Outbond Warnung durch Malewarebytes Windows 7

Helli1965 · 10.08.2016, 09:26

Hallo,
Malwarebytes meldet beim surfen Outbond Warnungen.
Ich habe einen scan damit laufen lassen, bei dem nichts gefunden wurde. Ebenso habe ich Kaspersky Internetsecurity scannen lassen, aber auch da ist jetzt nichts gefunden worden.

PC ist ein Windows 7

Vielen Dank schon mal für Eure Hilfe.

Dann hier der Code von FRST:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2016 01
durchgeführt von Helli (2016-08-10 10:05:16)
Gestartet von C:\Users\Helli\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-01 19:14:57)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2067386785-177352631-409754499-500 - Administrator - Disabled)
Gast (S-1-5-21-2067386785-177352631-409754499-501 - Limited - Enabled) => C:\Users\Gast
Helli (S-1-5-21-2067386785-177352631-409754499-1002 - Administrator - Enabled) => C:\Users\Helli
HomeGroupUser$ (S-1-5-21-2067386785-177352631-409754499-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
ALDI Bestellsoftware (HKLM-x32\...\ALDI Bestellsoftware) (Version: 5.0.1 - ORWO_Net)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Audio Converter 4.0.1 (HKLM-x32\...\Any Audio Converter_is1) (Version:  - Any-Audio-Converter.com)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.0.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Battlefield Play4Free (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
BOcncV2 (HKLM-x32\...\{123700E7-CAC7-48BB-B309-48FAFAC4FA2F}) (Version: 1.0.0 - Standardfirmenname)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
ChromecastApp (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
Creative Pack Volume 1 (HKLM-x32\...\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}) (Version: 3.0.1 - Corel Corporation)
CSS3 Menu (HKLM-x32\...\CSS3 Menu_is1) (Version:  - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.1928 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
DJI driver version 1.0 (HKLM-x32\...\{9A2C30EE-6E35-4479-B0E6-B1B47A54E8CD}_is1) (Version: 1.0 - DJI)
DJI NAZA-M LITE Assistant version 1.00 (HKLM-x32\...\{D8F3FE44-7EF0-4349-97EC-25DB781FB42F}_is1) (Version: 1.00 - DJI)
Dropbox (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
dslrBooth 5.6.30.4 (HKLM\...\{19FB8BF8-8E63-4542-8C79-D2B76CEDAB3F}) (Version: 5.6.30.4 - Hope Pictures LLC)
EASEUS Data Recovery Wizard Free Edition 5.5.1 (HKLM-x32\...\EASEUS Data Recovery Wizard Free Edition 5.5.1_is1) (Version:  - EASEUS)
Easy Button & Menu Maker 3 (HKLM-x32\...\Easy Button & Menu Maker_is1) (Version: 3.0 - Karlis Blumentals)
Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.20150309 - Landesfinanzdirektion Thüringen)
EPSON Print CD (HKLM-x32\...\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}) (Version:  - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Filmmaker's Toolkit for Studio (HKLM-x32\...\InstallShield_{2444562A-A7DC-42B8-A4D8-1BCF704B1480}) (Version: 1.0.1 - Red Giant)
Filmmaker's Toolkit for Studio (x32 Version: 1.0.1 - Red Giant) Hidden
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
FotoSketcher 2.42 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version:  - David THOIRON)
FoxTab Music Converter (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\FoxTab Music Converter) (Version:  - ) <==== ACHTUNG
FoxyDeal version 1.0.0 (HKLM-x32\...\FoxyDeal_is1) (Version: 1.0.0 - R&E Media GmbH) <==== ACHTUNG
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
Frontplatten Designer (HKLM-x32\...\Frontplatten Designer) (Version: 4.1.1 - Schaeffer AG)
FTP Commander (HKLM-x32\...\FTP Commander) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.2.1 - ghost-mouse.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
helo_usb_drv_x64 (HKLM-x32\...\{8169725C-186E-4F92-AE39-26611F45ACE3}) (Version: 1.00.0000 - HELO)
HeloCut 5 (HKLM-x32\...\{8580EDDE-ACD8-4AC5-A5A3-309C41B16BF4}) (Version: 5.09.8000 - )
HeloCut 5 (HKLM-x32\...\{BC79822D-3183-4AA0-AC02-E1DF4C4183EC}) (Version: 5.09.8000 - VECAP Software Solutions)
HeloCut5 Update (HKLM-x32\...\{FE440F55-D821-4F2E-B831-3A3A883D41EF}) (Version: 5.15.0000 - VECAP IT Solutions GmbH)
Hollywood FX Volumes 1-3 (HKLM-x32\...\{E3D181F8-246B-497F-945E-6DB98CBA6677}) (Version: 2.0.1 - Corel Corporation)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{368E4EF8-E840-40EE-A224-50B8D1DC2B12}) (Version: 2.4.33.0 - HTC)
HyperCam 3 (HKLM-x32\...\HyperCam 3) (Version: 3.2.1107.8 - Solveig Multimedia)
ImageMagick 6.9.1-2 Q16 (64-bit) (2015-05-15) (HKLM\...\ImageMagick 6.9.1 Q16 (64-bit)_is1) (Version: 6.9.1 - ImageMagick Studio LLC)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java(TM) 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417000FF}) (Version: 7.0.0 - Oracle)
Java(TM) 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217000FF}) (Version: 7.0.0 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2926 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Motion Graphics Toolkit for Studio (HKLM-x32\...\InstallShield_{E5C99F9E-E97D-40B6-BAFC-8BCBFF1031E4}) (Version: 1.0.1 - Red Giant)
Motion Graphics Toolkit for Studio (x32 Version: 1.0.1 - Red Giant) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.2.0.6025 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NetObjects Fusion 1&1 Edition (HKLM-x32\...\{61921186-7300-4E0E-A674-2CA8B9D5793E}) (Version: 11.0 German - )
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.0.a - Runtime Games Ltd)
PhoenixCreator 2.5.a (HKLM-x32\...\{36E1E13F-3137-4EC0-8872-AAD6AE612486}) (Version: 2.5.1 - Runtime Games Ltd)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Studio 17 - Install Manager (HKLM-x32\...\{F04D92CC-5C3A-46FA-9C98-6EACBDD262FF}) (Version: 17.0.128 - Corel Corporation)
Pinnacle Studio 17 - Standard Content Pack (HKLM-x32\...\{BA98BFA8-5EDF-450B-A92E-C096DC135D0E}) (Version: 17.0 - Corel Corporation)
Pinnacle Studio 17 (HKLM-x32\...\{3DA8F808-72E2-4361-82EC-433081D23005}) (Version: 17.5.0.327 - Corel Corporation)
Pinnacle Studio 17 Add-Ons (x32 Version: 17.0 - Corel) Hidden
Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PPJoy Joystick Driver 0.8.4.6 (HKLM-x32\...\PPJoy Joystick Driver) (Version: 0.8.4.6 - Deon van der Westhuysen)
Premium Pack Volumes 1-2 (HKLM-x32\...\{88C4D8A6-9954-46A0-965D-92E55DAB8734}) (Version: 2.0.1 - Corel Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6368 - Realtek Semiconductor Corp.)
ScoreFitter Volumes 1-2 (HKLM-x32\...\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}) (Version: 2.0.1 - Corel Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{EE537655-630E-47E8-9609-EEBCAA1DDEDF}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
SketchUp 8 (HKLM-x32\...\{B8F4A45C-581C-4707-8EF2-2B9E6722270C}) (Version: 3.0.16944 - Trimble Navigation Limited)
Ski Challenge 12 (AT) (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\sc12-AT_MAIN) (Version:  - )
Ski Challenge 13 (AT) (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\sc13-AT_MAIN) (Version:  - )
Slideshow Creator (HKLM-x32\...\{4E1A63B1-F547-4CFC-91F7-F32F1A6BF430}_is1) (Version: 2.2 - Bolide Software)
Snooper Map Downloader (HKLM-x32\...\{A744A90A-BF76-4338-84A1-74F114B0F419}) (Version: 1.23 - Performance Products Ltd.)
SNS-HDR Lite v1.4.22 (HKLM\...\SNS-HDR Lite_is1) (Version:  - Sebastian Nibisz)
SPEEDLINK Strike 2 Gamepad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Title Extreme (HKLM-x32\...\{F7214014-27EE-4237-9978-2F9D1551559B}) (Version: 2.0.1 - Corel Corporation)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer) (Version: 1.6 - Deutsche Post AG)
Versandhelfer (x32 Version: 1.6 - Deutsche Post AG) Hidden
VG JPEG-Repair Online (HKLM-x32\...\{45820D27-B25B-4D94-8AA1-DEB467171024}) (Version: 1.6.7 - VG Solutions)
Vistaprint Fotobücher (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{BA786D68-3AD8-42DC-8BE1-9E09B4737A27}_is1) (Version: 9.2.0.1065 - Vistaprint)
watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH)
WaveLab 6 (HKLM-x32\...\WaveLabPro) (Version: 6.1.0.340 - Steinberg)
Windows Driver Package - wch.cn (CH341SER_A64) Ports  (11/04/2011 3.3.2011.11) (HKLM\...\97C9A01181CB4369C61AF9B1459B09809636C13D) (Version: 11/04/2011 3.3.2011.11 - wch.cn)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Liven asennustyökalu (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Windows-Treiberpaket - dji-innovations inc. (usbser) Ports  (01/19/2011 5.1.2600.5512) (HKLM\...\2DC11E587B8BA912FF8FD5433B426EE46F8E22DD) (Version: 01/19/2011 5.1.2600.5512 - dji-innovations inc.)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version:  - Wargaming.net)
Zero Assumption Recovery Version 9 (HKLM-x32\...\Zero Assumption Recovery_is1) (Version:  - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03426054-C22E-4BB0-A9D8-B8F96427BE7A} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Keine Datei <==== ACHTUNG
Task: {0374D25E-5B8E-45E5-81BF-E16B248771F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {09A90DA1-16C5-4FAA-AE65-9F2387D39942} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {0F5B2D0F-FCF9-496F-B884-A4043B8A0181} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {12586B7B-8AF3-4496-99A8-3F22079BBAB3} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Keine Datei <==== ACHTUNG
Task: {1F9822F8-B338-48FB-8656-AD47BB6A36CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {26851BAC-1CEE-42A2-BEC1-0FF7545A4955} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {2870E50D-4D54-456B-8D0F-79C6515FFA80} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {2A3E614F-4A8C-4665-B74C-6766AA8C154C} - System32\Tasks\{CF9D2DDC-EEAB-4C4F-B08A-5303A1D11280} => C:\Games\World_of_Warplanes\WOWpLauncher.exe [2014-10-17] (Wargaming.net)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {41A16815-6297-4125-986E-95757CBA3CED} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-07] (Dropbox, Inc.)
Task: {4299A1C6-EE8D-41FB-A748-021A5F441918} - System32\Tasks\{B93A9C8C-E6C9-41A4-8FC0-DBCDEBDF11E1} => pcalua.exe -a C:\Users\Helli\Downloads\graupner_pc_software_de\Graupner_PC_Software_DE\Receiver_Setup.exe -d C:\Users\Helli\Downloads\graupner_pc_software_de\Graupner_PC_Software_DE
Task: {450FB7DA-F722-42C6-B7A8-E6EF76DCCF09} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {4B7D0251-266C-422A-BAC7-E30DF56C64BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {4F02A42E-FEE7-429F-A9D3-0D613BDFAD19} - System32\Tasks\{8AB10502-1A27-4039-854A-AE2DCE65C57F} => pcalua.exe -a C:\Users\Helli\Downloads\Sunbird_Setup_1.0_Beta_1.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {5E03BDD9-CADA-4D24-A692-41AB0A1225E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {7ACAABE6-98AB-462B-8AD1-AA9611F5F78B} - System32\Tasks\{DC9563FA-0A04-4B15-AE63-A95787C1B62E} => pcalua.exe -a C:\Users\Helli\Downloads\Adobe\CS_2.0_GR_Extras_1.exe -d C:\Users\Helli\Downloads\Adobe
Task: {8257F656-31A7-4302-BC97-56457175CB67} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-07] (Dropbox, Inc.)
Task: {8CF958C1-5469-4B3F-B3A7-57CE2170526A} - System32\Tasks\{9A6B2E68-840A-47C3-9F0D-D18AA7979B79} => pcalua.exe -a C:\Users\Helli\Downloads\agsetup183se.exe -d C:\Users\Helli\Downloads
Task: {95EF5595-3144-4BA9-A0C6-1B5A4DF9B2DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-28] (Adobe Systems Incorporated)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {9B417D00-9371-44C5-BC5D-4567DE665EC5} - System32\Tasks\{5D9D153F-F2CB-4570-BAE1-B4AA18B4311D} => pcalua.exe -a "E:\Win7 USB\SETUP.EXE" -d "E:\Win7 USB"
Task: {9CB7A533-4C6A-489D-AEA4-92784F4F4DC5} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {AAC452C4-A19E-4690-B461-A84D24A1929D} - System32\Tasks\{A24E3D1D-D17B-46FA-87DE-E557E20A6CDE} => pcalua.exe -a C:\Users\Helli\Downloads\Adobe\CS2_RetNon_Ger_3.exe -d C:\Users\Helli\Downloads\Adobe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {B6CA9322-7490-458D-8A17-D0351FF6DC94} - System32\Tasks\{80AC71C8-0543-4AD4-BF6F-84482AE19BDA} => pcalua.exe -a E:\Autorun.exe -d E:\
Task: {BA9D8BA4-30B4-406C-A23E-7FC77565F343} - System32\Tasks\{CAAA3F79-29FF-452A-9832-06F473BBE0BB} => pcalua.exe -a C:\Users\Helli\Downloads\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI.exe -d C:\Users\Helli\Downloads\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI_2_2b2
Task: {CA7DF40A-77AE-4EF5-8F2F-1C7EAF77A98A} - System32\Tasks\{C259DCE7-C4D2-41C3-9CDB-BA64A4C09FDA} => pcalua.exe -a C:\Users\Helli\Downloads\SimpleBGC_GUI_2_40b7\SimpleBGC_GUI_2_40\SimpleBGC_GUI.exe -d C:\Users\Helli\Downloads\SimpleBGC_GUI_2_40b7\SimpleBGC_GUI_2_40
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Keine Datei <==== ACHTUNG
Task: {DC66455B-FBFD-4604-8DA0-F4737FE37B3D} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core.job => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA.job => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Streaming Media Player.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jggnklnmaecfofafepejcjcjkcohgcfb

