCP Query User{CB3D8434-B830-4B1C-BE65-23A13B0E3B52}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [UDP Query User{B9EDB111-0E2A-402B-A515-3A7C744F4AB4}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [TCP Query User{D1FF42F8-1BF6-406F-A2D5-DDAA15E4E307}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{A3689BE1-22DF-4AB3-82EF-5F1EC757D108}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{0A9BD459-DD2A-45A3-8937-FDC7DABED46E}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{BA001D51-C737-4063-8BE4-8043BAE278E6}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{92B3A897-601D-4E68-A8D8-A9CA3728511A}C:\program files (x86)\yworks\yed\yed.exe] => (Allow) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [UDP Query User{58B69B6B-B741-4A6F-971A-C667D8B55CBB}C:\program files (x86)\yworks\yed\yed.exe] => (Allow) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [{9392ADDF-2686-4AFE-A068-1693065822D4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{FD29BA3D-7932-46C9-A2A4-77EF3EE2EF71}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{F9D1982D-AC69-4F23-B694-33B45D89386D}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{725B8E07-9982-40BB-AF1D-F0E900C82FE1}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{12368D31-10C2-4FF9-9CEF-085AEF50B824}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{C381864A-3229-4B05-A96A-1B4AFA2B2654}] => (Allow) C:\Users\Michael\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{E458BFD9-0A03-447D-B981-DB513AB2C592}] => (Allow) C:\Users\Michael\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{88D33606-5C1A-4BC9-8D24-711EF29AF1A8}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{DFA00868-E10B-4A09-B3C1-2DE9D00A2A45}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{58F71815-A91A-4195-9805-24F6081F701B}C:\program files (x86)\java\jre6\bin\java.exe] => (Block) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{4C54E269-6AD0-4E5B-B144-A7FDD70461E7}C:\program files (x86)\java\jre6\bin\java.exe] => (Block) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{13DDFF76-D54A-4FDE-BC86-82E25F3C57E3}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{5E177679-468A-45EF-A677-74D9ACD2E6AB}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [{CD490C46-C029-4ACA-B67E-BCAEAE387E1B}] => (Allow) C:\Program Files (x86)\Unreal Tournament 3 (LG)\Binaries\UT3.exe
FirewallRules: [{EAD30099-F99F-4883-A763-1F087BF9F883}] => (Allow) C:\Program Files (x86)\Unreal Tournament 3 (LG)\Binaries\UT3.exe
FirewallRules: [TCP Query User{383001AD-D928-411F-BBDE-8948F83360AE}C:\program files (x86)\unreal tournament 3 (lg)\binaries\ut3.exe] => (Block) C:\program files (x86)\unreal tournament 3 (lg)\binaries\ut3.exe
FirewallRules: [UDP Query User{4194F6A4-A3FE-4846-9608-9A07A1CDF983}C:\program files (x86)\unreal tournament 3 (lg)\binaries\ut3.exe] => (Block) C:\program files (x86)\unreal tournament 3 (lg)\binaries\ut3.exe
FirewallRules: [{2D749A40-E4C5-42AA-9571-9DF2AB07108D}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{28DC6CA6-F76A-45E6-96DB-87663628AF1C}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{35A0C917-EC31-45EB-8623-E457E65A20B7}] => (Allow) F:\AliceCD.exe
FirewallRules: [{7541B2EF-542E-4800-A8B1-E3EE4B4EC7DF}] => (Allow) F:\AliceCD.exe
FirewallRules: [{6E459634-3D4D-44E9-8785-293D88EE7CDA}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{8EB963F0-FED5-49AA-90CB-9D27AC20DF99}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [TCP Query User{D744DA33-D4A6-422C-AE33-4EE0F263AE1F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{E6048202-824C-46E7-8921-BD40F62C9C2D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{508A2AE3-6E8C-431B-9AD0-2DBC54CA1B3E}C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A06B23A3-0BFD-409B-B8A0-CB9FDFD0C4D6}C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{8284F8B0-C38B-4EA1-AD29-17E8801863D4}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{65949211-9846-47AB-9A79-365E74B8D82D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{8FCBE61B-6507-4A62-877E-1E82029DC258}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{A0FF35E7-5E88-41AC-B85B-3FD15E442D71}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{D3F9A4FC-F973-4340-A548-7F3C9ADAD3F0}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [TCP