Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.05.2017, 13:04   #1
gerdman
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"



Hallo zusammen,



nach einem Websitebesuch auf einer halbseidenen Page mit Keygens u.a. stellte ich fest, dass mein GData Internet Security keien Updates mehr laden konnte.

Neuinstallation und Deinstallation wurde mit dem Hinweis auf Dateiausführungsverhinderung verweigert. Bei der Ursachensuche stellte ich fest, dass die Zertifikate sämtlicher AV-Hersteller vom AVAST bis TrendMicro auf der Liste der nicht vertrauenswürdigen Zertifikate im Zertifikatsspeicher aufgeführt sind. Einmaliges Lösche der Liste erfolgte im Offline Betrieb, danach konnte ich GDATA neu installieren und durchlaufen lassen. GDATA hat nichts gefunden.

Heute war wieder GDATA gesperrt und die Einträge im Zertifikatsspeicher erneut vorhanden.
Hat jemand schon mal ähnliches erlebt? Wo könnte die Ursache der sich automatisch wieder erneuernden Einträge im Zertifikatsspeicher sein? Bin echt abgenervt, überlege ernsthaft, mein Windows komplett neu zu installieren.



Danke für jeden Hinweis!





Gerd

Alt 28.05.2017, 13:14   #2
burningice
/// Malwareteam
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"




Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
  • Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
  • Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
  • Wir machen unsere Arbeit freiwillig und ehrenamtlich neben unserer normalen Beschäftigung im Leben. Dennoch, wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!
Los geht's

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 28.05.2017, 13:31   #3
gerdman
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

FRST.txt



Hier die FRST.txt
#######
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-05-2017
durchgeführt von Leo (Administrator) auf QUADCORE-I5 (28-05-2017 13:23:13)
Gestartet von C:\Users\Leo\Downloads
Geladene Profile: Leo & UpdatusUser & MSSQLServerOLAPService & ReportServer & MsDtsServer120 (Verfügbare Profile: Leo & UpdatusUser & MSSQLServerOLAPService & ReportServer & MSSQLFDLauncher & SQLSERVERAGENT & MsDtsServer120 & MSSQLSERVER)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IBM Corp) C:\Windows\SysWOW64\nslsvice.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IBM Corp) C:\Windows\SysWOW64\nsl.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(IBM Corp) C:\Program Files (x86)\lotus\notes\ntmulti.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.WTSNXEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER\OLAP\bin\msmdsrv.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
() C:\Windows\Temp\g8C05.tmp.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Windows\Temp\g8C07.tmp.exe
(IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD.EXE
(Farbar) C:\Users\Leo\Downloads\FRST64(1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-02] ()
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1314112 2015-02-09] (FileOpen Systems Inc.)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [725280 2012-08-27] (Oki Data Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4243168 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-03-16] (Apple Inc.)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2016-12-17] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [30264 2009-10-06] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2015-12-23] ()
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [CDIWTSEnabler] => wscript "C:\Program Files (x86)\Cherry\CDI\cdiwtsclient.vbs"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [SpeechExecSDQuickLoad] => C:\Program Files (x86)\Philips Speech\SpeechExec Dictate\SEDict.exe [3430416 2016-03-21] (Speech Processing Solutions GmbH)
HKLM-x32\...\Run: [PowerDVD12DMREngine] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [513304 2016-11-01] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [386088 2016-11-01] (CyberLink Corp.)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe <====== ACHTUNG
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [] => [X]
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [iDevice Manager Launcher] => C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDMLauncher.exe [139216 2014-03-15] (Marx Softwareentwicklung - www.software4u.de)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-05-25] (Glarysoft Ltd)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe [3180360 2017-02-15] (Link64 GmbH)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [5489808 2016-11-04] (IDRIX)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\RedFox\AnyDVD\AnyDVDtray.exe [11030528 2017-05-05] (RedFox)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-163866912-915633979-1340512146-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-163866912-915633979-1340512146-1003\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
GroupPolicy: Beschränkung <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
GroupPolicyScripts\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [S-1-5-21-163866912-915633979-1340512146-1001] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-163866912-915633979-1340512146-1001] => http=127.0.0.1:8082
Hosts: 192.168.0.100           server
Tcpip\..\Interfaces\{17c1f411-9307-40f5-9a1d-ee7ed90c4bdc}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{29da9083-c071-4fe1-8443-3d1fad58c598}: [NameServer] 192.168.178.1
Tcpip\..\Interfaces\{ce6720c6-251d-4ab7-8a8a-f8b63ce173de}: [DhcpNameServer] 192.168.0.1 192.168.0.1
ManualProxies: 1http=127.0.0.1:8082

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-163866912-915633979-1340512146-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-163866912-915633979-1340512146-1001 -> {E6E723A7-46B5-4C92-A0C7-212CA110DA98} URL = 
SearchScopes: HKU\S-1-5-21-163866912-915633979-1340512146-1003 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-163866912-915633979-1340512146-1003 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Kein Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: pdfforge Toolbar -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> C:\Program Files (x86)\pdfforge Toolbar\IE\23.8\pdfforgeToolbarIE.dll [2015-11-20] (Spigot, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-22] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\23.8\pdfforgeToolbarIE64.dll [2015-11-20] (Spigot, Inc.)
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\23.8\pdfforgeToolbarIE.dll [2015-11-20] (Spigot, Inc.)
Toolbar: HKU\S-1-5-21-163866912-915633979-1340512146-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  Keine Datei
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: z4l03ruv.default-1494428104936
FF ProfilePath: C:\Users\Leo\AppData\Roaming\TomTom\HOME\Profiles\raxen8ss.default [2016-11-23]
FF Extension: (Kein Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nicht gefunden]
FF ProfilePath: C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936 [2017-05-28]
FF Homepage: Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936 -> hxxps://www.google.de/?gws_rd=ssl
FF NetworkProxy: Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936 -> type", 0
FF Extension: (Video Downloader Professional) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936\Extensions\ffext_basicvideoext@startpage24.xpi [2017-05-19]
FF ProfilePath: C:\Users\Leo\AppData\Roaming\KompoZer\Profiles\qo2jmiju.default [2016-06-11]
FF HKLM-x32\...\Firefox\Extensions: [bonjour4firefox@apple.com] - C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension
FF Extension: (Bonjour Extension for Firefox) - C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension [2013-02-28] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-04-04]
FF HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: (Download videos and MP3s from YouTube) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-23] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-24] ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-163866912-915633979-1340512146-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2012-03-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll [2012-03-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Leo\AppData\Roaming\mozilla\plugins\npasperaweb.dll [2013-02-27] (Aspera, Inc. )
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\988562.js [2017-05-09] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\988562.cfg [2017-05-09] <==== ACHTUNG