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-12-20 19:19 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-23 15:51 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-07 19:27 - 2012-12-07 19:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2012-02-10 16:00 - 2012-02-10 16:00 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-10-07 12:23 - 2011-10-07 12:23 - 00070144 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2011-12-31 10:49 - 2011-12-31 10:49 - 00058880 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.7.0.12__f722db7bec59a14b\Tvd.Remote.dll
2011-12-31 10:49 - 2011-12-31 10:49 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Tools\2.7.0.12__f722db7bec59a14b\Tvd.Tools.dll
2011-12-31 10:49 - 2011-12-31 10:49 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2011-12-31 10:49 - 2011-12-31 10:49 - 00079360 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.7.0.12__f722db7bec59a14b\Tvd.Reporting.dll
2011-12-31 10:49 - 2011-12-31 10:49 - 00152576 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.7.0.12__f722db7bec59a14b\Tvd.Aprico.dll
2016-05-20 18:06 - 2016-05-20 18:06 - 00959168 _____ () C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2014-12-24 14:29 - 2014-12-08 08:27 - 06277952 _____ () C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-01-22 17:09 - 2014-01-22 17:09 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2009-08-15 04:06 - 2009-08-15 04:06 - 00445712 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\Importer.exe
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2014-01-22 17:08 - 2014-01-22 17:08 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-01-22 17:08 - 2014-01-22 17:08 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-01-22 17:08 - 2014-01-22 17:08 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-01-22 17:08 - 2014-01-22 17:08 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-01-22 17:09 - 2014-01-22 17:09 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-01-22 17:09 - 2014-01-22 17:09 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-01-22 17:10 - 2014-01-22 17:10 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2016-05-12 11:03 - 2016-05-12 11:03 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f91bd970f20123a46b575cf6e92bc441\IsdiInterop.ni.dll
2011-08-11 22:01 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-05-20 18:06 - 2016-05-20 18:06 - 00679624 _____ () C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-01-21 14:43 - 2016-07-16 16:12 - 52042352 _____ () C:\Users\Helli\AppData\Roaming\Spotify\libcef.dll
2016-06-25 11:10 - 2016-06-30 04:25 - 00035792 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-08-06 18:59 - 2016-06-30 04:25 - 00145864 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-08-06 18:59 - 2016-06-30 04:26 - 00019408 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-08-06 18:59 - 2016-06-30 04:25 - 00116688 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-06-25 11:10 - 2016-06-30 04:25 - 00100296 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-25 11:09 - 2016-06-30 04:25 - 00018888 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-25 11:09 - 2016-08-01 23:27 - 00019760 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-25 11:10 - 2016-06-30 04:25 - 00694224 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-08-06 18:59 - 2016-08-01 23:26 - 00020816 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-06-25 11:10 - 2016-06-30 04:26 - 00123856 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-08-06 18:59 - 2016-08-01 23:26 - 01682760 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-08-06 18:59 - 2016-08-01 23:26 - 00020808 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00021312 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00052024 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00038696 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00105928 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-06 18:59 - 2016-06-30 04:25 - 00392144 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-08-06 18:59 - 2016-06-30 04:27 - 00020936 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00024528 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00114640 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00381752 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00124880 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00025424 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00175560 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00030160 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00043472 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00048592 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00026456 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00057808 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-08-06 18:59 - 2016-08-01 23:26 - 00246592 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00028616 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00019776 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-06-25 11:10 - 2016-06-30 04:25 - 00144848 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-08-06 18:59 - 2016-06-30 04:26 - 00241104 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-08-06 18:59 - 2016-08-01 23:26 - 00020280 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00023376 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00350152 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00022352 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00024392 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-08-06 18:59 - 2016-06-30 04:28 - 00036296 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\librsync.dll
2016-08-06 18:59 - 2016-08-01 23:27 - 00084280 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-08-06 18:59 - 2016-08-01 23:27 - 01826096 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-25 11:09 - 2016-06-30 04:26 - 00083912 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\sip.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 03929392 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 01972016 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00531248 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00132912 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00224056 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00207672 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00020288 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00060880 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00024904 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00546096 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00357680 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00168248 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00042808 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-01-21 14:43 - 2016-07-16 16:12 - 01741936 _____ () C:\Users\Helli\AppData\Roaming\Spotify\libglesv2.dll
2016-01-21 14:43 - 2016-07-16 16:12 - 00087664 _____ () C:\Users\Helli\AppData\Roaming\Spotify\libegl.dll
2009-06-08 08:40 - 2009-06-08 08:40 - 00666896 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\FastResize2.dll
2009-07-22 08:42 - 2009-07-22 08:42 - 01853200 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\SaFire2.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00149264 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\EditorXMLu.dll
2009-08-21 17:10 - 2009-08-21 17:10 - 00038160 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Inlay2.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00035088 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\MusicGeneratorPluginMgru.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00375568 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\vfrtu.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00020752 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\rngallocu.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00022800 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umicomu.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00017168 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RMLBu.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00065808 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\REIOu.dll
2009-08-21 17:10 - 2009-08-21 17:10 - 00022800 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\fiotoolsu.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00053520 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RMTOOLSu.dll
2009-08-21 17:10 - 2009-08-21 17:10 - 00036112 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\watcheru.DLL
2009-08-21 17:11 - 2009-08-21 17:11 - 00163088 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RTFxAppu.dll
2009-08-21 17:10 - 2009-08-21 17:10 - 00022288 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\avi_fpu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00015632 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\bsi_fpu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00085776 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\deko_fpu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00018192 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\dv_fpu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00019728 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\fioshareu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00214288 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\pcleimport_fpu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00021264 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\rnd_fpu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00049936 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\standardu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00025872 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\tm2_iopu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00019728 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\gbhlpu.dll
2009-08-21 17:10 - 2009-08-21 17:10 - 00027920 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\tm3_iopu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00021264 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\tm_iopu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00117520 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\ts_fpu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00986896 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\NFIO.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00025872 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\wav_fpu.fio
2009-08-21 17:11 - 2009-08-21 17:11 - 00345360 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\wmf_fpu.fio
2009-08-21 17:11 - 2009-08-21 17:11 - 00019216 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\yuv_fpu.fio
2009-08-21 17:10 - 2009-08-21 17:10 - 00165136 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\DSDVCODEC.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00134928 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\mpgcodecu.CDC
2009-08-21 17:11 - 2009-08-21 17:11 - 00040208 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\rtfxiou.DLL
2009-08-21 17:11 - 2009-08-21 17:11 - 00041232 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\PLYE2REu.DLL
2006-10-06 06:21 - 2006-10-06 06:21 - 00105984 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\AudioTools.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00033040 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RTREBaseu.dll
2009-08-21 16:46 - 2009-08-21 16:46 - 00009216 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RTFxRTREu.rtre
2009-08-21 17:11 - 2009-08-21 17:11 - 00519440 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RTFxREu.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00029968 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\MetaDataMgru.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00055056 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\oapi_strdu.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00100624 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\oapiinl.dll
2009-08-21 17:10 - 2009-08-21 17:10 - 00041744 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\DVResampleru.dll
2009-08-21 17:11 - 2009-08-21 17:11 - 00318736 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\DSAudioExtract.dll
2009-08-07 12:16 - 2009-08-07 12:16 - 00058728 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\3DServer\AlphaMagic3DU.fex
2009-08-07 12:16 - 2009-08-07 12:16 - 00763240 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\3DServer\ScriptServer3DU.fex
2008-05-19 07:57 - 2008-05-19 07:57 - 00155648 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\HfxRTfx2Studio.fex
2009-08-07 12:14 - 2009-08-07 12:14 - 00611672 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\Fx2dU.fex
2009-08-07 12:12 - 2009-08-07 12:12 - 00398688 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\FxColorKeyU.fex
2009-08-07 12:15 - 2009-08-07 12:15 - 00038672 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\MTracku.fex
2009-08-07 12:15 - 2009-08-07 12:15 - 00037648 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\ReverseU.fex
2009-08-07 12:15 - 2009-08-07 12:15 - 00353552 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\StudioRedEyeAndRotateU.fex
2009-08-07 12:15 - 2009-08-07 12:15 - 00140632 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\TimeWarpU.fex
2009-08-07 12:16 - 2009-08-07 12:16 - 00087400 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\3DServer\Filters3DU.fex
2009-08-07 12:16 - 2009-08-07 12:16 - 00087400 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\3DServer\FiltersPlus3DU.fex
2009-08-07 12:13 - 2009-08-07 12:13 - 02594136 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\AEFXu.fex
2009-08-07 12:14 - 2009-08-07 12:14 - 00091408 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\FractalFireu.fex
2009-08-07 12:15 - 2009-08-07 12:15 - 00070928 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\Medianu.fex
2003-11-19 21:41 - 2003-11-19 21:41 - 00086016 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\AE\MinMax.AEX
2009-08-07 12:15 - 2009-08-07 12:15 - 00025968 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\MosaicU.fex
2003-12-09 16:49 - 2003-12-09 16:49 - 00032768 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\AE\Noise.AEX
2003-11-19 21:41 - 2003-11-19 21:41 - 00094208 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\AE\RadialBlur.aex
2009-08-07 12:15 - 2009-08-07 12:15 - 00034136 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\SharpenU.fex
2003-11-19 21:41 - 2003-11-19 21:41 - 00024576 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\AE\ShiftChannels.AEX
2003-11-19 21:41 - 2003-11-19 21:41 - 00024576 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\AE\Threshold.AEX
2003-11-19 21:41 - 2003-11-19 21:41 - 00024576 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\AE\Tint.AEX
2009-08-07 12:15 - 2009-08-07 12:15 - 00079120 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\TurbulentDistEZu.fex
2003-11-19 21:41 - 2003-11-19 21:41 - 00040960 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\AE\Median.AEX
2008-10-24 03:43 - 2008-10-24 03:43 - 00015120 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\NewBlueDreamGlow.fex
2009-08-07 12:15 - 2009-08-07 12:15 - 00345360 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\StudioPanAndZoomU.fex
2008-10-24 03:42 - 2008-10-24 03:42 - 00015120 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\AutoColorP.fex
2009-08-07 12:14 - 2009-08-07 12:14 - 00066904 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\BlurU.fex
2008-10-24 03:43 - 2008-10-24 03:43 - 00062736 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\StudioKeyer2U.fex
2009-08-07 12:14 - 2009-08-07 12:14 - 00075024 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\ColorMapu.fex
2008-10-24 02:35 - 2008-10-24 02:35 - 00234840 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\FxDeinterlaceU.fex
2009-08-07 12:14 - 2009-08-07 12:14 - 00025968 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\EmbossU.fex
2009-08-07 12:14 - 2009-08-07 12:14 - 00025944 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\InvertU.fex
2008-10-24 03:43 - 2008-10-24 03:43 - 00015120 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\LightingP.fex
2009-08-07 12:15 - 2009-08-07 12:15 - 00030048 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\LumaKeyerU.fex
2004-08-17 12:49 - 2004-08-17 12:49 - 00024576 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\AE\MotionBlur.aex
2008-10-24 02:35 - 2008-10-24 02:35 - 00222552 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\MotionBlurU.fex
2008-10-24 03:43 - 2008-10-24 03:43 - 00017680 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\NewBlueEarthQuake.fex
2008-10-24 03:43 - 2008-10-24 03:43 - 00016144 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\NewBlueFocus.fex
2008-10-24 03:43 - 2008-10-24 03:43 - 00014608 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\NewBlueWhiteBalance.fex
2009-07-16 15:42 - 2009-07-16 15:42 - 00064000 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\2DExObj.d3o
2009-07-16 15:42 - 2009-07-16 15:42 - 00036352 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\2DObj.d3o
2009-07-16 15:42 - 2009-07-16 15:42 - 00119808 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\baseobj.d3o
2009-07-16 15:42 - 2009-07-16 15:42 - 00733184 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\BillFx2.d3o
2009-07-16 15:42 - 2009-07-16 15:42 - 00046080 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\HfxObj.d3o
2009-07-16 15:42 - 2009-07-16 15:42 - 00017408 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\IMGObj.d3o
2009-07-16 15:42 - 2009-07-16 15:42 - 00030720 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\PiPObj.d3o
2009-08-21 17:11 - 2009-08-21 17:11 - 00284432 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\RTFxRTSourceU.fex
2009-08-21 17:11 - 2009-08-21 17:11 - 00097040 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\FastOutputU.fex
2009-08-07 12:16 - 2009-08-07 12:16 - 00066912 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\3DServer\IMG3DU.fex
2009-08-21 17:11 - 2009-08-21 17:11 - 00043280 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\FastDVOutputU.fex
2009-08-07 12:15 - 2009-08-07 12:15 - 00177496 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\MixupU.fex
2009-08-07 12:15 - 2009-08-07 12:15 - 00271704 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\positionu.fex
2009-08-07 12:16 - 2009-08-07 12:16 - 00050528 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\3DServer\Mixup3DU.fex
2009-08-07 12:16 - 2009-08-07 12:16 - 00050536 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\PlugIns\RTFx\3DServer\HollywoodFX3DU.fex
2009-08-21 16:46 - 2009-08-21 16:46 - 00011776 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\mmtimeru.irq
2009-08-21 16:40 - 2009-08-21 16:40 - 00018944 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Programs\VFRTu.ISR
2009-08-15 04:06 - 2009-08-15 04:06 - 00066320 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\AfBaseToolsCPP.dll
2009-08-15 04:06 - 2009-08-15 04:06 - 00216848 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\S_FileCenterAssetDb.dll
2009-08-15 03:22 - 2009-08-15 03:22 - 00012288 _____ () c:\program files (x86)\pinnacle\studio 14\import\programs\reslog.vflog
2009-08-15 04:06 - 2009-08-15 04:06 - 00061712 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\S_NGESystem.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00162576 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\EditorXML2u.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00523536 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\vfrtu.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00053520 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\RMTOOLSu.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00077584 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\REIOu.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00035088 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\fiotoolsu.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00017168 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\RMLBu.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00022288 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\umicomu.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00020752 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\rngallocu.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00068880 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\Inlay2.dll
2009-08-15 04:06 - 2009-08-15 04:06 - 00579856 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\S_NGEBase.dll
2009-08-15 04:06 - 2009-08-15 04:06 - 00050960 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\DebugUtilCppCLI.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00029456 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\X_ControlPanel.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00505104 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\X_ImportComponents.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00230672 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\X_ImportLogic.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00185616 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\PcleCaptureWrapper.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00267536 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\X_clipeditorcomponents.dll
2009-08-15 04:16 - 2009-08-15 04:16 - 00095504 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\de-DE\X_ClipEditorComponents.resources.dll
2009-08-15 04:16 - 2009-08-15 04:16 - 00062736 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\de-DE\AfWPFTools.resources.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00929552 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\R_SkinPackageDefault.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00040208 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\R_SkinPackageJohansson.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00211728 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\R_SkinPackageNG.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00967952 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\R_SkinPackageVideo.dll
2009-08-15 04:06 - 2009-08-15 04:06 - 00064272 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\InteropUtils.dll
2009-08-15 04:16 - 2009-08-15 04:16 - 00247056 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\de-DE\X_ImportComponents.resources.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00022288 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\avi_fpu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00015632 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\bsi_fpu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00018192 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\dv_fpu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00019728 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\fioshareu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00222992 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\pcleimport_fpu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00021264 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\rnd_fpu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00049936 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\standardu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00025872 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\tm2_iopu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00027920 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\tm3_iopu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00021264 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\tm_iopu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00115472 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\ts_fpu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00928528 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\NFIO.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00025872 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\wav_fpu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00345872 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\wmf_fpu.fio
2009-08-15 04:07 - 2009-08-15 04:07 - 00019216 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\yuv_fpu.fio
2009-08-15 04:08 - 2009-08-15 04:08 - 00040720 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\rtfxiou.DLL
2009-08-15 04:08 - 2009-08-15 04:08 - 00121104 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\oapi_strdu.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00106768 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\oapiinl.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00514832 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\RTFxREu.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00164112 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\RTFxAppu.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00033040 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\RTREBaseu.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00029456 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\MetaDataMgru.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00216848 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\DSDVCODEC.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00135952 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\mpgcodecu.CDC
2009-08-15 04:09 - 2009-08-15 04:09 - 01092368 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\RTFxV2.dll
2009-07-28 23:39 - 2009-07-28 23:39 - 01853200 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\SaFire2.dll
2009-08-15 04:09 - 2009-08-15 04:09 - 00460048 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\FastResizeU.dll
2006-10-06 15:21 - 2006-10-06 15:21 - 00105984 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\AudioTools.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00035600 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\MusicGeneratorPluginMgru.dll
2009-08-15 03:43 - 2009-08-15 03:43 - 00009216 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\RTFxRTREu.rtre
2009-06-08 18:09 - 2009-06-08 18:09 - 00064000 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\2DExObj.d3o
2009-06-08 18:09 - 2009-06-08 18:09 - 00036352 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\2DObj.d3o
2009-06-08 18:10 - 2009-06-08 18:10 - 00119808 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\baseobj.d3o
2009-06-08 18:10 - 2009-06-08 18:10 - 00017408 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\IMGObj.d3o
2009-06-08 18:10 - 2009-06-08 18:10 - 00030720 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\PiPObj.d3o
2009-08-15 04:08 - 2009-08-15 04:08 - 00314640 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\DSAudioExtract.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00082192 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\PixieService.dll
2009-08-15 04:16 - 2009-08-15 04:16 - 00038160 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\de-DE\X_ImportLogic.resources.dll
2009-08-15 04:07 - 2009-08-15 04:07 - 00092944 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\DiscImporterWrapper.dll
2009-08-15 04:08 - 2009-08-15 04:08 - 00017168 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\mmtimeru.irq
2009-08-15 03:24 - 2009-08-15 03:24 - 00018944 _____ () C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\VFRTu.ISR
2014-08-30 18:12 - 2014-11-29 20:08 - 00332584 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2014-08-30 18:12 - 2014-11-29 20:08 - 00459048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-08-30 18:12 - 2014-11-29 20:08 - 00587048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:EBAA0CD9 [128]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2067386785-177352631-409754499-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^watchmi tray.lnk => C:\Windows\pss\watchmi tray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{85832019-5E10-4687-9BE8-ECC6260C4DFB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3F0CB73A-4640-4B7B-A0AC-524E66E23823}] => (Allow) LPort=2869
FirewallRules: [{D63C74F5-9DCE-4F49-A501-D838905BB8A3}] => (Allow) LPort=1900
FirewallRules: [{CB2332EA-77AC-41DE-AD54-8B1B22BDC0F9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C0B4056E-B896-435C-BBE5-FF8029F17959}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{E256B328-C528-4EAF-B332-CC4B183C86EE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{E1F6AE30-4249-4692-9004-771693CBFBE0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{FB2F82EE-DEB4-4909-9EE4-A18310BE384A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{87B4BC7C-A2BE-428C-8AE5-0F8F7063EBB6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{C04AE569-E1F7-4C22-AD6A-DA98EB2712E8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{29373102-88B8-4D47-B105-4BBD82D21ED6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{806E67FF-BEBA-4548-9A3F-2FBAC0F98E10}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{B3319756-B179-4AC5-94C3-C9C9FA5E420D}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{03491E0D-FA98-4574-9FB8-63329D41CE5B}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{429C5531-915C-435C-B0C4-FA1483B84C43}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1EC9D45E-95F2-4096-8B7C-A33BA93C062B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{C50E2646-F02B-4F36-B4D6-AEF9AA368A3C}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FF4E220C-1C9A-43AB-A68D-376B58F8C1CF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{AD9C6B1D-2FF7-4076-AB69-3F8DC765F3B8}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{019D6199-5B85-4452-A79C-55861A359844}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{3E19E9BA-A4DA-4274-8106-E3DA59630A53}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FD6DB47C-13A9-4C47-96B4-54CA57D8B6DF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E25504B7-9CF4-4969-8D42-310BDD34835D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{16A41F44-CFA5-4A8D-B9C3-AD22BF0BF8F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A2D8D71B-E710-41A3-887F-36FC6BD78191}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A500A9AA-3549-48B1-BB6A-63BF9735A6A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{3EF2D9F8-BD7C-450E-8760-D31EBF4C3868}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{4E6EF22C-F4E7-42A2-A3C1-D1626D150F88}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{CA422FF4-7A06-4712-8C07-BA17B50ED8ED}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{B5AE1388-51E6-459A-BF2A-A542C0FFF427}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [{8B268F4F-0C90-4F88-ACBF-5EFC2BDF0F42}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{49FE939F-27D6-4763-8A28-7753C0229E37}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{BE62E31A-ED9E-48CE-8930-4A932C9FCA64}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{2651BC27-381C-43D5-A77C-4C0D45E8BC7A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{944FC4AC-06DC-4BE7-86E0-6C3F3E2ABA67}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{0AE6E609-53FA-4D67-8D08-88169B59E549}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{26AB6CBE-2D46-495D-943D-DA226824BED8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{D2B75AE4-ACA7-4B7D-AB6C-739A54072B48}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{D74D9B78-02EA-4696-8B34-AAA473019E87}C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe] => (Allow) C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe
FirewallRules: [UDP Query User{B219A230-4551-43A4-A9D7-0EA61915558E}C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe] => (Allow) C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe
FirewallRules: [TCP Query User{922C8C4E-F070-43FB-B54E-839B439089C5}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{D16BB7D2-99B9-4574-88A3-A98FE8D417D7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [TCP Query User{FB3E5598-23CC-4FF1-A4C7-B9EF116740DB}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{6164FAA6-3A28-4E11-8DF3-21E89CF27588}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{78AF04A3-B48C-4F90-8E73-3CF0723F16C4}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{275B5807-2988-4AA1-B757-3AA1E6F108D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{485B18DD-7609-4827-8552-F7E6BB196C64}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D490CBE6-DA72-43E5-9B6C-851A6101799A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2C57B42A-ED43-42BF-BF1A-B168EE2F786C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0033A636-ED6A-4699-8C56-B3F1DBF234CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9191D8F8-423F-46FB-902A-A7D3DA865C22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C25CA83A-75E3-4410-A3D6-5B7016793DBE}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{FA5A1528-02C1-401F-8959-E15F474B79B4}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{3BC30513-F5A4-436D-911E-9F5D9F4744A3}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{4A7EBA7C-AB2F-46D1-9545-C3F727A8170C}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{3441E80C-B975-4627-BB35-3AA370AC1999}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [{9E3B0C05-3612-444E-A31E-739765FE8FAF}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [{07888844-6A66-4C72-9236-938667E02DB4}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{B7B69043-4955-4BCF-88B0-6759D6AF2F68}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{CDD93FC2-711E-4894-8DD4-4CF60889D567}] => (Allow) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{144FAD38-E814-4392-AECE-EE286D1C4C82}] => (Allow) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EA2D6A13-0F24-4DD6-B161-E0E4BB53C2EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{470A3940-FF7B-44F5-B1F4-4FEF43EAD303}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0DDFD6CE-7493-4119-9FD8-40F8518A6508}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B10302FD-BBC3-4AF5-9BD8-3D8443EEABD1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0FE5523A-58AF-4347-91A4-9992662E01EF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9DBC48B4-5EF0-436A-B252-3BA65671AFA1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61834444-AD52-4D4C-8F2B-5BE3C6792C93}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{AC81599F-6782-43FD-AC0D-CBFAC2D4519F}C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6206C2CF-BB80-445D-B420-C5FF83EFA41E}C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{51C0210B-0065-4170-B983-A24A2A4325F7}C:\program files (x86)\dslrbooth\dslrbooth.exe] => (Allow) C:\Program Files (x86)\dslrBooth\dslrbooth.exe
FirewallRules: [UDP Query User{70BFE554-4451-4585-B04E-CDF6EF498BDB}C:\program files (x86)\dslrbooth\dslrbooth.exe] => (Allow) C:\Program Files (x86)\dslrBooth\dslrbooth.exe
FirewallRules: [{624ADD40-45FB-4B7B-8A56-79BB2D98D670}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6A1C4611-4905-4045-955E-AB670661C688}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AF58937F-FF2E-43BB-B999-7DF29E8C1DA3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E18654BA-D5FD-4B41-8ACE-FC92EC091C32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{CD405E4D-59E6-4445-8052-E7D29406B973}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7CDE6156-382F-44BD-A949-798046414E54}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [{90DE1E8D-BAAC-4DC0-9578-FAE5BFA12F6F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{374A559F-1419-413D-8405-E46F3C8ABE60}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3D92C506-8908-4B95-8680-EBA294F999CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{374BF525-7D45-4A92-97DC-D916BF6BBC01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{14944F10-DB18-4A99-8989-2C22809D622C}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6A9D8FD0-BFD5-497E-86D2-9A3DD82BECFF}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [{196DF86D-38A1-4F69-A7E8-6138FF5140D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