Query User{3903ABF2-AB2A-4D70-85AC-04410ED4BBA4}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{0B53C5B1-2E0F-4A70-B574-6E324E8D8925}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{C5761105-8E6E-449D-8307-6EDA00F8CE12}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{9C39AAF9-9A8A-4667-B689-EDD134AC63E8}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{F9605DA8-25DA-46DC-B045-B625765EF328}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{B965D477-00B9-4C0E-9DBC-EB5826F5447F}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [TCP Query User{BBB8BDCF-7EC0-41FE-9769-DE02B830B28B}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{E9627EDB-990E-44F3-9A01-FE2A2A73A13A}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{7022DC8E-5522-4A31-9259-FA46C209DA20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CFE21C25-1B79-4255-BE78-44CA3CF3A133}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C27B8D1D-C547-4574-9492-5EDE95259C0D}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{32BE8A32-B772-48BC-B699-E34C26F77706}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{46D3C949-35A0-4207-BB89-2FB2324A45F9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B556CAA5-5D71-46C0-AE18-4A5EE1FEB5B5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{1241EDA2-C93E-43D8-972C-FE88BBC7E353}C:\program files (x86)\chemie\ak labor\apps\analytik\ak_analytik.exe] => (Block) C:\program files (x86)\chemie\ak labor\apps\analytik\ak_analytik.exe
FirewallRules: [UDP Query User{9D92BF27-AB71-4471-87AB-8183E731318C}C:\program files (x86)\chemie\ak labor\apps\analytik\ak_analytik.exe] => (Block) C:\program files (x86)\chemie\ak labor\apps\analytik\ak_analytik.exe
FirewallRules: [TCP Query User{158C1A49-C409-430E-9671-269D4981A48C}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{7EF1C1F2-4988-4BB6-8E03-C148A447DE30}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{BD4638B4-AA48-4DA4-9FB5-7F361FFEA96F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{5E6140F5-0CC3-4451-BD9C-E503C3F58509}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{8DCA769A-6CF3-4ABE-AD64-BB1E21B225A7}] => (Allow) C:\Users\Michael\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{C963A0D6-CF9D-4481-AAA7-73F3809DFE6D}] => (Allow) C:\Users\Michael\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{31ED561B-3B62-40F9-90E4-9D0567882190}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{826BB120-BD05-4F4F-899C-C73037EFE412}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{4AFCC1FB-13A7-49D8-9A8C-8E5FA10C72ED}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{8298BBE9-33CD-4640-BB06-0ECA7D7E3F9B}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{52D08002-3923-4611-8E7C-8772A607C096}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{269DD9A1-DF83-4A2E-89F2-45252550414C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [TCP Query User{531F5866-C6AB-4846-B89D-AD0577CA0272}C:\program files (x86)\chemie\ak labor\apps\start\akstart.exe] => (Allow) C:\program files (x86)\chemie\ak labor\apps\start\akstart.exe
FirewallRules: [UDP Query User{3837E103-B438-434F-88E6-EFBEA0130AFF}C:\program files (x86)\chemie\ak labor\apps\start\akstart.exe] => (Allow) C:\program files (x86)\chemie\ak labor\apps\start\akstart.exe
FirewallRules: [TCP Query User{B89C6E03-6BE6-49DC-9146-3ECD7C5598DE}C:\program files\steinberg\cubase le ai elements 8\cubase le ai elements 8.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 8\cubase le ai elements 8.exe
FirewallRules: [UDP Query User{A0B8996C-94DA-48C0-BF3B-7C46B1C90A2F}C:\program files\steinberg\cubase le ai elements 8\cubase le ai elements 8.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 8\cubase le ai elements 8.exe