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://de.search.yahoo.com/?type=971163&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://de.search.yahoo.com/?type=971163&fr=yo-yhp-ch"
CHR NewTab: Default -> "chrome-extension://icfefgaiandjaieopcfbidalbebjlhjl/ntp/newtab.html" 
CHR Profile: C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default [2017-03-24]
CHR Extension: (Google Docs) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-24]
CHR Extension: (Shopping Assistant) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjpmpailfmnokiabeoimelcgdglpff [2015-04-09]
CHR Extension: (New Tab Helper) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\icfefgaiandjaieopcfbidalbebjlhjl [2015-04-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-24]
CHR Extension: (Chrome Media Router) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-12-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5044784 2017-01-19] (G DATA Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [1022440 2016-12-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3236168 2017-01-10] (G Data Software AG)
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2015-04-13] () [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [569344 2015-07-31] (REINER SCT)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [98072 2016-11-01] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [85784 2016-11-01] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [302872 2016-11-01] (CyberLink)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-11] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [224256 2011-03-02] () [Datei ist nicht signiert]
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [341312 2015-02-09] (FileOpen Systems Inc.)
S3 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [3991016 2017-01-19] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3386872 2017-01-10] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [852968 2016-12-23] (G DATA Software AG)
R2 hasplms; C:\Windows\system32\hasplms.exe [4608320 2014-11-27] (SafeNet Inc.)
S2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [49376 2012-02-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 Lotus Notes Single Logon; C:\Windows\SysWOW64\nslsvice.exe [20530 2005-12-01] (IBM Corp) [Datei ist nicht signiert]
R2 MsDtsServer120; C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe [216768 2016-09-24] (Microsoft Corporation)
R2 MSSQL$WTSNXEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.WTSNXEXPRESS\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
S3 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [372416 2016-09-24] (Microsoft Corporation)
R2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER\OLAP\bin\msmdsrv.exe [51156160 2015-04-21] (Microsoft Corporation)
R2 Multi-user Cleanup Service; C:\Program Files (x86)\lotus\notes\ntmulti.exe [57393 2005-12-01] (IBM Corp) [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [Datei ist nicht signiert]
S3 Program Manager; C:\Program Files (x86)\Common Files\ProgramManager\ProgramManager.exe [24260 2015-11-25] () [Datei ist nicht signiert]
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2467008 2015-04-21] (Microsoft Corporation)
S4 SQLAgent$WTSNXEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.WTSNXEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2016-09-24] (Microsoft Corporation)
R2 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-11-25] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757040 2017-04-06] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-04-28] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ampa; C:\Windows\system32\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
S3 ampa; C:\Windows\SysWOW64\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [154448 2016-07-11] (RedFox)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [154448 2016-07-11] (RedFox)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 avmaura; C:\Windows\System32\drivers\avmaura.sys [116480 2014-08-01] (AVM Berlin)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-05-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-05-09] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2012-12-14] (DT Soft Ltd)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [196152 2017-05-21] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [46104 2017-05-21] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [38984 2017-05-21] (G DATA Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [294968 2017-05-21] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [157240 2017-05-21] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [86584 2017-05-21] (G DATA Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [116296 2017-05-21] (G Data Software)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-26] (Glarysoft Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-11-27] (SafeNet Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [153656 2017-05-21] (G Data Software AG)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2012-10-20] (Highresolution Enterprises [www.highrez.co.uk])
S3 Ioxmgr64; C:\Windows\System32\Drivers\Ioxmgr64.sys [15544 2015-07-23] (SCHUHFRIED GmbH)
S3 LGDDCDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2009-04-24] () [Datei ist nicht signiert]
S3 LGII2CDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2009-04-24] () [Datei ist nicht signiert]
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [84168 2013-03-15] (Cyberlink Corp.)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32568 2015-08-16] (EldoS Corporation)
S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-21] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 S332x64; C:\Windows\system32\DRIVERS\S332x64.sys [78336 2013-04-05] (Identive                                                    )
S3 SKYNETU2; C:\Windows\System32\drivers\SkyNETU2_AMD64.SYS [518232 2010-05-10] (TechniSat Digital, S.A.)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [23040 2015-10-30] (Microsoft Corporation)
R0 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [467368 2016-11-04] (IDRIX)
R3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52080 2013-12-13] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [42688 2015-10-30] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221888 2015-10-30] (Microsoft Corporation)
S3 WsAudio_Device; C:\Windows\system32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [29896 2016-11-04] (CyberLink Corp.)
U3 idsvc; kein ImagePath
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-28 13:21 - 2017-05-28 13:22 - 02429952 _____ (Farbar) C:\Users\Leo\Downloads\FRST64(1).exe
2017-05-28 13:17 - 2017-05-28 13:17 - 00000022 _____ C:\Windows\S.dirmngr
2017-05-21 20:47 - 2017-05-21 20:47 - 01202184 _____ (Adobe Systems Incorporated) C:\Users\Leo\Downloads\flashplayer25au_ha_install(2).exe
2017-05-21 15:17 - 2017-05-21 15:17 - 04148178 _____ C:\Users\Leo\Downloads\Yamaha HB-Sduro_Tech_Präsi.pdf
2017-05-21 15:17 - 2017-05-21 15:17 - 00790246 _____ C:\Users\Leo\Downloads\BedienungsanleitungBatavusStreamRazerYamaha2015_DE.pdf
2017-05-21 15:16 - 2017-05-21 15:16 - 00356042 _____ C:\Users\Leo\Downloads\bikespeed_RS_Yamaha_Yamaha_Einbauanleitung_DE.pdf
2017-05-21 15:14 - 2017-05-21 15:14 - 06727816 _____ C:\Users\Leo\Downloads\E-Pack_Manual_2016__German.pdf
2017-05-21 15:09 - 2017-05-21 15:09 - 05634730 _____ C:\Users\Leo\Downloads\Haibike_Betriebsanleitung_Yamaha_2016.pdf
2017-05-21 10:43 - 2017-05-21 10:43 - 00116296 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2017-05-21 10:43 - 2017-05-21 10:43 - 00028208 _____ (G DATA Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2017-05-21 10:22 - 2017-05-21 10:22 - 00086584 _____ (G DATA Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2017-05-21 10:22 - 2017-05-21 10:22 - 00046104 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2017-05-21 10:22 - 2017-05-21 10:22 - 00038984 _____ (G DATA Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2017-05-21 10:22 - 2017-05-21 10:22 - 00002133 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-05-21 10:22 - 2017-05-21 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-05-21 10:21 - 2017-05-21 10:21 - 00294968 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2017-05-21 10:21 - 2017-05-21 10:21 - 00196152 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2017-05-21 10:21 - 2017-05-21 10:21 - 00157240 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2017-05-21 10:21 - 2017-05-21 10:21 - 00153656 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2017-05-21 10:14 - 2017-05-21 10:14 - 00016786 _____ C:\Windows\System32\Tasks\Stackout
2017-05-20 13:43 - 2017-05-21 12:13 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2017-05-20 13:08 - 2017-05-20 13:08 - 00001522 _____ C:\Windows\Tasks\Audio Clipper.job
2017-05-20 11:20 - 2017-05-20 11:21 - 319268864 _____ C:\Users\Leo\Downloads\kav_rescue_10.iso
2017-05-20 11:19 - 2017-05-20 11:19 - 00001524 _____ C:\Users\Leo\Desktop\Kaspersky Security Scan Version 16.0.0.1344 installieren.lnk
2017-05-20 11:13 - 2017-05-20 11:19 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-05-20 11:12 - 2017-05-20 11:13 - 02671128 _____ (Kaspersky Lab) C:\Users\Leo\Downloads\kss16.0.0.1344en_ru_de_fr_es_it_zh-hans_pl_tr_nl_cs_ko_id_pt_ar_vi_hi_zh-hant_fa_10518.exe