31-07-2016 11:07:12 Windows Update
06-08-2016 19:17:33 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/09/2016 08:30:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Importer.exe, Version 14.0.1.1056 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1ef4

Startzeit: 01d1f2060c8ca4a7

Endzeit: 39

Anwendungspfad: C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\Importer.exe

Berichts-ID: aafb29ab-5dfa-11e6-ae4f-8c89a56d6ec7

Error: (08/07/2016 08:44:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.23392, Zeitstempel: 0x56eb2f8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00033a56
ID des fehlerhaften Prozesses: 0x1044
Startzeit der fehlerhaften Anwendung: 0xNvBackend.exe0
Pfad der fehlerhaften Anwendung: NvBackend.exe1
Pfad des fehlerhaften Moduls: NvBackend.exe2
Berichtskennung: NvBackend.exe3

Error: (08/02/2016 09:08:23 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (08/02/2016 06:31:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.23392, Zeitstempel: 0x56eb2f8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00033a56
ID des fehlerhaften Prozesses: 0xdfc
Startzeit der fehlerhaften Anwendung: 0xNvBackend.exe0
Pfad der fehlerhaften Anwendung: NvBackend.exe1
Pfad des fehlerhaften Moduls: NvBackend.exe2
Berichtskennung: NvBackend.exe3

Error: (08/02/2016 06:30:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: nvspcap.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52f20257
Ausnahmecode: 0xc0000005
Fehleroffset: 0x100c9860
ID des fehlerhaften Prozesses: 0xdfc
Startzeit der fehlerhaften Anwendung: 0xNvBackend.exe0
Pfad der fehlerhaften Anwendung: NvBackend.exe1
Pfad des fehlerhaften Moduls: NvBackend.exe2
Berichtskennung: NvBackend.exe3

Error: (07/31/2016 11:07:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.3.5716, Zeitstempel: 0x55ddb213
Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.3.5716, Zeitstempel: 0x55dda062
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e250
ID des fehlerhaften Prozesses: 0x1df8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/31/2016 11:07:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.3.5716, Zeitstempel: 0x55ddb213
Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.3.5716, Zeitstempel: 0x55dda062
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e250
ID des fehlerhaften Prozesses: 0x18a0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/31/2016 11:07:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.3.5716, Zeitstempel: 0x55ddb213
Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.3.5716, Zeitstempel: 0x55dda062
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e250
ID des fehlerhaften Prozesses: 0x1b9c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/31/2016 10:52:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CorelDRW.exe, Version: 12.0.0.458, Zeitstempel: 0x3fced9b6
Name des fehlerhaften Moduls: CdrCore.dll, Version: 12.0.0.458, Zeitstempel: 0x3fceece4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002f2e7
ID des fehlerhaften Prozesses: 0xc58
Startzeit der fehlerhaften Anwendung: 0xCorelDRW.exe0
Pfad der fehlerhaften Anwendung: CorelDRW.exe1
Pfad des fehlerhaften Moduls: CorelDRW.exe2
Berichtskennung: CorelDRW.exe3

Error: (07/31/2016 10:32:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: nvspcap.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52f20257
Ausnahmecode: 0xc0000005
Fehleroffset: 0x1000c292
ID des fehlerhaften Prozesses: 0xc74
Startzeit der fehlerhaften Anwendung: 0xNvBackend.exe0
Pfad der fehlerhaften Anwendung: NvBackend.exe1
Pfad des fehlerhaften Moduls: NvBackend.exe2
Berichtskennung: NvBackend.exe3


Systemfehler:
=============
Error: (08/10/2016 07:17:36 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.

Error: (08/10/2016 07:10:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Device Interaction Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/10/2016 07:10:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Device Interaction Service erreicht.

Error: (08/09/2016 06:04:15 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: \Device\Video5!051d(2528)

Error: (08/09/2016 07:36:27 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (08/08/2016 09:23:35 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (08/08/2016 08:34:21 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: \Device\Video5!051d(2528)

Error: (08/08/2016 12:09:19 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.

Error: (08/07/2016 08:37:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Device Interaction Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/07/2016 08:37:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Device Interaction Service erreicht.


CodeIntegrity:
===================================
  Date: 2015-03-09 18:30:43.512
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-09 18:30:43.494
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-09 18:30:43.493
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.311
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.249
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.249
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.217
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.124
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 07:21:50.414
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 07:21:50.331
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 75%
Installierter physikalischer RAM: 4077.64 MB
Verfügbarer physikalischer RAM: 1014.67 MB
Summe virtueller Speicher: 8153.46 MB
Verfügbarer virtueller Speicher: 3424.4 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:590.27 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:25.71 GB) NTFS
Drive i: (HDDRIVE2GO) (Fixed) (Total:931.28 GB) (Free:674.11 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 57A991D6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================