FirewallRules: [TCP Query User{F52DAA7B-EB8B-4276-9256-F989DAD6EBB8}C:\program files\steinberg\cubase le ai elements 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 8\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{80CFA9AE-B38E-4228-8250-5A526B8BC0F0}C:\program files\steinberg\cubase le ai elements 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 8\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{DF191E35-5C0F-4327-921C-7D8062DFF85C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{C44F8389-D4E5-4A92-9462-0C207CACA204}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{DDA3417F-C2C2-421A-AF22-45AABC40D2DA}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{E74707D6-94F1-486F-A9B9-8C2A40A9BEC7}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{9BDCB876-3F72-4129-AD2C-2CE7BA3962F1}] => (Allow) C:\Users\Michael\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{AB69CD5E-B3A2-4D6A-A0FD-81645801FD5B}] => (Allow) C:\Users\Michael\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{4638AFAD-93B1-4DCA-8DE2-570F4B262BE3}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{AA6F8691-A3DC-4D1A-B9AC-8F6A1C9F19A8}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{FC8FE4A7-6B09-4DE5-90D9-099BB0D44543}C:\program files (x86)\chemie\ak labor\apps\start\akstart.exe] => (Block) C:\program files (x86)\chemie\ak labor\apps\start\akstart.exe
FirewallRules: [UDP Query User{225AC2FD-F0AC-4FA1-B4B2-3E6254642BE3}C:\program files (x86)\chemie\ak labor\apps\start\akstart.exe] => (Block) C:\program files (x86)\chemie\ak labor\apps\start\akstart.exe
FirewallRules: [{E25C9CAB-C942-4E52-B201-1BC05054805A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Orbitdownloader\orbitnet.exe] => Enabled:Orbit
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\ChemSolve\AK_ChemSolve.exe] => Enabled:AK Labor - ChemSolve
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Gleichungen\AK_Gleichungen.exe] => Enabled:AK Labor - Gleichungen
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Mol\AK_Mol.exe] => Enabled:AK Labor - Mol und Co
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Riddle\AK_Riddle.exe] => Enabled:AK Labor - Riddle
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\TitraCalc\AK_TitraCalc.exe] => Enabled:AK Labor - Titra Calc
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\ChemRech\AK_ChemRech.exe] => Enabled:AK Labor - ChemRech
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\DerGrossePreis\AK_DerGrossePreis.exe] => Enabled:AK Labor - Der Grosse Preis
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Start\AKStart.exe] => Enabled:AK Labor - StartCenter
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Rasmol\AK_RasmolLader.exe] => Enabled:AK Labor - Rasmol Lader
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Animationen\AK_Animationen.exe] => Enabled:AK Labor - Animationen
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\TTT\AK_TTT.exe] => Enabled:AK Labor - Titrations Trocken Training
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\ElementeQuiz\AK_ElementeQuiz.exe] => Enabled:AK Labor - Elemente Quiz
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\cbk\AK_CBK.exe] => Enabled:AK Labor - Chemie Baukasten
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Hangman\AK_HangMan.exe] => Enabled:AK Labor - Hangman
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\ChemTest\AK_ChemikerTest.exe] => Enabled:AK Labor - Chemiker Test
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Nomenklatur\AK_Nomenklatur.exe] => Enabled:AK Labor - Formeln und Namen
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Master\AK_Master.exe] => Enabled:AK Labor - Master
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Teilchen\AK_Teilchen.exe] => Enabled:AK Labor - Teilchen Simulator
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Analytik\AK_Analytik.exe] => Enabled:AK Labor - AK Analytik
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Chemie\AK Labor\Apps\Sack\AK_Sack.exe] => Enabled:AK Labor - SACK