2017-05-19 22:49 - 2017-05-19 22:49 - 00751387 _____ C:\Users\Leo\Downloads\video_downloadhelper-6.3.1-fx.zip
2017-05-19 19:58 - 2017-05-19 19:59 - 00085890 _____ C:\Users\Leo\Downloads\Addition.txt
2017-05-19 19:57 - 2017-05-28 13:23 - 00046541 _____ C:\Users\Leo\Downloads\FRST.txt
2017-05-19 19:57 - 2017-05-19 23:05 - 00000000 ____D C:\FRST
2017-05-19 19:56 - 2017-05-19 19:57 - 02429952 _____ (Farbar) C:\Users\Leo\Downloads\FRST64.exe
2017-05-14 10:21 - 2017-05-14 10:21 - 00459146 _____ C:\Users\Leo\Downloads\key1011finder.zip
2017-05-14 10:16 - 2017-05-14 10:16 - 00000154 _____ C:\Users\Leo\Documents\QUADCORE-I5.txt
2017-05-12 20:09 - 2017-05-12 20:09 - 63035592 _____ (Malwarebytes ) C:\Users\Leo\Downloads\mb3-setup-13595.13595-3.1.2.1733(1).exe
2017-05-12 18:43 - 2017-05-12 18:43 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-12 18:43 - 2017-05-12 18:43 - 00001222 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-05-12 18:41 - 2017-05-12 18:41 - 00246352 _____ (Mozilla) C:\Users\Leo\Downloads\Firefox Setup Stub 53.0.2.exe
2017-05-12 18:15 - 2017-05-12 18:15 - 00042898 _____ C:\Users\Leo\Documents\Überlassungsvertrag_Fitzner-Packbier.pdf
2017-05-12 18:12 - 2017-05-12 18:12 - 00157104 _____ C:\Users\Leo\Documents\Jobrad_Angebot_XXL-Feld.pdf
2017-05-12 17:58 - 2017-04-28 05:59 - 00602256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-12 17:58 - 2017-04-28 04:57 - 01813408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-12 17:58 - 2017-04-28 04:57 - 00959144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-12 17:58 - 2017-04-28 04:56 - 02945648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-12 17:58 - 2017-04-28 04:56 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-05-12 17:58 - 2017-04-28 04:52 - 05240448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-05-12 17:58 - 2017-04-28 04:45 - 01536600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-12 17:58 - 2017-04-28 03:50 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-05-12 17:58 - 2017-04-28 02:57 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2017-05-12 17:58 - 2017-04-28 02:49 - 00805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2017-05-12 17:58 - 2017-04-28 02:32 - 04078080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-05-12 17:58 - 2017-04-28 02:25 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-12 17:58 - 2017-04-28 02:06 - 04404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-05-12 17:58 - 2017-04-28 01:55 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-12 17:58 - 2017-04-28 01:29 - 00461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-05-12 17:57 - 2017-04-28 06:32 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-05-12 17:57 - 2017-04-28 06:30 - 07465816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-12 17:57 - 2017-04-28 06:30 - 02656960 _____ C:\Windows\system32\CoreUIComponents.dll
2017-05-12 17:57 - 2017-04-28 06:30 - 01997840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-12 17:57 - 2017-04-28 06:30 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-05-12 17:57 - 2017-04-28 06:30 - 01098640 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-05-12 17:57 - 2017-04-28 06:30 - 00800080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-12 17:57 - 2017-04-28 06:27 - 00754664 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-05-12 17:57 - 2017-04-28 06:08 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2017-05-12 17:57 - 2017-04-28 05:59 - 01862000 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-05-12 17:57 - 2017-04-28 05:59 - 01558280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-12 17:57 - 2017-04-28 05:38 - 01060432 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-05-12 17:57 - 2017-04-28 05:32 - 02608912 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-12 17:57 - 2017-04-28 05:32 - 01323272 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-12 17:57 - 2017-04-28 05:31 - 03699280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-12 17:57 - 2017-04-28 05:31 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-05-12 17:57 - 2017-04-28 05:31 - 00026464 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-05-12 17:57 - 2017-04-28 05:28 - 22560744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-05-12 17:57 - 2017-04-28 05:28 - 00566104 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-05-12 17:57 - 2017-04-28 05:27 - 06604992 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-05-12 17:57 - 2017-04-28 05:26 - 01540224 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-05-12 17:57 - 2017-04-28 05:26 - 00692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2017-05-12 17:57 - 2017-04-28 05:25 - 06536248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2017-05-12 17:57 - 2017-04-28 05:24 - 01128104 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2017-05-12 17:57 - 2017-04-28 05:24 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-05-12 17:57 - 2017-04-28 05:23 - 00609056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-05-12 17:57 - 2017-04-28 05:20 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-12 17:57 - 2017-04-28 05:04 - 00881664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-05-12 17:57 - 2017-04-28 04:53 - 01987424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-12 17:57 - 2017-04-28 04:53 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-05-12 17:57 - 2017-04-28 04:52 - 01594928 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-12 17:57 - 2017-04-28 04:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-12 17:57 - 2017-04-28 04:24 - 00824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-05-12 17:57 - 2017-04-28 04:23 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-05-12 17:57 - 2017-04-28 04:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-05-12 17:57 - 2017-04-28 04:19 - 01370224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-12 17:57 - 2017-04-28 04:16 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-05-12 17:57 - 2017-04-28 04:15 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-12 17:57 - 2017-04-28 04:13 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-05-12 17:57 - 2017-04-28 04:11 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-12 17:57 - 2017-04-28 04:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-05-12 17:57 - 2017-04-28 04:05 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-05-12 17:57 - 2017-04-28 04:03 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-05-12 17:57 - 2017-04-28 04:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2017-05-12 17:57 - 2017-04-28 04:01 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.ps.dll
2017-05-12 17:57 - 2017-04-28 03:59 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-05-12 17:57 - 2017-04-28 03:58 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-05-12 17:57 - 2017-04-28 03:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-12 17:57 - 2017-04-28 03:55 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-12 17:57 - 2017-04-28 03:55 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2017-05-12 17:57 - 2017-04-28 03:54 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-05-12 17:57 - 2017-04-28 03:53 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-12 17:57 - 2017-04-28 03:53 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-12 17:57 - 2017-04-28 03:52 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-12 17:57 - 2017-04-28 03:51 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-05-12 17:57 - 2017-04-28 03:51 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2017-05-12 17:57 - 2017-04-28 03:50 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-05-12 17:57 - 2017-04-28 03:49 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-05-12 17:57 - 2017-04-28 03:46 - 00383488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-12 17:57 - 2017-04-28 03:45 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-05-12 17:57 - 2017-04-28 03:41 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-05-12 17:57 - 2017-04-28 03:40 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-05-12 17:57 - 2017-04-28 03:39 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-05-12 17:57 - 2017-04-28 03:38 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-05-12 17:57 - 2017-04-28 03:38 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-05-12 17:57 - 2017-04-28 03:35 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-12 17:57 - 2017-04-28 03:35 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-12 17:57 - 2017-04-28 03:33 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2017-05-12 17:57 - 2017-04-28 03:32 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2017-05-12 17:57 - 2017-04-28 03:32 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-12 17:57 - 2017-04-28 03:31 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-12 17:57 - 2017-04-28 03:31 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-05-12 17:57 - 2017-04-28 03:31 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-05-12 17:57 - 2017-04-28 03:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-12 17:57 - 2017-04-28 03:30 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-12 17:57 - 2017-04-28 03:29 - 02127872 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-12 