Helli1965 · 10.08.2016, 09:27

und hier der zweite code dazu:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2016 01
durchgeführt von Helli (Administrator) auf HELLI-PC (10-08-2016 10:02:59)
Gestartet von C:\Users\Helli\Downloads
Geladene Profile: Helli (Verfügbare Profile: Helli & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Dropbox, Inc.) C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Spotify Ltd) C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Helli\AppData\Roaming\Spotify\Spotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dropbox, Inc.) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\Helli\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Helli\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Helli\AppData\Roaming\Spotify\Spotify.exe
(Pinnacle Systems) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
(Pinnacle Systems) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\PER.exe
(Pinnacle Systems) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
(Pinnacle Systems) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
() C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\Importer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Pinnacle Systems) C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\umi.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-12-01] (Google Inc.)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Amazon Music] => C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Dropbox Update] => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-07] (Dropbox, Inc.)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Google Update] => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2016-01-17] (Google Inc.)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Spotify Web Helper] => C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-16] (Spotify Ltd)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Spotify] => C:\Users\Helli\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-16] (Spotify Ltd)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {a7d6756a-2742-11e1-ab8c-8c89a56d6ec7} - F:\Startme.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {ae8179f2-85a7-11e3-8bbf-8c89a56d6ec7} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {b8c3669f-1ccf-11e6-bc6b-8c89a56d6ec7} - F:\startme.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {f5a8b434-910a-11e1-a003-8c89a56d6ec7} - I:\Startme.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2067386785-177352631-409754499-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-2067386785-177352631-409754499-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?pc=UE07&ocid=UE07DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2067386785-177352631-409754499-1002 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-08-12] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2011-08-12] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
Toolbar: HKU\S-1-5-21-2067386785-177352631-409754499-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
DPF: HKLM-x32 {DF2F1634-A3AA-4E1B-9945-13F2BC455C0C} hxxp://at.sc12.greentube.com/xsl_gamebase/_magic/game_loader/ActiveXInstaller1.2.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\myMugle\Skype4COM.dll [2009-10-29] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default
FF Homepage: hxxp://www.kappes-helmut.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-28] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [2011-08-12] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll [2011-08-12] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-11-29] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-11-29] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-11-29] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\user.js [2016-03-04]
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-2067386785-177352631-409754499-1002\FireFox\user.js [2016-03-04]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Extension: GreenWebPlayer - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\greenwebplayer@greentube.com [2013-12-12] [ist nicht signiert]
FF Extension: Noia 4 Theme Manager - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\Noia4Options@ArisT2.xpi [2014-01-08] [ist nicht signiert]
FF Extension: Toggle Persona - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\togglepersona@davidvincent.tld.xpi [2014-03-01] [ist nicht signiert]
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-11-29] [ist nicht signiert]
FF Extension: Garmin Communicator - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-02-19] [ist nicht signiert]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-11-29] [ist nicht signiert]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-11-29] [ist nicht signiert]
FF Extension: WOT - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: facepaste - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\facepaste.firefox.addon@azabani.com.xpi [2016-03-11]
FF Extension: YouTube to MP3 - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\youtube2mp3@mondayx.de.xpi [2016-05-01]
FF Extension: YouTube MP3 Pro - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\info@youtubespace.de.xpi [2016-05-01]
FF Extension: Noia Fox options - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\NoiaFoxoption@davidvincent.tld.xpi [2016-05-01]
FF Extension: Bitdefender QuickScan - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2016-05-01]
FF Extension: FoxyDeal - C:\Users\Helli\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-01-25] [ist nicht signiert]
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\de_DE@dicts.j3e.de [2016-05-01]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-07-07]
FF Extension: YouTube mp3 - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\info@youtube-mp3.org.xpi [2016-05-01]
FF Extension: Easy YouTube to MP3 Converter - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi [2016-05-01]
FF Extension: Facedown - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\jid1-jOzgwWWFkIQQqg@jetpack.xpi [2016-05-01]
FF Extension: Video MPEG4 HD Free - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\{0be179e0-d1d2-4606-9ccd-0d61c65de47a}.xpi [2016-05-19] [ist nicht signiert]
FF Extension: HTML Service - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\{5ae4d270-5529-4637-868e-033b39cfddca}.xpi [2015-12-22] [ist nicht signiert]
FF Extension: Noia Fox - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2015-09-01]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-03-21]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.kappes-helmut.de/"
CHR Profile: C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Cast) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-04-29]
CHR Extension: (Musik Songs Spieler) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdenlcnfdjepagejpfajlkicggieknab [2016-01-17]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2016-01-17]
CHR Extension: (Kaspersky Protection) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-11]
CHR Extension: (Streaming Media Player) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggnklnmaecfofafepejcjcjkcohgcfb [2016-01-17]
CHR Extension: (Media Player for YouTube™) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\moebmmkeehmohghiialcoemcmebekbap [2016-04-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-09]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2012-02-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-05] (www.winchiphead.com)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-11-29] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-11-29] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-10] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20024 2010-02-20] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39992 2010-02-20] (Deon van der Westhuysen)
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-10 10:02 - 2016-08-10 10:04 - 00033812 _____ C:\Users\Helli\Downloads\FRST.txt
2016-08-10 10:02 - 2016-08-10 10:02 - 02393600 _____ (Farbar) C:\Users\Helli\Downloads\FRST64.exe
2016-08-10 10:02 - 2016-08-10 10:02 - 00000000 ____D C:\FRST
2016-08-10 07:26 - 2016-08-10 07:26 - 00000000 ___HD C:\OneDriveTemp
2016-08-09 08:27 - 2016-08-09 10:23 - 00000000 _____ C:\Users\Helli\Downloads\OneDrive-2016-08-08(1).zip
2016-08-09 08:26 - 2016-08-09 08:53 - 160301105 _____ C:\Users\Helli\Downloads\OneDrive-2016-08-08.zip.part
2016-08-08 22:13 - 2016-08-09 07:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\15A60E84.sys
2016-08-06 19:01 - 2016-08-06 19:01 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-02 21:02 - 2016-08-09 21:04 - 00027648 _____ C:\Users\Helli\Documents\T-shirt 2016.xls
2016-08-02 19:55 - 2016-08-02 19:55 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\26B9504D.sys
2016-07-29 12:40 - 2016-07-29 12:41 - 00313328 _____ C:\Windows\Minidump\072916-26660-01.dmp
2016-07-29 12:23 - 2016-08-10 09:28 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba.job
2016-07-29 12:23 - 2016-08-09 12:28 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca.job
2016-07-29 12:23 - 2016-07-29 12:23 - 00004090 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba
2016-07-29 12:23 - 2016-07-29 12:23 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca
2016-07-29 12:22 - 2016-08-10 09:27 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f.job
2016-07-29 12:22 - 2016-08-10 07:27 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77.job
2016-07-29 12:22 - 2016-07-29 12:22 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f
2016-07-29 12:22 - 2016-07-29 12:22 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77
2016-07-25 21:10 - 2016-07-25 21:10 - 00001088 _____ C:\Users\Public\Desktop\PDF24.lnk
2016-07-25 21:10 - 2016-07-25 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-07-23 12:52 - 2016-07-23 13:00 - 00000000 ____D C:\Users\Helli\Downloads\Fitswork447
2016-07-23 12:49 - 2016-07-23 12:49 - 01341307 _____ C:\Users\Helli\Downloads\Fitswork447.zip
2016-07-21 21:26 - 2016-07-23 09:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-07-21 17:46 - 2016-07-21 17:46 - 00000000 ____D C:\Users\Helli\AppData\Local\{6B79DB93-3A37-46DF-BFE9-36C362341F2E}
2016-07-18 20:17 - 2016-07-18 21:24 - 00000000 ____D C:\Users\Helli\Downloads\Martin und Nina
2016-07-18 13:13 - 2016-08-09 08:35 - 00000000 ____D C:\klaus
2016-07-16 16:04 - 2016-07-16 16:04 - 00000000 _____ C:\Windows\Minidump\071616-136828-01.dmp
2016-07-16 11:48 - 2016-06-11 08:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-16 11:48 - 2016-06-11 06:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-16 11:48 - 2016-06-10 23:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-16 11:48 - 2016-06-10 23:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-16 11:48 - 2016-06-10 23:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-16 11:48 - 2016-06-10 23:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-16 11:48 - 2016-06-10 23:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-16 11:48 - 2016-06-10 23:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-16 11:48 - 2016-06-10 23:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-16 11:48 - 2016-06-10 23:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-16 11:48 - 2016-06-10 23:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-16 11:48 - 2016-06-10 23:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-16 11:48 - 2016-06-10 23:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-16 11:48 - 2016-06-10 23:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-16 11:48 - 2016-06-10 23:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-16 11:48 - 2016-06-10 23:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-16 11:48 - 2016-06-10 23:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-16 11:48 - 2016-06-10 23:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-16 11:48 - 2016-06-10 22:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-16 11:48 - 2016-06-10 22:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-16 11:48 - 2016-06-10 22:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-16 11:48 - 2016-06-10 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-16 11:48 - 2016-06-10 22:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-16 11:48 - 2016-06-10 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-16 11:48 - 2016-06-10 22:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-16 11:48 - 2016-06-10 22:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-16 11:48 - 2016-06-10 22:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-16 11:48 - 2016-06-10 22:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-16 11:48 - 2016-06-10 22:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-16 11:48 - 2016-06-10 22:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-16 11:48 - 2016-06-10 22:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-16 11:48 - 2016-06-10 22:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-16 11:48 - 2016-06-10 21:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-16 11:48 - 2016-06-10 21:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-16 11:48 - 2016-06-10 21:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-16 11:48 - 2016-06-10 21:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-16 11:48 - 2016-06-10 21:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-16 11:48 - 2016-06-10 20:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-16 11:48 - 2016-06-10 20:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-16 11:48 - 2016-06-10 20:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-16 11:48 - 2016-06-10 20:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-16 11:48 - 2016-06-10 20:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-16 11:48 - 2016-06-10 20:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-16 11:48 - 2016-06-10 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-16 11:48 - 2016-06-10 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-16 11:48 - 2016-06-10 20:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-16 11:48 - 2016-06-10 20:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-16 11:48 - 2016-06-10 20:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-16 11:48 - 2016-06-10 20:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-16 11:48 - 2016-06-10 20:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-16 11:48 - 2016-06-10 20:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-16 11:48 - 2016-06-10 20:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-16 11:48 - 2016-06-10 20:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-16 11:48 - 2016-06-10 20:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-16 11:48 - 2016-06-10 20:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-16 11:48 - 2016-06-10 20:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-16 11:48 - 2016-06-10 20:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-16 11:48 - 2016-06-10 20:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-16 11:48 - 2016-06-10 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-16 11:48 - 2016-06-10 20:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-16 11:48 - 2016-06-10 20:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-16 11:48 - 2016-06-10 20:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-16 11:48 - 2016-06-10 19:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-16 11:48 - 2016-06-10 19:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-16 11:48 - 2016-06-10 19:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-16 11:48 - 2016-06-10 19:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-16 11:05 - 2016-07-16 11:05 - 00001053 _____ C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dslrBooth.lnk
2016-07-16 11:05 - 2016-07-16 11:05 - 00001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dslrBooth.lnk
2016-07-16 11:05 - 2016-07-16 11:05 - 00001023 _____ C:\Users\Helli\Desktop\dslrBooth.lnk
2016-07-16 11:05 - 2016-07-16 11:05 - 00000000 ____D C:\ProgramData\InstallMate
2016-07-16 09:22 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-16 09:22 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-16 09:22 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-16 09:22 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-16 09:22 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-16 09:22 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-16 09:22 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-16 09:22 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-16 09:22 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-16 09:22 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-16 09:22 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-16 09:22 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-16 09:22 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-16 09:21 - 2016-06-14 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-10 09:59 - 2009-07-14 06:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-10 09:59 - 2009-07-14 06:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-10 09:30 - 2011-12-01 21:12 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-10 09:23 - 2015-09-07 20:18 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA.job
2016-08-10 07:48 - 2012-01-13 10:47 - 00062464 _____ C:\Users\Helli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-10 07:32 - 2016-01-21 14:42 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Spotify
2016-08-10 07:31 - 2012-01-04 23:15 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-08-10 07:27 - 2014-10-11 12:31 - 00000000 ___RD C:\Users\Helli\Dropbox
2016-08-10 07:27 - 2014-01-25 16:30 - 00000000 ____D C:\Users\Helli\AppData\Local\HTC MediaHub
2016-08-10 07:26 - 2016-01-21 14:43 - 00000000 ____D C:\Users\Helli\AppData\Local\Spotify
2016-08-10 07:26 - 2015-10-26 19:11 - 00000000 ___RD C:\Users\Helli\OneDrive
2016-08-10 07:26 - 2015-01-10 13:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-10 07:10 - 2015-09-07 20:18 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core.job
2016-08-10 07:10 - 2011-09-06 00:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-10 07:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-09 20:53 - 2012-01-12 13:50 - 00000000 ____D C:\Users\Helli\Documents\Corel User Files
2016-08-09 10:04 - 2015-01-10 13:22 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 10:04 - 2015-01-10 13:22 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-06 19:37 - 2011-12-02 21:58 - 00000000 ____D C:\Users\Gast
2016-08-06 19:02 - 2014-10-11 12:28 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Dropbox
2016-08-02 06:38 - 2016-01-21 15:25 - 00000000 ____D C:\Users\Helli\Documents\ASV 2016
2016-07-31 11:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-31 11:00 - 2015-10-30 21:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-07-31 11:00 - 2014-02-16 20:07 - 00000000 ____D C:\ProgramData\HeloCut5
2016-07-29 12:49 - 2011-05-16 16:04 - 00699432 _____ C:\Windows\system32\perfh007.dat
2016-07-29 12:49 - 2011-05-16 16:04 - 00149572 _____ C:\Windows\system32\perfc007.dat
2016-07-29 12:49 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-29 12:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-29 12:42 - 2016-01-17 18:38 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA.job
2016-07-29 12:42 - 2011-12-01 21:09 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-29 12:40 - 2015-08-05 19:38 - 551678451 _____ C:\Windows\MEMORY.DMP
2016-07-29 12:40 - 2012-08-24 10:46 - 00000000 ____D C:\Windows\Minidump
2016-07-29 12:23 - 2016-01-17 18:38 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core.job
2016-07-29 12:22 - 2011-12-01 21:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-26 14:24 - 2010-11-21 05:27 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-25 21:10 - 2012-01-25 22:01 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-07-24 14:59 - 2012-05-03 20:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-21 18:11 - 2015-01-31 14:11 - 00000000 ____D C:\Users\Helli\Downloads\Karneval Musik
2016-07-21 17:37 - 2015-04-08 13:41 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-21 17:37 - 2015-04-08 13:41 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-18 21:23 - 2014-01-06 19:28 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Audacity
2016-07-16 16:04 - 2009-07-14 06:45 - 00504112 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-16 16:02 - 2015-06-23 20:07 - 00000000 ____D C:\Program Files (x86)\dslrBooth
2016-07-16 15:49 - 2014-12-11 20:33 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-16 15:49 - 2011-04-12 10:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-16 09:57 - 2013-07-19 16:25 - 00000000 ____D C:\Windows\system32\MRT
2016-07-16 09:32 - 2011-07-18 22:31 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-10 21:39 - 2015-04-20 19:22 - 0000352 _____ () C:\Users\Helli\AppData\Roaming\dpdhl.versandhelfer_state.xml
2013-06-09 13:20 - 2014-05-03 16:18 - 0000293 _____ () C:\Users\Helli\AppData\Roaming\FotoSketcher.ini
2014-04-13 22:22 - 2016-07-07 17:15 - 0007253 _____ () C:\Users\Helli\AppData\Roaming\HELLI-PC.MTBF.txt
2014-04-13 22:22 - 2016-07-07 17:46 - 0001132 _____ () C:\Users\Helli\AppData\Roaming\__AvidCloudManager.log
2014-04-13 22:22 - 2016-05-21 16:17 - 0001132 _____ () C:\Users\Helli\AppData\Roaming\__AvidCloudManagerPrevious.log
2013-09-04 18:56 - 2013-09-04 18:56 - 0139076 _____ () C:\Users\Helli\AppData\Local\ars.cache
2013-09-04 18:56 - 2013-09-04 18:56 - 0266054 _____ () C:\Users\Helli\AppData\Local\census.cache
2012-01-13 10:47 - 2016-08-10 07:48 - 0062464 _____ () C:\Users\Helli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-04 18:33 - 2013-09-04 18:33 - 0000036 _____ () C:\Users\Helli\AppData\Local\housecall.guid.cache
2014-05-05 12:27 - 2014-05-05 12:27 - 0000218 _____ () C:\Users\Helli\AppData\Local\recently-used.xbel
2012-08-26 17:33 - 2013-01-04 23:10 - 0007605 _____ () C:\Users\Helli\AppData\Local\resmon.resmoncfg
2015-09-01 21:39 - 2015-09-05 15:15 - 0061736 _____ () C:\Users\Helli\AppData\Local\Silberhochzeit.ssp
2015-12-26 20:53 - 2015-12-26 20:53 - 0000000 _____ () C:\Users\Helli\AppData\Local\{69DDDAC2-65A2-46F4-8809-D2D44F7A8F31}
2012-01-25 17:19 - 2014-12-14 16:51 - 0000166 ___SH () C:\ProgramData\.zreglib
2015-06-23 20:08 - 2015-06-23 20:08 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-02-12 21:25 - 2014-01-19 21:01 - 0004430 _____ () C:\ProgramData\__FileUploader.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Helli\phoenixRC.exe


Einige Dateien in TEMP:
====================
C:\Users\Helli\AppData\Local\Temp\5016D697-F40A-46C0-A6D8-F5577EEE9644.exe
C:\Users\Helli\AppData\Local\Temp\CE6D6D22-FC7A-42D7-9F9F-61A6AEF49BB2.exe
C:\Users\Helli\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3z6wub.dll
C:\Users\Helli\AppData\Local\Temp\GUR76C4.exe
C:\Users\Helli\AppData\Local\Temp\GURB4EC.exe
C:\Users\Helli\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Helli\AppData\Local\Temp\suka.exe
C:\Users\Helli\AppData\Local\Temp\Uni000.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-09 19:08

==================== Ende von FRST.txt ============================

cosinus · 11.08.2016, 10:44

Zitat:

Malwarebytes meldet beim surfen Outbond Warnungen.