==================== Wiederherstellungspunkte =========================

21-07-2016 23:11:33 Removed Apple Software Update
29-07-2016 17:57:37 Windows Live Essentials
29-07-2016 17:59:40 WLSetup
30-07-2016 21:17:25 JRT Pre-Junkware Removal
31-07-2016 17:05:31 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Serieller PCI-Anschluss
Description: Serieller PCI-Anschluss
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/31/2016 10:38:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAEL-THINK)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/31/2016 10:33:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAEL-THINK)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/31/2016 10:31:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAEL-THINK)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/31/2016 10:31:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAEL-THINK)
Description: Bei der Aktivierung der App „Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/31/2016 10:28:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAEL-THINK)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/31/2016 10:28:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAEL-THINK)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/31/2016 10:28:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SearchUI.exe, Version: 10.0.10586.494, Zeitstempel: 0x5775e69a
Name des fehlerhaften Moduls: SearchUI.exe, Version: 10.0.10586.494, Zeitstempel: 0x5775e69a
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000001b05b7
ID des fehlerhaften Prozesses: 0x1874
Startzeit der fehlerhaften Anwendung: 0xSearchUI.exe0
Pfad der fehlerhaften Anwendung: SearchUI.exe1
Pfad des fehlerhaften Moduls: SearchUI.exe2
Berichtskennung: SearchUI.exe3
Vollständiger Name des fehlerhaften Pakets: SearchUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SearchUI.exe5

Error: (07/31/2016 10:28:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAEL-THINK)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/31/2016 10:28:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10586.494, Zeitstempel: 0x5775e94c
Name des fehlerhaften Moduls: ShellExperienceHost.exe, Version: 10.0.10586.494, Zeitstempel: 0x5775e94c
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000085831
ID des fehlerhaften Prozesses: 0xf90
Startzeit der fehlerhaften Anwendung: 0xShellExperienceHost.exe0
Pfad der fehlerhaften Anwendung: ShellExperienceHost.exe1
Pfad des fehlerhaften Moduls: ShellExperienceHost.exe2
Berichtskennung: ShellExperienceHost.exe3
Vollständiger Name des fehlerhaften Pakets: ShellExperienceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ShellExperienceHost.exe5

Error: (07/31/2016 10:28:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAEL-THINK)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (07/31/2016 10:38:46 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL-THINK)
Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider

Error: (07/31/2016 10:33:46 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL-THINK)
Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider

Error: (07/31/2016 10:31:00 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL-THINK)
Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider

Error: (07/31/2016 10:31:00 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL-THINK)
Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider

Error: (07/31/2016 10:28:47 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL-THINK)
Description: CortanaUI

Error: (07/31/2016 10:28:45 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL-THINK)
Description: App

Error: (07/31/2016 10:28:43 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL-THINK)
Description: CortanaUI

Error: (07/31/2016 10:28:41 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL-THINK)
Description: App

Error: (07/31/2016 10:28:37 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL-THINK)
Description: CortanaUI

Error: (07/31/2016 10:28:36 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL-THINK)
Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider


CodeIntegrity:
===================================
  Date: 2016-07-31 19:18:42.855
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-31 15:39:44.395
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-30 12:19:11.613
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-27 20:12:52.496
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-23 18:41:51.913
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-22 14:55:15.214
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-22 14:55:15.147
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-22 14:55:14.499
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-22 14:55:14.240
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-21 23:12:50.751
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 3979.23 MB
Verfügbarer physikalischer RAM: 1425.77 MB
Summe virtueller Speicher: 8075.23 MB
Verfügbarer virtueller Speicher: 5479.83 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:448.17 GB) (Free:65 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:5.9 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: AF5A50FB)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=807 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Und hast du zufällig irgendwas gesehen, warum mein Startmenü nicht mehr funktioniert? :/ Habs im abgesichterten Modus probiert, da geht es auch nicht...

Vg

Alt 31.07.2016, 22:16   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner und Malware nach Installation von Programm - Standard

Trojaner und Malware nach Installation von Programm



Da ist keine Malware. Man muss auch einfach mal akzeptieren, dass es Fehler in Windows gibt. Morgen/Übermorgen kommt ne neue Version von W10 heraus, dann kannst du immer noch weitersehen.
__________________

__________________

Alt 31.07.2016, 22:39   #18
phaos
 
Trojaner und Malware nach Installation von Programm - Standard

Trojaner und Malware nach Installation von Programm



Ok, vielen Dank soweit!
__________________

Alt 31.07.2016, 22:59   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner und Malware nach Installation von Programm - Standard

Trojaner und Malware nach Installation von Programm



edit: ...
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Geändert von cosinus (01.08.2016 um 13:17 Uhr)