17:57 - 2017-04-28 03:28 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-05-12 17:57 - 2017-04-28 03:28 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-12 17:57 - 2017-04-28 03:26 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-05-12 17:57 - 2017-04-28 03:24 - 01752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-12 17:57 - 2017-04-28 03:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2017-05-12 17:57 - 2017-04-28 03:23 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-05-12 17:57 - 2017-04-28 03:21 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-05-12 17:57 - 2017-04-28 03:21 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2017-05-12 17:57 - 2017-04-28 03:20 - 04456448 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-05-12 17:57 - 2017-04-28 03:19 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-05-12 17:57 - 2017-04-28 03:19 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-05-12 17:57 - 2017-04-28 03:19 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2017-05-12 17:57 - 2017-04-28 03:15 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-12 17:57 - 2017-04-28 03:15 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-12 17:57 - 2017-04-28 03:15 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2017-05-12 17:57 - 2017-04-28 03:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-12 17:57 - 2017-04-28 03:11 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-05-12 17:57 - 2017-04-28 03:11 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-05-12 17:57 - 2017-04-28 03:10 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-05-12 17:57 - 2017-04-28 03:07 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2017-05-12 17:57 - 2017-04-28 03:07 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-12 17:57 - 2017-04-28 03:04 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-05-12 17:57 - 2017-04-28 03:03 - 03586048 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-05-12 17:57 - 2017-04-28 03:03 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-05-12 17:57 - 2017-04-28 03:01 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-05-12 17:57 - 2017-04-28 03:00 - 05123072 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-05-12 17:57 - 2017-04-28 02:56 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-12 17:57 - 2017-04-28 02:55 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-12 17:57 - 2017-04-28 02:55 - 00501760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-12 17:57 - 2017-04-28 02:55 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-12 17:57 - 2017-04-28 02:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-12 17:57 - 2017-04-28 02:53 - 01729536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-12 17:57 - 2017-04-28 02:51 - 02280960 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-12 17:57 - 2017-04-28 02:50 - 01526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-12 17:57 - 2017-04-28 02:47 - 04826624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-05-12 17:57 - 2017-04-28 02:47 - 03695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-05-12 17:57 - 2017-04-28 02:47 - 03404800 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-12 17:57 - 2017-04-28 02:47 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-05-12 17:57 - 2017-04-28 02:46 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2017-05-12 17:57 - 2017-04-28 02:44 - 07977984 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-05-12 17:57 - 2017-04-28 02:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-05-12 17:57 - 2017-04-28 02:36 - 16985600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-05-12 17:57 - 2017-04-28 02:35 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-05-12 17:57 - 2017-04-28 02:27 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-12 17:57 - 2017-04-28 02:25 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2017-05-12 17:57 - 2017-04-28 02:22 - 04412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-05-12 17:57 - 2017-04-28 02:22 - 02878976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-12 17:57 - 2017-04-28 02:21 - 13018112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-05-12 17:57 - 2017-04-28 02:20 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-05-12 17:57 - 2017-04-28 02:19 - 06296064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-05-12 17:57 - 2017-04-28 02:16 - 22375424 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-05-12 17:57 - 2017-04-28 02:12 - 04889600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-12 17:57 - 2017-04-28 02:11 - 06312448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-05-12 17:57 - 2017-04-28 02:09 - 13393920 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-12 17:57 - 2017-04-28 02:08 - 03993600 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-05-12 17:57 - 2017-04-28 02:06 - 12139008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-12 17:57 - 2017-04-28 02:05 - 24605184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-12 17:57 - 2017-04-28 02:04 - 19344896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-12 17:57 - 2017-04-28 02:04 - 03660288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-12 17:57 - 2017-04-28 02:04 - 02911744 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-05-12 17:57 - 2017-04-28 02:04 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-12 17:57 - 2017-04-28 02:03 - 18673152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-05-12 17:57 - 2017-04-28 01:58 - 00821248 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2017-05-12 17:57 - 2017-04-28 01:57 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-12 17:57 - 2017-04-28 01:57 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-05-12 17:57 - 2017-04-28 01:53 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2017-05-12 17:57 - 2017-04-28 01:50 - 07853568 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-05-12 17:57 - 2017-04-28 01:47 - 05670912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-05-12 17:57 - 2017-04-28 01:45 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-05-12 17:36 - 2017-05-12 17:36 - 00004437 _____ C:\Users\Leo\Documents\zerti-untrus.txt
2017-05-12 17:10 - 2017-05-12 17:10 - 63035592 _____ (Malwarebytes ) C:\Users\Leo\Downloads\mb3-setup-13595.13595-3.1.2.1733.exe
2017-05-12 14:09 - 2017-05-12 14:09 - 00001554 _____ C:\Windows\Tasks\Haxi- White 1-5 patch.job
2017-05-10 19:45 - 2017-05-21 10:19 - 281128592 _____ (G DATA Software AG) C:\Users\Leo\Downloads\GDATA_INTERNETSECURITY_BASE_WEU_25.3.0.3.exe
2017-05-10 19:40 - 2017-05-20 10:37 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-10 18:10 - 2017-05-14 10:22 - 00000000 ____D C:\transfer
2017-05-10 17:50 - 2017-05-10 17:50 - 00927888 _____ (G DATA Software AG) C:\Users\Leo\Downloads\AVCleaner.exe
2017-05-10 16:55 - 2017-05-10 16:55 - 00000000 ____D C:\Users\Leo\Desktop\Alte Firefox-Daten
2017-05-10 15:55 - 2017-05-10 15:55 - 00000000 ____D C:\Users\Leo\AppData\Local\navi
2017-05-09 19:51 - 2017-05-09 19:51 - 24792608 _____ (Disc Soft Ltd) C:\Users\Leo\Downloads\DTLite1051-0229_paid.exe
2017-05-09 18:41 - 2017-05-10 16:52 - 00000000 ____D C:\Users\Leo\AppData\Local\AppTrailers
2017-05-09 18:41 - 2017-05-10 15:55 - 00000000 ____D C:\ProgramData\VideoMemoryDiagnostic
2017-05-09 18:41 - 2017-05-09 18:41 - 00016856 _____ C:\Windows\System32\Tasks\Haxi- White 1-5 patch
2017-05-09 18:41 - 2017-05-09 18:41 - 00001042 _____ C:\Users\Leo\Desktop\Play Warframe.lnk
2017-05-09 18:41 - 2017-05-09 18:41 - 00001036 _____ C:\Users\Leo\Desktop\Play WarThunder.lnk
2017-05-09 18:41 - 2017-04-27 16:36 - 00000195 _____ C:\Users\Leo\Desktop\Download Video and Audio Online.url
2017-05-09 18:09 - 2017-05-09 18:09 - 00000000 ____D C:\Users\Leo\AppData\Local\Disc_Soft_Ltd
2017-05-09 17:59 - 2017-05-09 17:59 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2017-05-09 17:59 - 2017-05-09 17:59 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2017-05-06 09:23 - 2017-05-06 09:23 - 00051624 _____ C:\Windows\uninstaller.dat
2017-05-05 17:32 - 2017-05-05 17:32 - 00001278 _____ C:\Users\Public\Desktop\CloneDVD2.lnk
2017-05-05 17:19 - 2017-05-05 17:19 - 00001173 _____ C:\Users\Public\Desktop\AnyDVD.lnk
2017-05-05 17:19 - 2017-05-05 17:19 - 00000000 ____D C:\ProgramData\RedFox
2017-05-05 17:19 - 2017-05-05 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RedFox
2017-05-05 17:19 - 2017-05-05 17:19 - 00000000 ____D C:\Program Files (x86)\RedFox
2017-05-05 17:18 - 2017-05-05 17:18 - 00000898 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 6.lnk
2017-05-05 17:18 - 2017-05-05 17:18 - 00000886 _____ C:\Users\Public\Desktop\Total Uninstall 6.lnk
2017-05-05 17:18 - 2017-05-05 17:18 - 00000016 _____ C:\ProgramData\mntemp
2017-05-05 17:18 - 2017-05-05 17:18 - 00000000 ____D C:\ProgramData\Martau
2017-05-05 17:18 - 2017-05-05 17:18 - 00000000 ____D C:\Program Files\Total Uninstall 6
2017-05-05 17:15 - 2017-05-05 17:17 - 26751832 _____ (Gavrila Martau ) C:\Users\Leo\Downloads\Total-Uninstall-Setup-6.19.0.exe
2017-05-05 17:12 - 2017-05-05 18:03 - 33817960 _____ C:\Users\Leo\Downloads\SetupCloneBD1151RedFox.exe
2017-05-05 17:12 - 2017-05-05 17:32 - 05262920 _____ C:\Users\Leo\Downloads\SetupCloneDVD2933RedFox.exe
2017-05-05 17:11 - 2017-05-05 17:18 - 14041456 _____ C:\Users\Leo\Downloads\SetupAnyDVD8120.exe