Logs dazu?

Bitte allemit Funden nachreichen

Helli1965 · 11.08.2016, 11:35

Hallo,
ich hoffe das das hier richtig ist.

Danke und Gruß Helmut

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 10.08.2016 07:11, SYSTEM, HELLI-PC, Protection, Malware Protection, Starting, 
Protection, 10.08.2016 07:11, SYSTEM, HELLI-PC, Protection, Malware Protection, Started, 
Protection, 10.08.2016 07:11, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10.08.2016 07:12, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Started, 
Detection, 10.08.2016 09:48, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Domain, 209.197.3.41, 94982c5b634975e50103ce96082d2827.adsk2.co, 51716, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe, 
Detection, 10.08.2016 09:48, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Domain, 209.197.3.41, 94982c5b634975e50103ce96082d2827.adsk2.co, 51716, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe, 
Detection, 10.08.2016 09:48, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Domain, 209.197.3.41, 94982c5b634975e50103ce96082d2827.adsk2.co, 51719, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe, 
Detection, 10.08.2016 09:48, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Domain, 209.197.3.41, 94982c5b634975e50103ce96082d2827.adsk2.co, 51722, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe, 
Detection, 10.08.2016 09:48, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Domain, 209.197.3.41, 94982c5b634975e50103ce96082d2827.adsk2.co, 51724, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe, 
Detection, 10.08.2016 09:48, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Domain, 209.197.3.41, 94982c5b634975e50103ce96082d2827.adsk2.co, 51731, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe, 

(end)

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 11.08.2016 07:13, SYSTEM, HELLI-PC, Protection, Malware Protection, Starting, 
Protection, 11.08.2016 07:13, SYSTEM, HELLI-PC, Protection, Malware Protection, Started, 
Protection, 11.08.2016 07:13, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Starting, 
Protection, 11.08.2016 07:15, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Started, 
Protection, 11.08.2016 12:20, SYSTEM, HELLI-PC, Protection, Malware Protection, Starting, 
Protection, 11.08.2016 12:20, SYSTEM, HELLI-PC, Protection, Malware Protection, Started, 
Protection, 11.08.2016 12:20, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Starting, 
Protection, 11.08.2016 12:21, SYSTEM, HELLI-PC, Protection, Malicious Website Protection, Started, 

(end)

cosinus · 11.08.2016, 11:37

Weitere Log mit Malware? Suchlauf-Protokolle? Mit Funden?

Helli1965 · 11.08.2016, 11:59

Zitat:

Zitat von cosinus

Weitere Log mit Malware? Suchlauf-Protokolle? Mit Funden?

Hallo, nein ich finde sonst nichts. Nur diese Meldung immer wieder und das halt schon länger.

edit:
Ich starte mal einen Suchlauf und schaue dann mal ob ich das Protokoll finde zum speichern.

cosinus · 11.08.2016, 12:29

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Helli1965 · 11.08.2016, 15:40

Also es kommt die Meldung "No Malware found"

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.08.11.07
  rootkit: v2016.08.09.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18426
Helli :: HELLI-PC [administrator]

11.08.2016 14:46:45
mbar-log-2016-08-11 (14-46-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 483515
Time elapsed: 1 hour(s), 15 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 11.08.2016, 15:57

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Helli1965 · 11.08.2016, 19:03

So, hier ist die Adware Log:

Code:

ATTFilter

# AdwCleaner v5.201 - Bericht erstellt am 11/08/2016 um 19:45:17
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-08-10.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Helli - HELLI-PC
# Gestartet von : C:\Users\Helli\Downloads\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foxydeal
[-] Ordner gelöscht : C:\Program Files (x86)\foxydeal
[-] Ordner gelöscht : C:\Program Files (x86)\XTab
[-] Ordner gelöscht : C:\Users\Helli\AppData\Roaming\InetStat

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\foxydeal.sqlite
[-] Datei gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aiennapmieppnpfhhogglccgepbdajan_0.localstorage
[-] Datei gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aiennapmieppnpfhhogglccgepbdajan_0.localstorage-journal
[-] Datei gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.ask.com_0.localstorage
[-] Datei gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.ask.com_0.localstorage-journal
[-] Datei gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_download.icq.com_0.localstorage
[-] Datei gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] Datei gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] Datei gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage
[-] Datei gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage-journal
[-] Datei gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel gelöscht : HKCU\Software\foxydeal
[-] Schlüssel gelöscht : HKCU\Software\AppDataLow\foxydeal
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FoxTab Music Converter

***** [ Internetbrowser ] *****

[-] [C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\prefs.js] gelöscht : user_pref("extensions.enabledAddons", "greenwebplayer%40greentube.com:1.2.0,Noia4Options%40ArisT2:1.8.9,togglepersona%40davidvincent.tld:1.1.1,online_banking_69A4E213815F42BD863D889007201D82%40kaspers[...]
[-] [C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : vosteran.com
[-] [C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : aiennapmieppnpfhhogglccgepbdajan

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4210 Bytes] - [11/08/2016 19:45:17]
C:\AdwCleaner\AdwCleaner[R0].txt - [7604 Bytes] - [23/11/2014 17:14:10]
C:\AdwCleaner\AdwCleaner[R1].txt - [1046 Bytes] - [24/11/2014 18:44:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [7434 Bytes] - [23/11/2014 17:16:57]
C:\AdwCleaner\AdwCleaner[S1].txt - [5643 Bytes] - [24/11/2014 18:49:32]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4575 Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Helli (Administrator) on 11.08.2016 at 20:07:13,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 132 

Successfully deleted: C:\Users\Helli\AppData\Local\{06599244-FD63-45DC-A9F3-DDE41C2A6668} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{10354733-7756-443E-853D-F7DE94260539} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{10AF0D0B-AA83-4706-86F8-8BB728DF26D9} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{11081301-E663-476E-BEBE-330A23EC4395} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{125A3E6A-101F-46C5-BC2E-52A329F62769} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{134EA40A-924A-4B8D-AE69-A29E21D49E89} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{16CA21A0-3329-4B0B-96C1-60F0DF7C8D8B} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{1A4E4A2C-07DB-4BBF-B8C3-705960B1F437} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{1FC462FB-36CD-40C7-91A1-8FC4545D95D8} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{20CD32EB-F2C1-4DAC-BDC4-6DBF0F03D413} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{22A9EC79-517D-475B-A1D4-8DB136FF4D0B} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{23FD27FD-1FE1-4EDF-A6E9-7F15669D3A54} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{243CC98A-3EF7-485C-9053-5A9FFA436660} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{26B7BC2A-492A-4986-AFE8-3C198EE86915} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{2C336828-EEEB-4362-8A78-40BCB5786B4B} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{2D4C3ECA-D56D-4718-9041-B9CA393ABD9C} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{2EF311F1-386E-4CA4-B4B3-2B8F4D27ECC9} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{37C4C105-798D-4224-94E6-662B2FE00995} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{3C7744B5-97D3-4D40-A869-3DA6FDC1C686} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{40851898-5D56-475B-B160-25BDB40E4D94} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{408BFD8F-714B-4957-9BA5-8D4B7F0325AF} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{427D2685-30A5-4FBF-B3E4-8FF2E18F0796} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{44048849-F1C7-441C-AF02-AE27B98FED68} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{452041C4-FD7C-4AB8-AADB-5F927D58015D} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{4649453B-7991-4E39-BB11-2956D6D31CF6} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{4786C191-05ED-4838-B1D8-1FDFE58051AA} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{54C97F3D-EB5D-456A-98FA-8C4C358C159D} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{58586995-FCF0-49A8-B5E3-AB7C143974C3} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{611E4B51-3EB8-401A-9FBA-A2D4CAA4402E} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{63EACA59-4CB2-46D8-ABAB-09D9080C17E7} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{6730D027-D04C-4453-9923-4ED536678832} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{6B79DB93-3A37-46DF-BFE9-36C362341F2E} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{6BF8690F-1A9F-408D-905B-F66DBDB86E96} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{6FDBAE9D-779C-47AE-A41B-D36F028FF146} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{71451B0F-9012-43C3-9F89-4FA0F81FCE2B} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{7152C32E-5E80-426D-9BF9-B2AD2AECFE2E} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{754E0093-3361-4084-85E8-10FE86AEB375} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{77384473-5B8D-411A-8ABD-CB7EFBE74B6D} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{8176F102-A5A7-453E-A1CD-74D440136191} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{887EEC81-064C-415F-8718-47FA3E38FA6D} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{8929C64E-65C1-4A56-A531-3A1906C12D87} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{8FA49A67-A83C-49C3-820F-CE86C30E6269} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{95B60672-7BA3-4648-BD60-214971A9516D} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{98FF9917-CFDE-4831-89A1-75C0CB6E84B9} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{9AAF66D5-FE76-426B-A9AF-0F5344FFE8E1} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{9C0070F3-E10F-4E72-8010-314888A479D3} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{9CE2774E-87A4-422A-887F-5839BB231857} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{A06DC654-7502-4195-8F5D-8066C7CBA5E2} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{A2F4ABCB-3201-4A2A-91F1-9E070A87C8E6} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{A7D89ADD-E5E9-41F2-AB2E-6CAA13DDE4D4} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{A9239EA5-99FB-441A-B05B-9C4A78DE5F93} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{AC3A29DB-FC88-45C8-A189-DC344B1AF01F} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{AC8C9D41-132A-4C07-9FA6-9BFAEAE3BF0B} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{B09B4B54-903E-48DA-85D7-FD7B7359D4FD} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{B6904A79-FC49-4ACF-A078-42319A0213B7} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{B795F08A-2B00-40FA-9A05-9444672D2626} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{BA67EBBA-6135-4CC5-A1EE-3D05191F5EE8} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{C1A5CA8C-B94B-461B-943C-943E28772297} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{C24101AD-F85A-4630-A4E7-14518919758E} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{C455A397-2BD5-4E3F-B016-4F4E79FDE717} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{C88CFB19-EF97-4F87-AECB-4B9C79BAE418} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{C8B90AAC-05A1-4531-BDB6-C5BC1F16B3C8} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{CBF864BD-8E22-424F-99CE-D79A95B902A3} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{CD31F621-CF33-4974-97FF-9FACA84C99B5} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{CEE7DF1A-19DA-483B-B476-7A0AF0E1A3D1} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{D570F4BE-65B1-4F5F-80E5-C980F64FA971} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{DBA90CB9-9206-4DB7-981E-1606DED03F43} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{E212B408-8B70-4282-AC77-63C69E899B66} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{E572F6BD-E026-4F5B-ACDB-88B449BFDF50} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{F3DC4646-7193-47DD-8821-7B1D02F6F362} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{F96DB93A-DD6C-4E6D-9E26-6DB5216A3C4C} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\user.js (File) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\Helli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Helli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Helli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTK9F3Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Helli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Helli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Helli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZW9KIM3H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTK9F3Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZW9KIM3H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\SysWOW64\sho139D.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho1761.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho2CA2.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho3062.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho370C.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho3C46.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho3C47.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho407B.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho44AB.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho58ED.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho6241.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho67D2.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho6A8E.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho715B.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho7249.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho7370.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho81EF.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho88CF.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho918B.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho95FC.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho971D.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho97F6.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho98EA.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho9A5D.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoA887.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoAAB3.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoB2CE.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoB7A4.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoBBF4.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoBD6C.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoC009.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoC049.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoC175.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoCB23.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoD407.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoD470.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoD522.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoD52D.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoE0E5.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoE289.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoE523.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoE5E0.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoEB96.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoEC7B.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoF1FC.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoF869.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoFF59.tmp (File) 



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.08.2016 at 20:13:44,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus · 11.08.2016, 22:12