Alt 01.08.2016, 13:18   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner und Malware nach Installation von Programm - Standard

Trojaner und Malware nach Installation von Programm



Sry ich gestern wohl zuviel von der schlechten Augenwurst gegessen

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Task: {47A8009C-2CB7-4B2D-AC88-1FCEA7213291} - System32\Tasks\Mlekgrocach Server => C:\Program Files (x86)\Mlekgrocach\MlekgrocachserverTask.exe <==== ACHTUNG
Task: {4D8B70E8-6923-4F26-9FEE-D1C11773D95F} - System32\Tasks\Trusted Insatller => C:\Users\Michael\AppData\Local\Temp\BUHX49BZO\K4VZILAON.exe [2016-07-29] () <==== ACHTUNG
C:\Program Files (x86)\Mlekgrocach
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Trojaner und Malware nach Installation von Programm
administrator, adobe flash player, avira, cubase, defender, explorer, flash player, google, installation, malware, microsoft, mozilla, opera, ordner, programm, programme, prozesse, registry, scan, software, symantec, system, teamspeak, trojaner, usb, windows



Ähnliche Themen: Trojaner und Malware nach Installation von Programm


  1. Nach einer Installation von einem Browser schlägt mein Antiviren Programm Avast immer Alarm.
    Log-Analyse und Auswertung - 12.04.2016 (27)
  2. Adware/Malware nach Jdownloader Installation
    Log-Analyse und Auswertung - 12.09.2015 (5)
  3. Nach Malwarebytes Anti-Malware Programm spinnt mein Pc
    Mülltonne - 05.06.2015 (5)
  4. Windows Vista: Nach dem Hochfahren werde ich nach Erlaubnis gefragt ob sich dieses Programm öffnen darf: shuka\UACGetter.exe, ein Trojaner?
    Log-Analyse und Auswertung - 03.01.2015 (13)
  5. Überall Werbung nach Installation von einem Programm
    Plagegeister aller Art und deren Bekämpfung - 01.01.2015 (18)
  6. Malware und Adware Befall nach Installation von "StreamTransport"
    Log-Analyse und Auswertung - 16.12.2014 (28)
  7. PC nach Installation von Malware immer langsamer
    Log-Analyse und Auswertung - 26.11.2014 (9)
  8. Nach ImgBurn Installation Malware gefunden
    Plagegeister aller Art und deren Bekämpfung - 24.09.2014 (15)
  9. Malware nach Installation von MyPhoneExplorer
    Log-Analyse und Auswertung - 11.09.2014 (12)
  10. viel Werbung bei Chrome auch nach Arbeit mit Anti-Malware-Programm
    Plagegeister aller Art und deren Bekämpfung - 18.08.2013 (13)
  11. Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (6)
  12. Virus/Malware verhindert Installation/Start jeglicher Anti-Malware/Virusprogramme
    Plagegeister aller Art und deren Bekämpfung - 03.02.2012 (17)
  13. Log-Analyse nach Trojaner/Malware befall (Malware.Trace / Trojan.BHO)
    Log-Analyse und Auswertung - 26.09.2011 (16)
  14. Malware.Packer.Gen nach Skype Installation
    Plagegeister aller Art und deren Bekämpfung - 30.09.2010 (1)
  15. Arge Probleme nach Installation von ConvertxToDVD - Trojaner?!
    Log-Analyse und Auswertung - 03.03.2009 (10)
  16. Trojaner gleich nach der Installation on board!
    Plagegeister aller Art und deren Bekämpfung - 09.05.2008 (4)
  17. Trojaner etc. nach Neu-Installation (offline!)
    Log-Analyse und Auswertung - 10.05.2006 (13)

Zum Thema Trojaner und Malware nach Installation von Programm - Code: Alles auswählen Aufklappen ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-07-2016 durchgeführt von Michael (2016-07-31 22:34:40) Gestartet von C:\Users\Michael\Desktop Windows 10 Pro Version 1511 (X64) (2015-12-13 - Trojaner und Malware nach Installation von Programm...
Archiv
Du betrachtest: Trojaner und Malware nach Installation von Programm auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.