2017-05-05 14:49 - 2017-05-05 14:49 - 00252722 _____ C:\Users\Leo\Downloads\FRITZ.Box 7490 (UI) 113.06.83_01.01.70_0101.export
2017-05-02 17:49 - 2017-05-02 17:49 - 01201768 _____ (Adobe Systems Incorporated) C:\Users\Leo\Downloads\flashplayer25au_ha_install(1).exe
2017-05-01 15:55 - 2017-05-01 15:55 - 00542263 _____ C:\Users\Leo\Downloads\Hennef_FRITZ.Box 7490 (UI) 113.06.83_01.05.17_1555.export
2017-05-01 15:51 - 2017-05-01 15:52 - 00668775 _____ C:\Users\Leo\Downloads\FRITZ.Box 7490 (UI) 113.06.83_01.05.17_1552.export
2017-05-01 11:49 - 2017-05-01 11:49 - 00145600 _____ C:\Users\Leo\Downloads\Adac.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-28 13:22 - 2016-03-11 22:29 - 02767824 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-28 13:22 - 2016-02-13 18:59 - 01139772 _____ C:\Windows\system32\perfh007.dat
2017-05-28 13:22 - 2016-02-13 18:59 - 00304090 _____ C:\Windows\system32\perfc007.dat
2017-05-28 13:22 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2017-05-28 13:21 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-28 13:21 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2017-05-28 13:18 - 2016-11-18 21:48 - 00000000 ____D C:\Users\Leo\AppData\LocalLow\Mozilla
2017-05-28 13:17 - 2016-08-10 18:05 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-28 13:17 - 2016-08-10 18:05 - 00000000 __SHD C:\Users\Leo\IntelGraphicsProfiles
2017-05-28 13:17 - 2016-02-13 19:26 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-28 13:17 - 2012-11-05 20:21 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-28 13:11 - 2015-10-30 08:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-05-28 12:49 - 2014-08-16 11:23 - 00000000 ____D C:\Users\Leo\AppData\Local\Adobe
2017-05-28 12:48 - 2015-10-30 08:28 - 00032768 ___SH C:\Windows\system32\config\ELAM
2017-05-25 14:20 - 2016-09-11 15:48 - 00001024 ____H C:\AMTAG.BIN
2017-05-25 14:05 - 2013-08-15 22:19 - 00000000 ____D C:\Windows\system32\MRT
2017-05-25 14:03 - 2013-05-16 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2017-05-25 14:03 - 2013-05-16 14:52 - 00000000 ____D C:\Program Files (x86)\Acronis
2017-05-25 14:01 - 2012-11-05 19:56 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-25 14:00 - 2013-05-16 14:53 - 00000000 ____D C:\ProgramData\Acronis
2017-05-23 18:48 - 2015-03-27 19:30 - 00000000 ____D C:\Users\Leo\AppData\Roaming\JOSM
2017-05-23 18:45 - 2017-04-07 17:34 - 00000000 ____D C:\Users\Leo\.egvp2_client
2017-05-23 17:04 - 2016-03-12 11:59 - 00000000 ____D C:\Program Files (x86)\StarMoney 10 apoEdition
2017-05-21 20:45 - 2012-11-05 20:53 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-05-21 11:03 - 2012-11-05 20:34 - 00000000 ____D C:\ProgramData\G DATA
2017-05-21 10:20 - 2015-10-30 09:24 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-05-21 10:20 - 2012-11-05 20:34 - 00000000 ____D C:\Program Files (x86)\G Data
2017-05-20 16:58 - 2015-10-30 08:28 - 00000000 ____D C:\Program Files\Audio Clipper
2017-05-20 16:57 - 2014-05-13 19:06 - 00000000 ____D C:\Program Files (x86)\Passware
2017-05-20 11:40 - 2016-03-11 22:30 - 00000000 ____D C:\Users\ReportServer
2017-05-20 11:40 - 2016-03-11 22:30 - 00000000 ____D C:\Users\MSSQLServerOLAPService
2017-05-20 11:40 - 2016-03-11 22:30 - 00000000 ____D C:\Users\MsDtsServer120
2017-05-20 11:19 - 2009-07-14 05:20 - 00000000 ____D C:\Users\Default.migrated
2017-05-20 10:38 - 2012-11-05 21:04 - 00000000 ____D C:\ProgramData\Temp
2017-05-20 10:37 - 2016-11-18 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-20 10:37 - 2012-11-10 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-20 10:33 - 2012-12-15 11:52 - 00000000 ____D C:\Windows\pss
2017-05-19 21:25 - 2012-11-06 19:38 - 00000000 ____D C:\Users\Leo\AppData\Roaming\SAmAs
2017-05-19 21:16 - 2016-03-13 19:59 - 00000000 ____D C:\Users\Leo\AppData\Local\Deployment
2017-05-19 21:15 - 2012-11-16 20:33 - 00000000 ____D C:\Program Files\Google
2017-05-19 21:15 - 2012-11-14 19:48 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-19 19:44 - 2012-11-14 19:48 - 00000000 ____D C:\Users\Leo\AppData\Local\Google
2017-05-19 19:43 - 2015-05-26 21:26 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2017-05-19 19:42 - 2012-12-31 15:08 - 00000000 ____D C:\Program Files (x86)\DVBViewer TE2
2017-05-19 19:42 - 2012-12-27 21:55 - 00000000 ____D C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2017-05-19 19:41 - 2016-02-13 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-19 19:41 - 2015-04-09 18:59 - 00000000 ____D C:\Program Files (x86)\Corporal
2017-05-19 19:41 - 2012-10-20 06:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-19 19:40 - 2016-02-12 20:57 - 00000000 ____D C:\ProgramData\ZDSupport
2017-05-14 16:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2017-05-12 22:28 - 2017-03-17 20:15 - 00000000 ___RD C:\Users\Leo\Virtual Machines
2017-05-12 22:28 - 2016-02-13 10:22 - 00411912 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\F12
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-12 22:06 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2017-05-12 18:20 - 2015-10-30 08:28 - 00000000 ____D C:\Program Files\Haxi- White 1.5 patch
2017-05-12 17:11 - 2017-04-12 19:28 - 00766583 _____ C:\Users\Leo\Downloads\2016-11-28_Fachhaendler_Formular_Leasinganfrage_JobRad_SFG.pdf
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\SysWOW64\Configuration
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\oobe
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\MUI
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\IME
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\Com
2017-05-10 18:02 - 2013-11-28 19:39 - 00000000 ____D C:\Users\Leo\AppData\Roaming\G Data
2017-05-10 18:02 - 2012-11-16 20:32 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2017-05-10 17:10 - 2015-06-19 17:41 - 00000000 ____D C:\Users\Leo\AppData\Local\Dropbox
2017-05-10 17:10 - 2014-04-27 15:35 - 00000000 ____D C:\Users\Leo\AppData\Roaming\Dropbox
2017-05-10 16:08 - 2012-11-24 15:24 - 00000125 ___SH C:\ProgramData\.zreglib
2017-05-09 18:52 - 2012-11-16 20:34 - 00002508 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-09 18:52 - 2012-11-16 20:34 - 00002490 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-09 18:31 - 2016-04-24 14:44 - 00001151 _____ C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-05-09 18:31 - 2016-04-24 14:44 - 00001103 _____ C:\Users\Leo\Desktop\Start Tor Browser.lnk
2017-05-09 18:31 - 2016-01-05 22:49 - 00001598 _____ C:\Users\Leo\Desktop\Internet Explorer.lnk
2017-05-09 18:03 - 2012-11-24 16:00 - 00000000 ____D C:\Users\Leo\AppData\Roaming\DAEMON Tools Lite
2017-05-07 20:57 - 2012-11-24 16:42 - 00000000 ____D C:\ProgramData\DVD Shrink
2017-05-07 18:58 - 2013-03-02 19:37 - 00000000 ____D C:\Users\Leo\AppData\Roaming\HandBrake
2017-05-07 16:33 - 2013-02-28 23:42 - 00000000 ____D C:\Users\Leo\AppData\Roaming\vlc
2017-05-06 13:38 - 2016-04-16 20:54 - 00000000 ____D C:\ProgramData\Elaborate Bytes
2017-05-05 18:12 - 2014-12-25 20:42 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-05 18:04 - 2016-04-16 20:54 - 00001250 _____ C:\Users\Public\Desktop\CloneBD.lnk
2017-05-05 17:32 - 2016-04-16 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2017-05-05 17:32 - 2012-11-24 15:23 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2017-05-02 17:56 - 2016-03-11 23:08 - 00000000 ____D C:\Users\Leo\AppData\Local\Packages
2017-04-29 17:26 - 2016-02-02 15:16 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d15dbbea352be2
2017-04-29 17:26 - 2016-02-02 15:16 - 00003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d15dbbe9c08875
2017-04-29 02:51 - 2015-10-30 09:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:51 - 2015-10-30 09:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 06:23 - 2016-02-13 19:26 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-11-18 19:01 - 2015-11-14 17:52 - 0000031 _____ () C:\Program Files (x86)\Notes.ini
2017-05-21 10:21 - 2017-05-21 10:21 - 0000000 _____ () C:\Users\Leo\AppData\Roaming\gdfw.log
2017-05-21 10:21 - 2017-05-21 10:21 - 0000779 _____ () C:\Users\Leo\AppData\Roaming\gdscan.log
2015-02-26 23:06 - 2015-09-12 20:57 - 0000479 _____ () C:\Users\Leo\AppData\Roaming\isis.xml
2015-10-24 23:44 - 2016-07-02 11:34 - 0028348 _____ () C:\Users\Leo\AppData\Roaming\phpdesigner.xml
2017-04-13 11:34 - 2017-04-13 11:34 - 0000600 _____ () C:\Users\Leo\AppData\Roaming\winscp.rnd
2014-05-13 19:25 - 2014-05-13 19:25 - 0000096 _____ () C:\Users\Leo\AppData\Local\errorlog.txt
2015-09-11 21:49 - 2015-09-11 21:58 - 0004096 ____H () C:\Users\Leo\AppData\Local\keyfile3.drm
2012-11-15 23:58 - 2012-11-15 23:58 - 0000001 _____ () C:\Users\Leo\AppData\Local\llftool.4.12.agreement
2016-02-28 15:58 - 2016-09-04 11:03 - 0000173 _____ () C:\Users\Leo\AppData\Local\msmathematics.qat.Leo
2015-11-28 14:19 - 2015-12-18 22:39 - 0000600 _____ () C:\Users\Leo\AppData\Local\PUTTY.RND
2012-11-16 00:02 - 2012-11-16 00:02 - 0000017 _____ () C:\Users\Leo\AppData\Local\resmon.resmoncfg
2012-11-24 15:24 - 2017-05-10 16:08 - 0000125 ___SH () C:\ProgramData\.zreglib
2016-08-10 18:03 - 2016-08-10 18:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-05 19:43 - 2014-08-09 17:03 - 0001479 _____ () C:\ProgramData\hpzinstall.log
2017-05-05 17:18 - 2017-05-05 17:18 - 0000016 _____ () C:\ProgramData\mntemp