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

Helli1965 · 12.08.2016, 14:15

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-08-2016 01
durchgeführt von Helli (2016-08-12 15:00:49)
Gestartet von C:\Users\Helli\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-01 19:14:57)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2067386785-177352631-409754499-500 - Administrator - Disabled)
Gast (S-1-5-21-2067386785-177352631-409754499-501 - Limited - Enabled) => C:\Users\Gast
Helli (S-1-5-21-2067386785-177352631-409754499-1002 - Administrator - Enabled) => C:\Users\Helli
HomeGroupUser$ (S-1-5-21-2067386785-177352631-409754499-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
ALDI Bestellsoftware (HKLM-x32\...\ALDI Bestellsoftware) (Version: 5.0.1 - ORWO_Net)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Audio Converter 4.0.1 (HKLM-x32\...\Any Audio Converter_is1) (Version:  - Any-Audio-Converter.com)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.0.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Battlefield Play4Free (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
BOcncV2 (HKLM-x32\...\{123700E7-CAC7-48BB-B309-48FAFAC4FA2F}) (Version: 1.0.0 - Standardfirmenname)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
ChromecastApp (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
Creative Pack Volume 1 (HKLM-x32\...\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}) (Version: 3.0.1 - Corel Corporation)
CSS3 Menu (HKLM-x32\...\CSS3 Menu_is1) (Version:  - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.1928 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
DJI driver version 1.0 (HKLM-x32\...\{9A2C30EE-6E35-4479-B0E6-B1B47A54E8CD}_is1) (Version: 1.0 - DJI)
DJI NAZA-M LITE Assistant version 1.00 (HKLM-x32\...\{D8F3FE44-7EF0-4349-97EC-25DB781FB42F}_is1) (Version: 1.00 - DJI)
Dropbox (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
dslrBooth 5.6.30.4 (HKLM\...\{19FB8BF8-8E63-4542-8C79-D2B76CEDAB3F}) (Version: 5.6.30.4 - Hope Pictures LLC)
EASEUS Data Recovery Wizard Free Edition 5.5.1 (HKLM-x32\...\EASEUS Data Recovery Wizard Free Edition 5.5.1_is1) (Version:  - EASEUS)
Easy Button & Menu Maker 3 (HKLM-x32\...\Easy Button & Menu Maker_is1) (Version: 3.0 - Karlis Blumentals)
Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.20150309 - Landesfinanzdirektion Thüringen)
EPSON Print CD (HKLM-x32\...\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}) (Version:  - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Filmmaker's Toolkit for Studio (HKLM-x32\...\InstallShield_{2444562A-A7DC-42B8-A4D8-1BCF704B1480}) (Version: 1.0.1 - Red Giant)
Filmmaker's Toolkit for Studio (x32 Version: 1.0.1 - Red Giant) Hidden
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
FotoSketcher 2.42 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version:  - David THOIRON)
FoxyDeal version 1.0.0 (HKLM-x32\...\FoxyDeal_is1) (Version: 1.0.0 - R&E Media GmbH) <==== ACHTUNG
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
Frontplatten Designer (HKLM-x32\...\Frontplatten Designer) (Version: 4.1.1 - Schaeffer AG)
FTP Commander (HKLM-x32\...\FTP Commander) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.2.1 - ghost-mouse.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
helo_usb_drv_x64 (HKLM-x32\...\{8169725C-186E-4F92-AE39-26611F45ACE3}) (Version: 1.00.0000 - HELO)
HeloCut 5 (HKLM-x32\...\{8580EDDE-ACD8-4AC5-A5A3-309C41B16BF4}) (Version: 5.09.8000 - )
HeloCut 5 (HKLM-x32\...\{BC79822D-3183-4AA0-AC02-E1DF4C4183EC}) (Version: 5.09.8000 - VECAP Software Solutions)
HeloCut5 Update (HKLM-x32\...\{FE440F55-D821-4F2E-B831-3A3A883D41EF}) (Version: 5.15.0000 - VECAP IT Solutions GmbH)
Hollywood FX Volumes 1-3 (HKLM-x32\...\{E3D181F8-246B-497F-945E-6DB98CBA6677}) (Version: 2.0.1 - Corel Corporation)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{368E4EF8-E840-40EE-A224-50B8D1DC2B12}) (Version: 2.4.33.0 - HTC)
HyperCam 3 (HKLM-x32\...\HyperCam 3) (Version: 3.2.1107.8 - Solveig Multimedia)
ImageMagick 6.9.1-2 Q16 (64-bit) (2015-05-15) (HKLM\...\ImageMagick 6.9.1 Q16 (64-bit)_is1) (Version: 6.9.1 - ImageMagick Studio LLC)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java(TM) 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417000FF}) (Version: 7.0.0 - Oracle)
Java(TM) 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217000FF}) (Version: 7.0.0 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2926 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Motion Graphics Toolkit for Studio (HKLM-x32\...\InstallShield_{E5C99F9E-E97D-40B6-BAFC-8BCBFF1031E4}) (Version: 1.0.1 - Red Giant)
Motion Graphics Toolkit for Studio (x32 Version: 1.0.1 - Red Giant) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.2.0.6025 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NetObjects Fusion 1&1 Edition (HKLM-x32\...\{61921186-7300-4E0E-A674-2CA8B9D5793E}) (Version: 11.0 German - )
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.0.a - Runtime Games Ltd)
PhoenixCreator 2.5.a (HKLM-x32\...\{36E1E13F-3137-4EC0-8872-AAD6AE612486}) (Version: 2.5.1 - Runtime Games Ltd)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Studio 17 - Install Manager (HKLM-x32\...\{F04D92CC-5C3A-46FA-9C98-6EACBDD262FF}) (Version: 17.0.128 - Corel Corporation)
Pinnacle Studio 17 - Standard Content Pack (HKLM-x32\...\{BA98BFA8-5EDF-450B-A92E-C096DC135D0E}) (Version: 17.0 - Corel Corporation)
Pinnacle Studio 17 (HKLM-x32\...\{3DA8F808-72E2-4361-82EC-433081D23005}) (Version: 17.5.0.327 - Corel Corporation)
Pinnacle Studio 17 Add-Ons (x32 Version: 17.0 - Corel) Hidden
Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PPJoy Joystick Driver 0.8.4.6 (HKLM-x32\...\PPJoy Joystick Driver) (Version: 0.8.4.6 - Deon van der Westhuysen)
Premium Pack Volumes 1-2 (HKLM-x32\...\{88C4D8A6-9954-46A0-965D-92E55DAB8734}) (Version: 2.0.1 - Corel Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6368 - Realtek Semiconductor Corp.)
ScoreFitter Volumes 1-2 (HKLM-x32\...\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}) (Version: 2.0.1 - Corel Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{EE537655-630E-47E8-9609-EEBCAA1DDEDF}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
SketchUp 8 (HKLM-x32\...\{B8F4A45C-581C-4707-8EF2-2B9E6722270C}) (Version: 3.0.16944 - Trimble Navigation Limited)
Ski Challenge 12 (AT) (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\sc12-AT_MAIN) (Version:  - )
Ski Challenge 13 (AT) (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\sc13-AT_MAIN) (Version:  - )
Slideshow Creator (HKLM-x32\...\{4E1A63B1-F547-4CFC-91F7-F32F1A6BF430}_is1) (Version: 2.2 - Bolide Software)
Snooper Map Downloader (HKLM-x32\...\{A744A90A-BF76-4338-84A1-74F114B0F419}) (Version: 1.23 - Performance Products Ltd.)
SNS-HDR Lite v1.4.22 (HKLM\...\SNS-HDR Lite_is1) (Version:  - Sebastian Nibisz)
SPEEDLINK Strike 2 Gamepad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Title Extreme (HKLM-x32\...\{F7214014-27EE-4237-9978-2F9D1551559B}) (Version: 2.0.1 - Corel Corporation)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer) (Version: 1.6 - Deutsche Post AG)
Versandhelfer (x32 Version: 1.6 - Deutsche Post AG) Hidden
VG JPEG-Repair Online (HKLM-x32\...\{45820D27-B25B-4D94-8AA1-DEB467171024}) (Version: 1.6.7 - VG Solutions)
Vistaprint Fotobücher (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{BA786D68-3AD8-42DC-8BE1-9E09B4737A27}_is1) (Version: 9.2.0.1065 - Vistaprint)
watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH)
WaveLab 6 (HKLM-x32\...\WaveLabPro) (Version: 6.1.0.340 - Steinberg)
Windows Driver Package - wch.cn (CH341SER_A64) Ports  (11/04/2011 3.3.2011.11) (HKLM\...\97C9A01181CB4369C61AF9B1459B09809636C13D) (Version: 11/04/2011 3.3.2011.11 - wch.cn)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Liven asennustyökalu (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Windows-Treiberpaket - dji-innovations inc. (usbser) Ports  (01/19/2011 5.1.2600.5512) (HKLM\...\2DC11E587B8BA912FF8FD5433B426EE46F8E22DD) (Version: 01/19/2011 5.1.2600.5512 - dji-innovations inc.)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version:  - Wargaming.net)
Zero Assumption Recovery Version 9 (HKLM-x32\...\Zero Assumption Recovery_is1) (Version:  - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03426054-C22E-4BB0-A9D8-B8F96427BE7A} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Keine Datei <==== ACHTUNG
Task: {0374D25E-5B8E-45E5-81BF-E16B248771F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {09A90DA1-16C5-4FAA-AE65-9F2387D39942} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {0F5B2D0F-FCF9-496F-B884-A4043B8A0181} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {12586B7B-8AF3-4496-99A8-3F22079BBAB3} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Keine Datei <==== ACHTUNG
Task: {1F9822F8-B338-48FB-8656-AD47BB6A36CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {26851BAC-1CEE-42A2-BEC1-0FF7545A4955} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {2870E50D-4D54-456B-8D0F-79C6515FFA80} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {2A3E614F-4A8C-4665-B74C-6766AA8C154C} - System32\Tasks\{CF9D2DDC-EEAB-4C4F-B08A-5303A1D11280} => C:\Games\World_of_Warplanes\WOWpLauncher.exe [2014-10-17] (Wargaming.net)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {41A16815-6297-4125-986E-95757CBA3CED} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-07] (Dropbox, Inc.)
Task: {4299A1C6-EE8D-41FB-A748-021A5F441918} - System32\Tasks\{B93A9C8C-E6C9-41A4-8FC0-DBCDEBDF11E1} => pcalua.exe -a C:\Users\Helli\Downloads\graupner_pc_software_de\Graupner_PC_Software_DE\Receiver_Setup.exe -d C:\Users\Helli\Downloads\graupner_pc_software_de\Graupner_PC_Software_DE
Task: {450FB7DA-F722-42C6-B7A8-E6EF76DCCF09} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {4B7D0251-266C-422A-BAC7-E30DF56C64BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {4F02A42E-FEE7-429F-A9D3-0D613BDFAD19} - System32\Tasks\{8AB10502-1A27-4039-854A-AE2DCE65C57F} => pcalua.exe -a C:\Users\Helli\Downloads\Sunbird_Setup_1.0_Beta_1.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {5E03BDD9-CADA-4D24-A692-41AB0A1225E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {68A4722B-BBA7-49C3-A872-7E477854DCA4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate [Argument = -crl -hms -pscn 15]
Task: {7ACAABE6-98AB-462B-8AD1-AA9611F5F78B} - System32\Tasks\{DC9563FA-0A04-4B15-AE63-A95787C1B62E} => pcalua.exe -a C:\Users\Helli\Downloads\Adobe\CS_2.0_GR_Extras_1.exe -d C:\Users\Helli\Downloads\Adobe
Task: {8257F656-31A7-4302-BC97-56457175CB67} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-07] (Dropbox, Inc.)
Task: {8CF958C1-5469-4B3F-B3A7-57CE2170526A} - System32\Tasks\{9A6B2E68-840A-47C3-9F0D-D18AA7979B79} => pcalua.exe -a C:\Users\Helli\Downloads\agsetup183se.exe -d C:\Users\Helli\Downloads
Task: {95EF5595-3144-4BA9-A0C6-1B5A4DF9B2DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-28] (Adobe Systems Incorporated)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {9B417D00-9371-44C5-BC5D-4567DE665EC5} - System32\Tasks\{5D9D153F-F2CB-4570-BAE1-B4AA18B4311D} => pcalua.exe -a "E:\Win7 USB\SETUP.EXE" -d "E:\Win7 USB"
Task: {9CB7A533-4C6A-489D-AEA4-92784F4F4DC5} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {AAC452C4-A19E-4690-B461-A84D24A1929D} - System32\Tasks\{A24E3D1D-D17B-46FA-87DE-E557E20A6CDE} => pcalua.exe -a C:\Users\Helli\Downloads\Adobe\CS2_RetNon_Ger_3.exe -d C:\Users\Helli\Downloads\Adobe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {B5F353CE-6293-49C1-8158-8E7C22EB387F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate [Argument = $(Arg0)]
Task: {B6CA9322-7490-458D-8A17-D0351FF6DC94} - System32\Tasks\{80AC71C8-0543-4AD4-BF6F-84482AE19BDA} => pcalua.exe -a E:\Autorun.exe -d E:\
Task: {BA9D8BA4-30B4-406C-A23E-7FC77565F343} - System32\Tasks\{CAAA3F79-29FF-452A-9832-06F473BBE0BB} => pcalua.exe -a C:\Users\Helli\Downloads\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI.exe -d C:\Users\Helli\Downloads\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI_2_2b2
Task: {C216415A-A07E-4133-BA72-D1EED53210BB} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec [Argument = /StartRecording]
Task: {CA7DF40A-77AE-4EF5-8F2F-1C7EAF77A98A} - System32\Tasks\{C259DCE7-C4D2-41C3-9CDB-BA64A4C09FDA} => pcalua.exe -a C:\Users\Helli\Downloads\SimpleBGC_GUI_2_40b7\SimpleBGC_GUI_2_40\SimpleBGC_GUI.exe -d C:\Users\Helli\Downloads\SimpleBGC_GUI_2_40b7\SimpleBGC_GUI_2_40
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Keine Datei <==== ACHTUNG
Task: {DC66455B-FBFD-4604-8DA0-F4737FE37B3D} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E0A2C520-6FE9-4E4E-95C8-33B4BE9805D0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec [Argument = /RestartRecording]
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core.job => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA.job => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Streaming Media Player.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jggnklnmaecfofafepejcjcjkcohgcfb