Einige Dateien in TEMP:
====================
2017-05-09 18:41 - 2017-05-09 18:41 - 29130696 _____ (AppTrailers) C:\Users\Leo\AppData\Local\Temp\AppTrailers.9.1.10amt.exe
2016-10-08 17:06 - 2016-10-08 17:06 - 0387072 _____ (REINER SCT) C:\Users\Leo\AppData\Local\Temp\callback.dll
2017-02-03 16:58 - 2017-02-04 19:46 - 0065536 _____ (Sony DADC Austria AG) C:\Users\Leo\AppData\Local\Temp\drm_dialogs.dll
2016-11-13 19:23 - 2017-02-04 19:46 - 0204800 _____ (Sony DADC Austria AG) C:\Users\Leo\AppData\Local\Temp\drm_dyndata_7400009.dll
2014-09-24 00:42 - 2014-09-24 00:42 - 0013824 _____ () C:\Users\Leo\AppData\Local\Temp\gkey.exe
2016-12-29 14:12 - 2016-12-29 14:12 - 0237568 _____ () C:\Users\Leo\AppData\Local\Temp\infozip2.exe
2016-08-06 12:17 - 2016-08-06 12:17 - 0741440 _____ (Oracle Corporation) C:\Users\Leo\AppData\Local\Temp\jre-8u101-windows-au.exe
2016-10-23 21:24 - 2016-10-23 21:24 - 0737856 _____ (Oracle Corporation) C:\Users\Leo\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-05-20 11:13 - 2017-05-20 11:15 - 2427936 _____ (Kaspersky Lab) C:\Users\Leo\AppData\Local\Temp\kis_setup.exe
2017-05-09 18:41 - 2017-05-09 18:41 - 0024296 _____ () C:\Users\Leo\AppData\Local\Temp\offerpg3.exe
2015-04-13 00:04 - 2015-04-13 00:04 - 0027648 _____ () C:\Users\Leo\AppData\Local\Temp\pkeyui.exe
2017-05-09 18:41 - 2017-05-09 18:41 - 0024298 _____ () C:\Users\Leo\AppData\Local\Temp\Setup.exe
2017-05-09 18:41 - 2017-05-09 18:41 - 1199825 _____ () C:\Users\Leo\AppData\Local\Temp\unins000.exe
2017-05-10 16:52 - 2014-07-07 18:34 - 0157952 _____ () C:\Users\Leo\AppData\Local\Temp\UninstallSer.exe
2017-05-09 18:41 - 2017-05-09 18:41 - 0597261 _____ (VideoBox                                                    ) C:\Users\Leo\AppData\Local\Temp\vbsetup.exe
2017-02-15 21:00 - 2017-02-15 21:00 - 2258760 _____ (Link64 GmbH) C:\Users\Leo\AppData\Local\Temp\vdu_uninstall_995106.exe
2017-05-10 17:46 - 2017-05-10 17:46 - 2258760 _____ (Link64 GmbH) C:\Users\Leo\AppData\Local\Temp\vdu_uninstall_a4228.exe
2017-05-10 17:47 - 2017-05-10 17:47 - 2258760 _____ (Link64 GmbH) C:\Users\Leo\AppData\Local\Temp\vdu_uninstall_a7742.exe
2017-05-10 17:47 - 2017-05-10 17:47 - 2258760 _____ (Link64 GmbH) C:\Users\Leo\AppData\Local\Temp\vdu_uninstall_ac1f7.exe
2017-05-12 17:01 - 2017-05-12 17:01 - 2258760 _____ (Link64 GmbH) C:\Users\Leo\AppData\Local\Temp\vdu_uninstall_b13a1.exe
2017-04-10 17:18 - 2017-04-10 17:18 - 0393216 _____ (VISUS Technology Transfer GmbH) C:\Users\Leo\AppData\Local\Temp\VisusClient.dll
2017-05-07 16:17 - 2017-05-07 16:17 - 30533688 _____ () C:\Users\Leo\AppData\Local\Temp\vlc-2.2.4-win32.exe
2015-04-12 22:08 - 2016-08-11 10:10 - 0050848 _____ () C:\Users\Leo\AppData\Local\Temp\wabk.exe
2017-02-23 08:22 - 2017-02-23 08:22 - 0000000 _____ () C:\Users\Leo\AppData\Local\Temp\xldbfyy1.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-19 18:41