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-12-20 19:19 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-23 15:51 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-07 19:27 - 2012-12-07 19:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2012-02-10 16:00 - 2012-02-10 16:00 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-10-07 12:23 - 2011-10-07 12:23 - 00070144 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2011-12-31 10:49 - 2011-12-31 10:49 - 00058880 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.7.0.12__f722db7bec59a14b\Tvd.Remote.dll
2011-12-31 10:49 - 2011-12-31 10:49 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Tools\2.7.0.12__f722db7bec59a14b\Tvd.Tools.dll
2011-12-31 10:49 - 2011-12-31 10:49 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2011-12-31 10:49 - 2011-12-31 10:49 - 00079360 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.7.0.12__f722db7bec59a14b\Tvd.Reporting.dll
2011-12-31 10:49 - 2011-12-31 10:49 - 00152576 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.7.0.12__f722db7bec59a14b\Tvd.Aprico.dll
2016-05-20 18:06 - 2016-05-20 18:06 - 00959168 _____ () C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2014-12-24 14:29 - 2014-12-08 08:27 - 06277952 _____ () C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-01-22 17:09 - 2014-01-22 17:09 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2014-01-22 17:08 - 2014-01-22 17:08 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-01-22 17:08 - 2014-01-22 17:08 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-01-22 17:08 - 2014-01-22 17:08 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-01-22 17:08 - 2014-01-22 17:08 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-01-22 17:09 - 2014-01-22 17:09 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-01-22 17:09 - 2014-01-22 17:09 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-01-22 17:10 - 2014-01-22 17:10 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2016-05-12 11:03 - 2016-05-12 11:03 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f91bd970f20123a46b575cf6e92bc441\IsdiInterop.ni.dll
2011-08-11 22:01 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-05-20 18:06 - 2016-05-20 18:06 - 00679624 _____ () C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-01-21 14:43 - 2016-07-16 16:12 - 52042352 _____ () C:\Users\Helli\AppData\Roaming\Spotify\libcef.dll
2016-06-25 11:10 - 2016-06-30 04:25 - 00035792 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-08-06 18:59 - 2016-06-30 04:25 - 00145864 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-08-06 18:59 - 2016-06-30 04:26 - 00019408 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-08-06 18:59 - 2016-06-30 04:25 - 00116688 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-06-25 11:10 - 2016-06-30 04:25 - 00100296 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-25 11:09 - 2016-06-30 04:25 - 00018888 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-25 11:09 - 2016-08-01 23:27 - 00019760 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-25 11:10 - 2016-06-30 04:25 - 00694224 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-08-06 18:59 - 2016-08-01 23:26 - 00020816 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-06-25 11:10 - 2016-06-30 04:26 - 00123856 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-08-06 18:59 - 2016-08-01 23:26 - 01682760 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-08-06 18:59 - 2016-08-01 23:26 - 00020808 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00021312 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00052024 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00038696 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00105928 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-06 18:59 - 2016-06-30 04:25 - 00392144 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-08-06 18:59 - 2016-06-30 04:27 - 00020936 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00024528 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00114640 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00381752 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00124880 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00025424 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00175560 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00030160 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00043472 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00048592 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00026456 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00057808 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00024016 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-08-06 18:59 - 2016-08-01 23:26 - 00246592 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00028616 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00019776 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00020800 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-06-25 11:10 - 2016-06-30 04:25 - 00144848 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-08-06 18:59 - 2016-06-30 04:26 - 00241104 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-08-06 18:59 - 2016-08-01 23:26 - 00020280 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00023376 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00350152 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-06-25 11:10 - 2016-08-01 23:27 - 00022352 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00024392 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-08-06 18:59 - 2016-06-30 04:28 - 00036296 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\librsync.dll
2016-08-06 18:59 - 2016-08-01 23:27 - 00084280 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-08-06 18:59 - 2016-08-01 23:27 - 01826096 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-25 11:09 - 2016-06-30 04:26 - 00083912 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\sip.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 03929392 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 01972016 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00531248 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00132912 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00224056 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00207672 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00020288 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-06-25 11:10 - 2016-06-30 04:27 - 00060880 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00024904 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00546096 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00357680 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00168248 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-08-06 18:59 - 2016-08-01 23:27 - 00042808 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-01-21 14:43 - 2016-07-16 16:12 - 01741936 _____ () C:\Users\Helli\AppData\Roaming\Spotify\libglesv2.dll
2016-01-21 14:43 - 2016-07-16 16:12 - 00087664 _____ () C:\Users\Helli\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:EBAA0CD9 [128]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2067386785-177352631-409754499-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^watchmi tray.lnk => C:\Windows\pss\watchmi tray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{85832019-5E10-4687-9BE8-ECC6260C4DFB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3F0CB73A-4640-4B7B-A0AC-524E66E23823}] => (Allow) LPort=2869
FirewallRules: [{D63C74F5-9DCE-4F49-A501-D838905BB8A3}] => (Allow) LPort=1900
FirewallRules: [{CB2332EA-77AC-41DE-AD54-8B1B22BDC0F9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C0B4056E-B896-435C-BBE5-FF8029F17959}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{E256B328-C528-4EAF-B332-CC4B183C86EE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{E1F6AE30-4249-4692-9004-771693CBFBE0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{FB2F82EE-DEB4-4909-9EE4-A18310BE384A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{87B4BC7C-A2BE-428C-8AE5-0F8F7063EBB6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{C04AE569-E1F7-4C22-AD6A-DA98EB2712E8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{29373102-88B8-4D47-B105-4BBD82D21ED6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{806E67FF-BEBA-4548-9A3F-2FBAC0F98E10}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{B3319756-B179-4AC5-94C3-C9C9FA5E420D}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{03491E0D-FA98-4574-9FB8-63329D41CE5B}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{429C5531-915C-435C-B0C4-FA1483B84C43}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1EC9D45E-95F2-4096-8B7C-A33BA93C062B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{C50E2646-F02B-4F36-B4D6-AEF9AA368A3C}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FF4E220C-1C9A-43AB-A68D-376B58F8C1CF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{AD9C6B1D-2FF7-4076-AB69-3F8DC765F3B8}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{019D6199-5B85-4452-A79C-55861A359844}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{3E19E9BA-A4DA-4274-8106-E3DA59630A53}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FD6DB47C-13A9-4C47-96B4-54CA57D8B6DF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E25504B7-9CF4-4969-8D42-310BDD34835D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{16A41F44-CFA5-4A8D-B9C3-AD22BF0BF8F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A2D8D71B-E710-41A3-887F-36FC6BD78191}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A500A9AA-3549-48B1-BB6A-63BF9735A6A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{3EF2D9F8-BD7C-450E-8760-D31EBF4C3868}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{4E6EF22C-F4E7-42A2-A3C1-D1626D150F88}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{CA422FF4-7A06-4712-8C07-BA17B50ED8ED}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{B5AE1388-51E6-459A-BF2A-A542C0FFF427}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [{8B268F4F-0C90-4F88-ACBF-5EFC2BDF0F42}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{49FE939F-27D6-4763-8A28-7753C0229E37}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{BE62E31A-ED9E-48CE-8930-4A932C9FCA64}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{2651BC27-381C-43D5-A77C-4C0D45E8BC7A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{944FC4AC-06DC-4BE7-86E0-6C3F3E2ABA67}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{0AE6E609-53FA-4D67-8D08-88169B59E549}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{26AB6CBE-2D46-495D-943D-DA226824BED8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{D2B75AE4-ACA7-4B7D-AB6C-739A54072B48}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{D74D9B78-02EA-4696-8B34-AAA473019E87}C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe] => (Allow) C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe
FirewallRules: [UDP Query User{B219A230-4551-43A4-A9D7-0EA61915558E}C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe] => (Allow) C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe
FirewallRules: [TCP Query User{922C8C4E-F070-43FB-B54E-839B439089C5}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{D16BB7D2-99B9-4574-88A3-A98FE8D417D7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [TCP Query User{FB3E5598-23CC-4FF1-A4C7-B9EF116740DB}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{6164FAA6-3A28-4E11-8DF3-21E89CF27588}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{78AF04A3-B48C-4F90-8E73-3CF0723F16C4}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{275B5807-2988-4AA1-B757-3AA1E6F108D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{485B18DD-7609-4827-8552-F7E6BB196C64}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D490CBE6-DA72-43E5-9B6C-851A6101799A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2C57B42A-ED43-42BF-BF1A-B168EE2F786C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0033A636-ED6A-4699-8C56-B3F1DBF234CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9191D8F8-423F-46FB-902A-A7D3DA865C22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C25CA83A-75E3-4410-A3D6-5B7016793DBE}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{FA5A1528-02C1-401F-8959-E15F474B79B4}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{3BC30513-F5A4-436D-911E-9F5D9F4744A3}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{4A7EBA7C-AB2F-46D1-9545-C3F727A8170C}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{3441E80C-B975-4627-BB35-3AA370AC1999}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [{9E3B0C05-3612-444E-A31E-739765FE8FAF}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [{07888844-6A66-4C72-9236-938667E02DB4}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{B7B69043-4955-4BCF-88B0-6759D6AF2F68}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{CDD93FC2-711E-4894-8DD4-4CF60889D567}] => (Allow) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{144FAD38-E814-4392-AECE-EE286D1C4C82}] => (Allow) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EA2D6A13-0F24-4DD6-B161-E0E4BB53C2EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{470A3940-FF7B-44F5-B1F4-4FEF43EAD303}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0DDFD6CE-7493-4119-9FD8-40F8518A6508}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B10302FD-BBC3-4AF5-9BD8-3D8443EEABD1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0FE5523A-58AF-4347-91A4-9992662E01EF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9DBC48B4-5EF0-436A-B252-3BA65671AFA1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61834444-AD52-4D4C-8F2B-5BE3C6792C93}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{AC81599F-6782-43FD-AC0D-CBFAC2D4519F}C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6206C2CF-BB80-445D-B420-C5FF83EFA41E}C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{51C0210B-0065-4170-B983-A24A2A4325F7}C:\program files (x86)\dslrbooth\dslrbooth.exe] => (Allow) C:\Program Files (x86)\dslrBooth\dslrbooth.exe
FirewallRules: [UDP Query User{70BFE554-4451-4585-B04E-CDF6EF498BDB}C:\program files (x86)\dslrbooth\dslrbooth.exe] => (Allow) C:\Program Files (x86)\dslrBooth\dslrbooth.exe
FirewallRules: [{624ADD40-45FB-4B7B-8A56-79BB2D98D670}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6A1C4611-4905-4045-955E-AB670661C688}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AF58937F-FF2E-43BB-B999-7DF29E8C1DA3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E18654BA-D5FD-4B41-8ACE-FC92EC091C32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{CD405E4D-59E6-4445-8052-E7D29406B973}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7CDE6156-382F-44BD-A949-798046414E54}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [{90DE1E8D-BAAC-4DC0-9578-FAE5BFA12F6F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{374A559F-1419-413D-8405-E46F3C8ABE60}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3D92C506-8908-4B95-8680-EBA294F999CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{374BF525-7D45-4A92-97DC-D916BF6BBC01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{14944F10-DB18-4A99-8989-2C22809D622C}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6A9D8FD0-BFD5-497E-86D2-9A3DD82BECFF}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [{196DF86D-38A1-4F69-A7E8-6138FF5140D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

31-07-2016 11:07:12 Windows Update
06-08-2016 19:17:33 Windows Update
10-08-2016 21:51:18 Windows Update
11-08-2016 20:07:48 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/12/2016 02:55:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (08/11/2016 10:00:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CorelDRW.exe, Version: 12.0.0.458, Zeitstempel: 0x3fced9b6
Name des fehlerhaften Moduls: CdrCore.dll, Version: 12.0.0.458, Zeitstempel: 0x3fceece4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002f2e7
ID des fehlerhaften Prozesses: 0x15f0
Startzeit der fehlerhaften Anwendung: 0xCorelDRW.exe0
Pfad der fehlerhaften Anwendung: CorelDRW.exe1
Pfad des fehlerhaften Moduls: CorelDRW.exe2
Berichtskennung: CorelDRW.exe3

Error: (08/11/2016 09:01:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CorelDRW.exe, Version: 12.0.0.458, Zeitstempel: 0x3fced9b6
Name des fehlerhaften Moduls: CdrCore.dll, Version: 12.0.0.458, Zeitstempel: 0x3fceece4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002f2e7
ID des fehlerhaften Prozesses: 0x1158
Startzeit der fehlerhaften Anwendung: 0xCorelDRW.exe0
Pfad der fehlerhaften Anwendung: CorelDRW.exe1
Pfad des fehlerhaften Moduls: CorelDRW.exe2
Berichtskennung: CorelDRW.exe3

Error: (08/11/2016 09:20:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CorelDRW.exe, Version: 12.0.0.458, Zeitstempel: 0x3fced9b6
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000019f
ID des fehlerhaften Prozesses: 0x48c
Startzeit der fehlerhaften Anwendung: 0xCorelDRW.exe0
Pfad der fehlerhaften Anwendung: CorelDRW.exe1
Pfad des fehlerhaften Moduls: CorelDRW.exe2
Berichtskennung: CorelDRW.exe3

Error: (08/10/2016 10:42:42 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (08/10/2016 12:48:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a857
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000bf262
ID des fehlerhaften Prozesses: 0x17d0
Startzeit der fehlerhaften Anwendung: 0xwmprph.exe0
Pfad der fehlerhaften Anwendung: wmprph.exe1
Pfad des fehlerhaften Moduls: wmprph.exe2
Berichtskennung: wmprph.exe3

Error: (08/10/2016 11:45:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a857
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048d84
ID des fehlerhaften Prozesses: 0x17d0
Startzeit der fehlerhaften Anwendung: 0xwmprph.exe0
Pfad der fehlerhaften Anwendung: wmprph.exe1
Pfad des fehlerhaften Moduls: wmprph.exe2
Berichtskennung: wmprph.exe3

Error: (08/09/2016 08:30:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Importer.exe, Version 14.0.1.1056 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1ef4

Startzeit: 01d1f2060c8ca4a7

Endzeit: 39

Anwendungspfad: C:\Program Files (x86)\Pinnacle\Studio 14\Import\programs\Importer.exe

Berichts-ID: aafb29ab-5dfa-11e6-ae4f-8c89a56d6ec7

Error: (08/07/2016 08:44:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.23392, Zeitstempel: 0x56eb2f8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00033a56
ID des fehlerhaften Prozesses: 0x1044
Startzeit der fehlerhaften Anwendung: 0xNvBackend.exe0
Pfad der fehlerhaften Anwendung: NvBackend.exe1
Pfad des fehlerhaften Moduls: NvBackend.exe2
Berichtskennung: NvBackend.exe3

Error: (08/02/2016 09:08:23 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]


Systemfehler:
=============
Error: (08/12/2016 02:55:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.225.3703.0)

Error: (08/12/2016 02:39:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.

Error: (08/12/2016 02:32:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Device Interaction Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/12/2016 02:32:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Device Interaction Service erreicht.

Error: (08/11/2016 08:10:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/11/2016 08:10:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/11/2016 07:45:46 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (08/11/2016 07:45:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Office Software Protection Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/11/2016 07:45:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/11/2016 07:45:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2015-03-09 18:30:43.512
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-09 18:30:43.494
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-09 18:30:43.493
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.311
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.249
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.249
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.217
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.124
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 07:21:50.414
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 07:21:50.331
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 4077.64 MB
Verfügbarer physikalischer RAM: 1719.54 MB
Summe virtueller Speicher: 8153.46 MB
Verfügbarer virtueller Speicher: 5195.75 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:569.65 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:25.71 GB) NTFS
Drive i: (HDDRIVE2GO) (Fixed) (Total:931.28 GB) (Free:674.11 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 57A991D6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================