==================== Ende von FRST.txt ============================
         
--- --- ---
__________________

Alt 28.05.2017, 13:33   #4
gerdman
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

Addition.txt



Und hier die Addition.txt
######
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-05-2017
durchgeführt von Leo (28-05-2017 13:23:59)
Gestartet von C:\Users\Leo\Downloads
Windows 10 Pro Version 1511 (X64) (2016-03-11 21:07:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-163866912-915633979-1340512146-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-163866912-915633979-1340512146-503 - Limited - Disabled)
Gast (S-1-5-21-163866912-915633979-1340512146-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-163866912-915633979-1340512146-1002 - Limited - Enabled)
Leo (S-1-5-21-163866912-915633979-1340512146-1001 - Administrator - Enabled) => C:\Users\Leo
UpdatusUser (S-1-5-21-163866912-915633979-1340512146-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {12A48B7F-CAF7-5864-4246-A92366268238}
FW: GÂ*DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1&1 Upload-Manager (HKLM-x32\...\1&1 Upload-Manager) (Version: 2.0.676 - 1&1 Internet AG)
64 Bit HP CIO Components Installer (Version: 21.2.1 - HP Inc.) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
ActKey (x32 Version: 1.7.0.0 - Oki Data Corporation) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.19 - Adobe Systems)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.3 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Aldi Bestellsoftware (HKLM-x32\...\Aldi Bestellsoftware) (Version: 4.15.4 - ORWO_Net)
Allway Sync version 15.1.9 (HKLM-x32\...\Allway Sync_is1) (Version:  - Botkind Inc)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 8.1.2.0 - RedFox)
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Aspera Connect (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Aspera Connect) (Version: 2.7.8.51644 - Aspera Inc.)
Assessments on Client (x32 Version: 10.1.10586.0 - Microsoft) Hidden
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
BMI V6.0.2.0 (HKLM-x32\...\{369006B0-DFF3-4BD9-A861-227BBB68DB3E}_is1) (Version: 6.0.2.0 - SVO-Webdesign GbR)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bonjour SDK (HKLM\...\{C0F5A19A-055A-4902-9D41-864127BFAF11}) (Version: 3.0.0.10 - Apple Inc.)
CD/DVD Diagnostic 3.1 (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Diagnostic) (Version: 3.1 - InfinaDyne)
Cherry eGK/KVK Software V3.3 Build 2 (HKLM-x32\...\{005E2D03-8002-4574-A0E7-A63D3F2A033C}) (Version: 3.3.0.2 - ZF Friedrichshafen AG, Electronic Systems)
Chipcardmaster 7.11 (HKLM-x32\...\Chipcardmaster_is1) (Version:  - Dr. Olaf Jacobsen)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05152 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citrix Online Plug-in - Web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.3.0.8 - Citrix Systems, Inc.)
CloneBD (HKLM-x32\...\CloneBD) (Version: 1.1.5.1 - Elaborate Bytes)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
csveditor (HKLM-x32\...\{1C60FB75-804E-4227-8BCD-058DD5D78AEF}) (Version: 1.3.12 - Bertram Fritz)
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.2.5 - REINER SCT)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.7107.58 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Videorekorder (HKLM-x32\...\Debut) (Version: 2.17 - NCH Software)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DVD Player Server (HKLM-x32\...\{28AD52C7-D208-45B2-9735-1FC4FC8FE352}) (Version: 1.0.0 - Floating Cube Studios)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
EGVP (HKLM-x32\...\{EDA192EA-4DA3-416D-965D-65BFDA0E3715}) (Version: 1.5.3.0 - Governikus KG)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
eMule (HKLM-x32\...\eMule) (Version:  - )
EPSON AL-CX16NF (HKLM\...\EPSON AL-CX16NF) (Version:  - )
EPSON AL-CX16NF Scanner (HKLM-x32\...\InstallShield_{A643B136-69E0-439A-9E9B-C56C524C71AE}) (Version:  - )
EPSON AL-CX16NF Scanner (Version: 1.00.0000 - SEIKO EPSON CORPORATION) Hidden
etope Lister 2 (HKLM-x32\...\etope Lister_is1) (Version:  - Freshworx GmbH & Co.KG)
Express Zip ZIP-Programm (HKLM-x32\...\ExpressZip) (Version: 2.17 - NCH Software)
EZDownloader (HKLM-x32\...\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - EZDownloader) <==== ACHTUNG
FastImageResizer (remove only) (HKLM-x32\...\FastImageResizer) (Version:  - )
FileOpen Client B952 (HKLM\...\FileOpenClient_is1) (Version: B952 - FileOpen Systems, Inc.)
Flixster Video (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\5cdf686a56bda3b1) (Version: 2.7.0.602 - Flixster Video)
FLV Player 2.0 (build 25) (HKLM-x32\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
forteManager (HKLM-x32\...\{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}) (Version: 3.18 - LG Soft India)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.47.511 - Digital Wave Ltd)
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version:  - musetips.com)
Free YouTube Download version 3.2.49.1111 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1111 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.3 - G DATA Software AG)
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GDR 4213 für SQL ServerÂ*2014 (KB3070446) (64-bit) (HKLM\...\KB3070446) (Version: 12.1.4213.0 - Microsoft Corporation)
GDR 4232 für SQL ServerÂ*2014 (KB3194720) (64-bit) (HKLM\...\KB3194720) (Version: 12.1.4232.0 - Microsoft Corporation)
Glary Utilities 5.26 (HKLM-x32\...\Glary Utilities 5) (Version: 5.26.0.45 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.1.0) (HKLM-x32\...\GPG4Win) (Version: 2.1.0 - The Gpg4win Project)
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HealthCoach (HKLM-x32\...\HealthCoach) (Version: 1.3.0.0 - Sanitas)
HealthCoach (x32 Version: 1.3.0.0 - Sanitas) Hidden
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
Hercules-390 (64-Bit) (HKLM\...\{2D3858F0-4380-4437-A5E1-49988AB77241}) (Version: 3.08.00 - Hercules)
HFSExplorer 0.21 (HKLM-x32\...\HFSExplorer) (Version: 0.21 - Catacombae Software)
HL-L2300D series (HKLM-x32\...\{46B58839-2405-48D6-A59D-F8246158A6ED}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP LaserJet P2050 Series 6.0 (HKLM\...\{6F801026-6AF0-4520-9153-4C9B4CAAB361}) (Version: 6.0 - HP)
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
hppQFolderP2050 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppusgP2050 (x32 Version: 1.1.0.1 - Hewlett-Packard) Hidden
iDevice Manager (HKLM-x32\...\FE5AE7DC-7B01-4263-A94C-B4526C276550_is1) (Version: 3.4.0.0 - Marx Software)
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - )
Imaging And Configuration Designer (x32 Version: 10.1.10586.0 - Microsoft) Hidden
Imaging Tools Support (x32 Version: 10.1.10586.0 - Microsoft) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Incomedia WebSite X5 v10 - Evolution (HKLM-x32\...\{0A53AC6C-9E9D-451D-AB28-F5D1427C4D56}_is1) (Version: 10.1.12.57 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version:  - Intel(R) Corporation)
Internet Explorer (x32 Version: 9 - Microsoft Corporation) Hidden
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
iTunes (HKLM\...\{164600BE-9CEC-44E6-9B38-2B12D5FE2342}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Jedermann-Verlag Arbeitsmedizin kompakt (HKLM-x32\...\{D2F656A7-B800-4C45-814B-A3259B48F6AB}_is1) (Version: 20121001 - Jedermann-Verlag GmbH)
JiveX DICOM Viewer 5.0.1 (HKLM-x32\...\JiveX [dv] Viewer 5.0.1) (Version:  - VISUS Technology Transfer GmbH)
JonDo (HKLM-x32\...\JonDoUninstall) (Version:  - )
JOSM 8109 (HKLM-x32\...\JOSM) (Version: 8109 - OpenStreetMap JOSM team)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kits Configuration Installer (x32 Version: 10.1.10586.0 - Microsoft) Hidden
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Lotus Notes 6.5.5 de (HKLM-x32\...\{CCD378A2-71C4-4452-8A9D-D84A6FF9B766}) (Version: 6.55.5334 - IBM)
Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.29 - PasswdFinder)
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
MainConcept DTV Decoder Standard (HKLM-x32\...\{059A00AC-1205-423C-91C7-7E6168D804DA}) (Version: 1.5.0.2 - MainConcept GmbH)
MarketResearch (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
MATLAB(R) Compiler Runtime 7.11 (HKLM-x32\...\{D7D85875-29FC-4E34-9CBE-3B941FA2317B}) (Version: 7.11 - The MathWorks)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
MEDION GoPal Assistant (HKLM-x32\...\{12C77A13-A31B-4565-8E60-494FD65EBB2F}) (Version: 6.4.17.13525 - MEDION)
Merkblätter Gefährliche Arbeitsstoffe 12-2012 (HKLM-x32\...\Merkblätter Gefährliche Arbeitsstoffe 12-2012_is1) (Version:  - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{3FF70821-58E6-44DA-B512-095F547F3F18}) (Version: 16.4.1734.1104 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A7A76890-1134-424F-97DA-7BED0D9CFA19}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2003 (HKLM-x32\...\{90510407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Report Viewer 2014-Laufzeit (HKLM-x32\...\{30956415-84C1-4F0C-B2AD-BC8944730DDA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{01078B88-2981-4F75-96B0-8B22E2D2DE03}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{375DE766-4467-4F48-B56B-4F543819BAB4}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service  (HKLM\...\{C9533745-8C14-466B-A79B-ECD68D5FD46B}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL ServerÂ*2014 Policies  (HKLM-x32\...\{B23A3E56-8859-4F60-B3FA-FA14DE9050B5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL ServerÂ*2014 Transact-SQL ScriptDom  (HKLM\...\{795A5CC6-05AE-4413-BE9B-81EA902B5086}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 - DEU Language Pack (HKLM\...\{CEDCDF4E-1A8D-3E38-85C5-0437D689B6E5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (HKLM\...\{F14401A9-F0A0-33CC-8444-F60823A60DEB}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 - DEU Language Pack (HKLM-x32\...\{96D7B7B6-424F-3A52-8E8D-32CF2615DBD2}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{346FD26F-E575-4A11-B854-451DA62C96C4}) (Version: 12.1.4100.1 - Microsoft Corporation)
MIR USB driver 64 bit (HKLM-x32\...\{C1B3DBF5-6C3C-4140-91C5-AFACF5422451}) (Version: 2.09 - MIR srl Medical International Research)
Movavi Video Converter 15 (HKLM-x32\...\Movavi Video Converter 15) (Version: 15.2.3 - Movavi)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\MyFreeCodec) (Version:  - )
Nero BurningROM 12 (HKLM-x32\...\{3D9167B2-87EB-4713-90B4-E46F2CAFE28D}) (Version: 12.0.00300 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}) (Version: 12.0.01000 - Nero AG)
novaPDF (novaPDF 7.7 printer) (HKLM\...\novaPDF_is1) (Version: 7.7.393 - Softland)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\CopyTrans Suite) (Version: 4.008 - WindSolutions)
NVIDIA 3D Vision Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.0.0 - Oki Data Corporation)
OKI Color Swatch-Dienstprogramm (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.12 - Okidata)
OKI MC5(3)x2/ES5(3)4x2 Scanner (HKLM-x32\...\InstallShield_{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
OKI Printer Resetter version 2.0.4 (HKLM-x32\...\{08F16BF9-7D05-424A-82CF-17FD554CD301}_is1) (Version: 2.0.4 - )
Oracle VM VirtualBox 4.2.16 (HKLM\...\{4CC3444D-7279-4E83-984F-18E9A7B2E803}) (Version: 4.2.16 - Oracle Corporation)
Passware Kit 6.1 (HKLM-x32\...\Passware Kit 6.1) (Version:  - )
Password Unmask 2.0 (HKLM-x32\...\Password Unmask 2.0) (Version:  - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.7 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v23.8 (HKLM-x32\...\{211CB564-ED00-4565-A12F-968930872980}) (Version: 23.8 - Spigot, Inc.) <==== ACHTUNG