Helli1965 · 12.08.2016, 14:16

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2016 01
durchgeführt von Helli (Administrator) auf HELLI-PC (12-08-2016 14:56:34)
Gestartet von C:\Users\Helli\Downloads
Geladene Profile: Helli & Gast (Verfügbare Profile: Helli & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Dropbox, Inc.) C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Spotify Ltd) C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Helli\AppData\Roaming\Spotify\Spotify.exe
(Dropbox, Inc.) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\Helli\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Helli\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-12-01] (Google Inc.)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Amazon Music] => C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Dropbox Update] => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-07] (Dropbox, Inc.)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Google Update] => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2016-01-17] (Google Inc.)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Spotify Web Helper] => C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-16] (Spotify Ltd)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Spotify] => C:\Users\Helli\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-16] (Spotify Ltd)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {a7d6756a-2742-11e1-ab8c-8c89a56d6ec7} - F:\Startme.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {ae8179f2-85a7-11e3-8bbf-8c89a56d6ec7} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {b8c3669f-1ccf-11e6-bc6b-8c89a56d6ec7} - F:\startme.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {f5a8b434-910a-11e1-a003-8c89a56d6ec7} - I:\Startme.exe
HKU\S-1-5-21-2067386785-177352631-409754499-501\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-12-01] (Google Inc.)
HKU\S-1-5-21-2067386785-177352631-409754499-501\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2067386785-177352631-409754499-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-2067386785-177352631-409754499-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-2067386785-177352631-409754499-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-21-2067386785-177352631-409754499-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2067386785-177352631-409754499-1002 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-08-12] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2011-08-12] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-29] (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
Toolbar: HKU\S-1-5-21-2067386785-177352631-409754499-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
Toolbar: HKU\S-1-5-21-2067386785-177352631-409754499-501 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
DPF: HKLM-x32 {DF2F1634-A3AA-4E1B-9945-13F2BC455C0C} hxxp://at.sc12.greentube.com/xsl_gamebase/_magic/game_loader/ActiveXInstaller1.2.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\myMugle\Skype4COM.dll [2009-10-29] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default
FF Homepage: hxxp://www.kappes-helmut.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-28] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [2011-08-12] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll [2011-08-12] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-11-29] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-11-29] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-11-29] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-2067386785-177352631-409754499-1002\FireFox\user.js [2016-03-04]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Extension: GreenWebPlayer - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\greenwebplayer@greentube.com [2013-12-12] [ist nicht signiert]
FF Extension: Noia 4 Theme Manager - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\Noia4Options@ArisT2.xpi [2014-01-08] [ist nicht signiert]
FF Extension: Toggle Persona - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\togglepersona@davidvincent.tld.xpi [2014-03-01] [ist nicht signiert]
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-11-29] [ist nicht signiert]
FF Extension: Garmin Communicator - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-02-19] [ist nicht signiert]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-11-29] [ist nicht signiert]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-11-29] [ist nicht signiert]
FF Extension: WOT - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: facepaste - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\facepaste.firefox.addon@azabani.com.xpi [2016-03-11]
FF Extension: YouTube to MP3 - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\youtube2mp3@mondayx.de.xpi [2016-05-01]
FF Extension: YouTube MP3 Pro - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\info@youtubespace.de.xpi [2016-05-01]
FF Extension: Noia Fox options - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\NoiaFoxoption@davidvincent.tld.xpi [2016-05-01]
FF Extension: Bitdefender QuickScan - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2016-05-01]
FF Extension: FoxyDeal - C:\Users\Helli\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-01-25] [ist nicht signiert]
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\de_DE@dicts.j3e.de [2016-05-01]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-07-07]
FF Extension: YouTube mp3 - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\info@youtube-mp3.org.xpi [2016-05-01]
FF Extension: Easy YouTube to MP3 Converter - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi [2016-05-01]
FF Extension: Facedown - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\jid1-jOzgwWWFkIQQqg@jetpack.xpi [2016-05-01]
FF Extension: Video MPEG4 HD Free - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\{0be179e0-d1d2-4606-9ccd-0d61c65de47a}.xpi [2016-05-19] [ist nicht signiert]
FF Extension: HTML Service - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\{5ae4d270-5529-4637-868e-033b39cfddca}.xpi [2015-12-22] [ist nicht signiert]
FF Extension: Noia Fox - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2015-09-01]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\0l7jhua5.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-03-21]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.kappes-helmut.de/"
CHR Profile: C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Cast) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-04-29]
CHR Extension: (Musik Songs Spieler) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdenlcnfdjepagejpfajlkicggieknab [2016-01-17]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2016-01-17]
CHR Extension: (Kaspersky Protection) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-11]
CHR Extension: (Streaming Media Player) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggnklnmaecfofafepejcjcjkcohgcfb [2016-01-17]
CHR Extension: (Media Player for YouTube™) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\moebmmkeehmohghiialcoemcmebekbap [2016-04-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-09]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2012-02-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-05] (www.winchiphead.com)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-11-29] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-11-29] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-12] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20024 2010-02-20] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39992 2010-02-20] (Deon van der Westhuysen)
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-12 14:56 - 2016-08-12 14:56 - 00000000 ____D C:\Users\Helli\Downloads\FRST-OlderVersion
2016-08-12 14:41 - 2016-08-12 14:41 - 00000000 ___HD C:\OneDriveTemp
2016-08-11 20:13 - 2016-08-11 20:13 - 00013453 _____ C:\Users\Helli\Desktop\JRT.txt
2016-08-11 20:05 - 2016-08-11 20:05 - 01610560 _____ (Malwarebytes) C:\Users\Helli\Downloads\JRT.exe
2016-08-11 19:33 - 2016-08-11 19:33 - 03712064 _____ C:\Users\Helli\Downloads\AdwCleaner_5.201.exe
2016-08-11 14:46 - 2016-08-11 16:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-08-11 13:38 - 2016-08-11 16:35 - 00000000 ____D C:\Users\Helli\Desktop\mbar
2016-08-11 13:37 - 2016-08-11 13:37 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Helli\Downloads\mbar-1.09.3.1001.exe
2016-08-10 18:21 - 2016-08-02 16:54 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-10 18:21 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-10 18:21 - 2016-08-02 08:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-10 18:21 - 2016-08-02 08:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-10 18:21 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-10 18:21 - 2016-08-02 08:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-10 18:21 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-10 18:21 - 2016-08-02 08:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-10 18:21 - 2016-08-02 08:24 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-10 18:21 - 2016-08-02 08:23 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-10 18:21 - 2016-08-02 08:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-10 18:21 - 2016-08-02 08:11 - 00969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-10 18:21 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-08-10 18:21 - 2016-08-02 08:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-10 18:21 - 2016-08-02 07:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-10 18:21 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-10 18:21 - 2016-08-02 07:53 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-10 18:21 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-10 18:21 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-08-10 18:21 - 2016-08-02 07:51 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-10 18:21 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-08-10 18:21 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-08-10 18:21 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-08-10 18:21 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-10 18:21 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-08-10 18:21 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-08-10 18:21 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-10 18:21 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-10 18:21 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-08-10 18:21 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-08-10 18:21 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-10 18:21 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-10 18:21 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-10 18:21 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-08-10 18:21 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-10 18:21 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-08-10 18:21 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-08-10 18:21 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-08-10 18:21 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-10 18:21 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-08-10 18:21 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-10 18:21 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-08-10 18:21 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-10 18:21 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-10 18:21 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-08-10 18:21 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-10 18:21 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-10 18:21 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-10 18:21 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-10 18:21 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-10 18:21 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-10 18:21 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-10 18:21 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-10 18:21 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-10 18:21 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-10 18:21 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-10 18:21 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-08-10 18:21 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-08-10 18:21 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-10 18:21 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-10 18:21 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-10 18:21 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-10 18:21 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-10 18:21 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-08-10 18:21 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-10 18:21 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-08-10 18:20 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-10 18:20 - 2016-08-02 08:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-10 18:20 - 2016-08-02 08:31 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-10 18:20 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-10 18:20 - 2016-08-02 08:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-10 18:20 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-10 18:20 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-10 18:20 - 2016-08-02 08:18 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-10 18:20 - 2016-08-02 08:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-10 18:20 - 2016-08-02 07:56 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-10 18:20 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-10 18:20 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-10 18:20 - 2016-08-02 07:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-10 18:20 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-10 18:20 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-10 10:10 - 2016-08-10 10:10 - 00001796 _____ C:\Users\Helli\Desktop\Malware.txt
2016-08-10 10:05 - 2016-08-10 10:13 - 00101053 _____ C:\Users\Helli\Downloads\Addition.txt
2016-08-10 10:02 - 2016-08-12 14:56 - 02393600 _____ (Farbar) C:\Users\Helli\Downloads\FRST64.exe
2016-08-10 10:02 - 2016-08-12 14:56 - 00033584 _____ C:\Users\Helli\Downloads\FRST.txt
2016-08-10 10:02 - 2016-08-12 14:56 - 00000000 ____D C:\FRST
2016-08-09 08:27 - 2016-08-09 10:23 - 00000000 _____ C:\Users\Helli\Downloads\OneDrive-2016-08-08(1).zip
2016-08-09 08:26 - 2016-08-09 08:53 - 160301105 _____ C:\Users\Helli\Downloads\OneDrive-2016-08-08.zip.part
2016-08-08 22:13 - 2016-08-09 07:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\15A60E84.sys
2016-08-06 19:01 - 2016-08-06 19:01 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-02 21:02 - 2016-08-09 21:04 - 00027648 _____ C:\Users\Helli\Documents\T-shirt 2016.xls
2016-08-02 19:55 - 2016-08-02 19:55 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\26B9504D.sys
2016-07-29 12:40 - 2016-07-29 12:41 - 00313328 _____ C:\Windows\Minidump\072916-26660-01.dmp
2016-07-29 12:23 - 2016-08-11 22:28 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba.job
2016-07-29 12:23 - 2016-08-11 12:28 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca.job
2016-07-29 12:23 - 2016-07-29 12:23 - 00004090 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba
2016-07-29 12:23 - 2016-07-29 12:23 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca
2016-07-29 12:22 - 2016-08-12 14:41 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77.job
2016-07-29 12:22 - 2016-08-11 22:28 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f.job
2016-07-29 12:22 - 2016-07-29 12:22 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f
2016-07-29 12:22 - 2016-07-29 12:22 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77
2016-07-25 21:10 - 2016-07-25 21:10 - 00001088 _____ C:\Users\Public\Desktop\PDF24.lnk
2016-07-25 21:10 - 2016-07-25 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-07-23 12:52 - 2016-07-23 13:00 - 00000000 ____D C:\Users\Helli\Downloads\Fitswork447
2016-07-23 12:49 - 2016-07-23 12:49 - 01341307 _____ C:\Users\Helli\Downloads\Fitswork447.zip
2016-07-21 21:26 - 2016-07-23 09:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-07-18 20:17 - 2016-07-18 21:24 - 00000000 ____D C:\Users\Helli\Downloads\Martin und Nina
2016-07-18 13:13 - 2016-08-09 08:35 - 00000000 ____D C:\klaus
2016-07-16 16:04 - 2016-07-16 16:04 - 00000000 _____ C:\Windows\Minidump\071616-136828-01.dmp
2016-07-16 11:05 - 2016-07-16 11:05 - 00001053 _____ C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dslrBooth.lnk
2016-07-16 11:05 - 2016-07-16 11:05 - 00001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dslrBooth.lnk
2016-07-16 11:05 - 2016-07-16 11:05 - 00001023 _____ C:\Users\Helli\Desktop\dslrBooth.lnk
2016-07-16 11:05 - 2016-07-16 11:05 - 00000000 ____D C:\ProgramData\InstallMate
2016-07-16 09:22 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-16 09:22 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-16 09:22 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-16 09:22 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-16 09:22 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-16 09:22 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-16 09:22 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-16 09:22 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-16 09:22 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-16 09:22 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-16 09:22 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-16 09:22 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-16 09:22 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-16 09:22 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-12 14:57 - 2009-07-14 06:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-12 14:57 - 2009-07-14 06:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-12 14:53 - 2012-01-12 13:50 - 00000000 ____D C:\Users\Helli\Documents\Corel User Files
2016-08-12 14:50 - 2011-12-01 21:12 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-12 14:46 - 2016-01-21 14:42 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Spotify
2016-08-12 14:42 - 2014-01-25 16:30 - 00000000 ____D C:\Users\Helli\AppData\Local\HTC MediaHub
2016-08-12 14:41 - 2016-01-21 14:43 - 00000000 ____D C:\Users\Helli\AppData\Local\Spotify
2016-08-12 14:41 - 2015-10-26 19:11 - 00000000 ___RD C:\Users\Helli\OneDrive
2016-08-12 14:41 - 2015-01-10 13:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-12 14:41 - 2014-10-11 12:31 - 00000000 ___RD C:\Users\Helli\Dropbox
2016-08-12 14:31 - 2015-09-07 20:18 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA.job
2016-08-12 14:31 - 2015-09-07 20:18 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core.job
2016-08-12 14:31 - 2011-09-06 00:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-12 14:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-11 22:09 - 2014-02-16 20:07 - 00000000 ____D C:\ProgramData\HeloCut5
2016-08-11 19:45 - 2014-11-23 17:14 - 00000000 ____D C:\AdwCleaner
2016-08-11 19:45 - 2012-05-24 09:52 - 00000008 __RSH C:\Users\Helli\ntuser.pol
2016-08-11 19:45 - 2011-12-01 21:15 - 00000000 ____D C:\Users\Helli
2016-08-11 13:38 - 2014-11-23 17:22 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-11 07:12 - 2009-07-14 06:45 - 00504112 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-11 07:08 - 2015-08-05 19:38 - 745612019 _____ C:\Windows\MEMORY.DMP
2016-08-10 22:31 - 2013-07-19 16:25 - 00000000 ____D C:\Windows\system32\MRT
2016-08-10 21:53 - 2011-07-18 22:31 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-10 19:53 - 2011-05-16 16:04 - 00699432 _____ C:\Windows\system32\perfh007.dat
2016-08-10 19:53 - 2011-05-16 16:04 - 00149572 _____ C:\Windows\system32\perfc007.dat
2016-08-10 19:53 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-10 19:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-08-10 13:15 - 2012-01-04 23:18 - 00000000 ____D C:\Users\Helli\AppData\Local\Pinnacle
2016-08-10 11:47 - 2012-01-04 23:15 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-08-10 07:48 - 2012-01-13 10:47 - 00062464 _____ C:\Users\Helli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-09 10:04 - 2015-01-10 13:22 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 10:04 - 2015-01-10 13:22 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-06 19:37 - 2011-12-02 21:58 - 00000000 ____D C:\Users\Gast
2016-08-06 19:02 - 2014-10-11 12:28 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Dropbox
2016-08-02 06:38 - 2016-01-21 15:25 - 00000000 ____D C:\Users\Helli\Documents\ASV 2016
2016-07-31 11:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-31 11:00 - 2015-10-30 21:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-07-29 12:42 - 2016-01-17 18:38 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA.job
2016-07-29 12:42 - 2011-12-01 21:09 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-29 12:40 - 2012-08-24 10:46 - 00000000 ____D C:\Windows\Minidump
2016-07-29 12:23 - 2016-01-17 18:38 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core.job
2016-07-29 12:22 - 2011-12-01 21:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-26 14:24 - 2010-11-21 05:27 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-25 21:10 - 2012-01-25 22:01 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-07-24 14:59 - 2012-05-03 20:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-21 18:11 - 2015-01-31 14:11 - 00000000 ____D C:\Users\Helli\Downloads\Karneval Musik
2016-07-21 17:37 - 2015-04-08 13:41 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-21 17:37 - 2015-04-08 13:41 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-18 21:23 - 2014-01-06 19:28 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Audacity
2016-07-16 16:02 - 2015-06-23 20:07 - 00000000 ____D C:\Program Files (x86)\dslrBooth
2016-07-16 15:49 - 2014-12-11 20:33 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-16 15:49 - 2011-04-12 10:28 - 00000000 ____D C:\Program Files\Windows Journal

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-10 21:39 - 2015-04-20 19:22 - 0000352 _____ () C:\Users\Helli\AppData\Roaming\dpdhl.versandhelfer_state.xml
2013-06-09 13:20 - 2014-05-03 16:18 - 0000293 _____ () C:\Users\Helli\AppData\Roaming\FotoSketcher.ini
2014-04-13 22:22 - 2016-07-07 17:15 - 0007253 _____ () C:\Users\Helli\AppData\Roaming\HELLI-PC.MTBF.txt
2014-04-13 22:22 - 2016-07-07 17:46 - 0001132 _____ () C:\Users\Helli\AppData\Roaming\__AvidCloudManager.log
2014-04-13 22:22 - 2016-05-21 16:17 - 0001132 _____ () C:\Users\Helli\AppData\Roaming\__AvidCloudManagerPrevious.log
2013-09-04 18:56 - 2013-09-04 18:56 - 0139076 _____ () C:\Users\Helli\AppData\Local\ars.cache
2013-09-04 18:56 - 2013-09-04 18:56 - 0266054 _____ () C:\Users\Helli\AppData\Local\census.cache
2012-01-13 10:47 - 2016-08-10 07:48 - 0062464 _____ () C:\Users\Helli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-04 18:33 - 2013-09-04 18:33 - 0000036 _____ () C:\Users\Helli\AppData\Local\housecall.guid.cache
2014-05-05 12:27 - 2014-05-05 12:27 - 0000218 _____ () C:\Users\Helli\AppData\Local\recently-used.xbel
2012-08-26 17:33 - 2013-01-04 23:10 - 0007605 _____ () C:\Users\Helli\AppData\Local\resmon.resmoncfg
2015-09-01 21:39 - 2015-09-05 15:15 - 0061736 _____ () C:\Users\Helli\AppData\Local\Silberhochzeit.ssp
2015-12-26 20:53 - 2015-12-26 20:53 - 0000000 _____ () C:\Users\Helli\AppData\Local\{69DDDAC2-65A2-46F4-8809-D2D44F7A8F31}
2012-01-25 17:19 - 2014-12-14 16:51 - 0000166 ___SH () C:\ProgramData\.zreglib
2015-06-23 20:08 - 2015-06-23 20:08 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-02-12 21:25 - 2014-01-19 21:01 - 0004430 _____ () C:\ProgramData\__FileUploader.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Helli\phoenixRC.exe


Einige Dateien in TEMP:
====================
C:\Users\Helli\AppData\Local\Temp\5016D697-F40A-46C0-A6D8-F5577EEE9644.exe
C:\Users\Helli\AppData\Local\Temp\CE6D6D22-FC7A-42D7-9F9F-61A6AEF49BB2.exe
C:\Users\Helli\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3z6wub.dll
C:\Users\Helli\AppData\Local\Temp\GUR76C4.exe
C:\Users\Helli\AppData\Local\Temp\GURB4EC.exe
C:\Users\Helli\AppData\Local\Temp\libeay32.dll
C:\Users\Helli\AppData\Local\Temp\msvcr120.dll
C:\Users\Helli\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Helli\AppData\Local\Temp\sqlite3.dll
C:\Users\Helli\AppData\Local\Temp\suka.exe
C:\Users\Helli\AppData\Local\Temp\Uni000.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-09 19:08

==================== Ende von FRST.txt ============================

cosinus · 12.08.2016, 14:24

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

FoxyDeal version 1.0.0
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Helli1965 · 15.08.2016, 21:28

Sorry war übers Wochenende weg.
Habe es so gemacht wie beschrieben.
Gruß Helmut

11.08.2016, 11:37	#5
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Outbond Warnung durch Malewarebytes Windows 7 Weitere Log mit Malware? Suchlauf-Protokolle? Mit Funden? __________________ Logfiles bitte immer in CODE-Tags posten

11.08.2016, 22:12	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Outbond Warnung durch Malewarebytes Windows 7 Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken __________________ Logfiles bitte immer in CODE-Tags posten

Outbond Warnung durch Malewarebytes Windows 7

Log-Analyse und Auswertung: Outbond Warnung durch Malewarebytes Windows 7