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
phpDesigner 8 version 8.1.2 (HKLM-x32\...\phpDesigner8_is1) (Version:  - MPSOFTWARE)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Remote Desktop Connection (HKLM-x32\...\{60B9A48D-559E-43FA-8F28-D657190E4E52}) (Version: 5.1.2600.0 - Microsoft)
Return to Castle Wolfenstein (HKLM-x32\...\Return to Castle Wolfenstein) (Version: 1.41 - Activision, Inc.)
RMPrepUSB (HKLM-x32\...\RMPrepUSB) (Version:  - )
SAmAs (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\95c477b3f6750ee5) (Version: 14.0.8.0 - SAmAs GmbH)
SAmAs Chipkartenleser (HKLM-x32\...\{DD35FB6B-24BC-426C-8F6E-3E84225A863F}) (Version: 1.0.2 - SAmAs GmbH)
SAmAs Health & Safety Migration (HKLM-x32\...\{57C82A72-7CB1-4336-A41F-A24786A2B32F}) (Version: 1.1.1 - SAmAs GmbH)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
ScannerDriver (Version: 1.0.2.0 - Oki Data Corporation) Hidden
ScummVM 1.5.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
SDP Downloader (HKLM-x32\...\{B547CB8D-549A-436E-97B5-E79F911B11E2}) (Version: 2.3.0 - SDP Multimedia)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 für SQL Server 2008 R2 (KB2528583) (64-bit) (HKLM\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)
Service Pack 1 für SQL ServerÂ*2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skypeâ„¢ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SpeechExec Dictate (HKLM-x32\...\{CBC4E395-9D14-499E-943C-6EB04FD3877A}) (Version: 8.8.880.1 - Speech Processing Solutions GmbH)
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2014 Analysis Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Client Tools (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Data quality client (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Data quality service (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Data quality service (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Full text search (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Integration Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 RS_SharePoint_SharedService (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 SQL Data Quality Common (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.1.4100.1 - Microsoft Corporation)
StarMoney (x32 Version: 3.0.1.31 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney (x32 Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney (x32 Version: 5.0.1.83 - StarFinanz) Hidden
StarMoney 10 apoEdition (HKLM-x32\...\{6BA6677F-EB85-4E16-BD75-DDCF308A62C7}) (Version: 10 - Star Finanz GmbH)
StarMoney Business 7 apoEdition (HKLM-x32\...\{7963FE3E-06CC-4A68-85F7-78D5A7845A6C}) (Version: 7 - Star Finanz GmbH)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.)
SWFPlayer 2.6.2.0 (HKLM-x32\...\SWFPlayer_is1) (Version: 2.6.2.0 - Michael Faust, Alpha Interactive)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
SysTools Export Notes (HKLM-x32\...\SysTools® Export Notes v7.6 - DEMO Version_is1) (Version:  - )
SysTools Lotus Notes to Outlook Express (HKLM-x32\...\SysTools Lotus Notes to Outlook Express - Demo V~2D9DFA59_is1) (Version:  - )
SysTools NSF Converter 1.0 (HKLM-x32\...\SysTools NSF Converter_is1) (Version:  - )
TapinRadio 1.60.1 (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\TapinRadio_is1) (Version:  - Raimersoft)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.76421 - TeamViewer)
TechniSat DVB-PC TV Star (HKLM-x32\...\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}) (Version: 4.3.3 - TechniSat)
Technisat DVB-VC80 Redistributable Modules (HKLM-x32\...\{134007CC-7026-46C2-B46F-40D9FD2AF385}) (Version: 1.0.0 - Technisat)
testo Comfort Software Basic 5.0 (HKLM\...\{77AF4252-3477-4699-BA11-5C2125F1EFC8}) (Version: 5.0.2637.27231 - testo AG)
The Rosetta Stone (HKLM-x32\...\The Rosetta Stone) (Version:  - )
TomTom MyDrive Connect 4.1.3.2964 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.3.2964 - TomTom)
Toolkit Documentation (x32 Version: 10.1.10586.0 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total Uninstall 6.19.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.19.0 - Gavrila Martau)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Unity Web Player (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{D8125A39-ADEE-4187-B04D-DB6CF489AF61}) (Version: 10.3.5500.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
User State Migration Tool (x32 Version: 10.1.10586.0 - Microsoft) Hidden
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.19 - IDRIX)
VideoDownloaderUltimate (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\VideoDownloaderUltimateWinApp) (Version: 1.0.1.100 - Link64)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC Streamer 4.96 (HKLM-x32\...\VLC Streamer_is1) (Version:  - )
Voice Pro 12 Medical (HKLM\...\{3307914B-B97A-4E01-AEEA-43B373D8E5AD}) (Version: 12.1.115.2134 - Linguatec Sprachtechnologien GmbH)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows 7 Upgrade Advisor (HKLM-x32\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{82daddb6-d4e0-42cb-988d-1e7f5739e155}) (Version: 10.1.10586.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
Windows-Treiberpaket - Norav Medical. Norav Medical USB Drivers (05/04/2009 1.1.6001.18002) (HKLM\...\96312993C1C2495C7A4A8199B742D1432F975104) (Version: 05/04/2009 1.1.6001.18002 - Norav Medical.)
WinHTTrack Website Copier 3.48-21 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
winspiroExpress (HKLM-x32\...\{EB477236-23BA-48A6-9953-429AACF74DD9}) (Version: 1.6.0 - Mir Medical International Research)
WinX Free VOB to MP4 Converter 2.0.8 (HKLM-x32\...\WinX Free VOB to MP4 Converter_is1) (Version:  - Digiarty Software,Inc.)
Wireshark 2.2.1 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.1 - The Wireshark developer community, hxxps://www.wireshark.org)
Wizard101(DE) (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Wizard101(DE)_is1) (Version:  - Gameforge 4D GmbH)
Wolfenstein (HKLM-x32\...\InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.11 - Activision)
Wolfenstein (x32 Version: 1.0 - Activision) Hidden
Wolfenstein(TM) 1.11 Patch  (x32 Version: 1.11 - Activision) Hidden
Wolfenstein(TM) 1.11 Patch (x32 Version:  - ) Hidden
WPT Redistributables (x32 Version: 10.1.10586.0 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.10586.0 - Microsoft) Hidden
YTD Video Downloader 4.7.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.4 - GreenTree Applications SRL) <==== ACHTUNG
zebNet Windows Keyfinder 2012 R2 (HKLM-x32\...\zebNet Windows Keyfinder 2012 R24.0.0) (Version: 4.0.0 - zebNet Ltd)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0DBDA382-A88E-418E-979A-4BC03A7D035A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {0FDBBB20-E8DB-4DCD-8169-CCDD71CF41E3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {10C5FA60-5886-4961-B2DA-FDC1BEB32D1D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {182CD8CC-1940-491D-97F2-C39AEC71F9EC} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-05-25] (Glarysoft Ltd)
Task: {20D3359C-A67F-4108-8653-3DE7DA86C255} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {29A20215-B95D-49B5-8220-2AF733CBD430} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {2ACF976A-CB59-41A4-B885-C8E8F751EEA8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {2D158E06-94D2-42D0-B19B-5F4C62DBE966} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {2DDBA27A-ADCC-4274-B460-6C0665E06399} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {332B99A9-D658-427E-BC74-E5408750A6A6} - System32\Tasks\Program Manager => C:\Program Files (x86)\Common Files\ProgramManager\ProgramManager.exe [2015-11-25] ()
Task: {333B8B1E-EFF8-4C2D-9481-DD82CC3C8176} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {375A478E-A095-4C08-AB4D-A130A2306E50} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {44DC1C18-5718-4D16-94F9-AA16096FF69A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {482741C6-44FD-4AFF-B7AD-3724FAA1B7B4} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13] (InstallShield Software Corporation)
Task: {50579F35-19BB-4509-8762-A8127BFE5EA5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {558AEA4B-D233-4A15-9EAC-3B866FF126C8} - System32\Tasks\{2A4FEDB8-A692-4FB9-9654-3AD88559F4BD} => pcalua.exe -a C:\PROGRA~2\COMMON~1\NORAVS~1\AddPDF.exe -d C:\PROGRA~2\COMMON~1\NORAVS~1
Task: {55DD31E7-E71A-4980-9A9D-979A54532F0B} - \Audio Clipper -> Keine Datei <==== ACHTUNG
Task: {5B7DEE6C-972E-4CF4-8D90-E295E1CA8A8B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {5C4634CB-7B77-4AB0-BF1D-3DB2EB4CD807} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {641CE94D-C689-4742-80EF-D61761166993} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {65285E64-B5E8-45EC-A969-D6C915C97B91} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {656D261E-CDAD-4321-ADD9-BD6669AF71B9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6765400A-8BA2-416B-BFEB-20CED9BCA197} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {67CF1B02-3968-465E-A80C-21BB2B8913D8} - System32\Tasks\{AA1C2385-0C9A-44BA-99FE-A00F46E11B94} => pcalua.exe -a C:\Users\Leo\Downloads\streamtransport2171_setup.exe -d C:\Users\Leo\Desktop
Task: {6BAC80E1-C6DB-49EF-A3A6-B9D4FBA2ACE3} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-05-25] (Glarysoft Ltd)
Task: {73691B48-ACB5-4FE4-BC1E-C9B35A8E05D2} - System32\Tasks\{9DE7791A-65AA-4289-AA72-8BC92D1E2D9A} => pcalua.exe -a "C:\Users\Leo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A4ZXRLFD\AudibleDM_iTunesSetup (1).exe" -d C:\Users\Leo\Desktop
Task: {744DF543-3336-40C7-9126-B9DFB84A18AF} - System32\Tasks\Haxi- White 1-5 patch => Rundll32.exe "C:\Program Files\Haxi- White 1.5 patch\Haxi- White 1.5 patch.dll",mGqbqo
Task: {775C5B89-7A8C-4DA6-9D9F-8A613F8C44DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {77D92256-4485-429F-96A8-B70DC692E414} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {7D1D5181-8518-497F-A85D-197BCFD2C6F0} - System32\Tasks\AdobeAAMUpdater-1.0-Quadcore-I5-Leo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {80574E43-49AD-4904-BC40-C509C78C4EF2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {80DD0136-5F09-4E8E-AC41-F264CEA95B18} - System32\Tasks\{E4C80C91-E935-44B2-BC57-DC6C95A3AFC3} => pcalua.exe -a C:\PROGRA~2\COMMON~1\NORAVS~1\DRIVER~1.EXE -d C:\PROGRA~2\COMMON~1\NORAVS~1 -c 256
Task: {83BCCDCF-9735-47D4-B2BD-441C07CF4841} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8F906B8B-CB1D-4BC5-92E6-02CC1B9C6185} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {912DCEFC-E9BC-492F-9D5A-1AE958F1C44D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9295EAB4-7709-4F23-97D3-EBA8A63CB5CA} - System32\Tasks\GoogleUpdateTaskMachineUA1d15dbbea352be2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9B1117AF-2590-4BD4-8A59-6B0EA892DF45} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {9F08CB19-C7E3-4E9D-896B-653DDABEE7DC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {A4C75D7B-6993-494B-8F92-1EA0483E2454} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\VideoMemoryDiagnostic => C:\\ProgramData\\VideoMemoryDiagnostic\\vmdiag.exe 
Task: {ACA7972C-0BE7-40D1-9DA5-FABF02BBC6D8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {B68A89E7-CD79-4163-9AE5-58FE3AF9BB33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B694E68B-2BFB-4EDB-81CB-50AF34B64BA0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C9840531-AF57-482B-ABF9-9F91371DFF78} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-24] (Adobe Systems Incorporated)
Task: {C9A4D233-75BA-4936-A7ED-04B8C9290539} - System32\Tasks\{2E1B7671-2DB3-4FFD-A53A-7AEA8EDB4608} => pcalua.exe -a F:\AUTORUN.EXE -d F:\
Task: {CB5CF54C-415A-44DC-9D73-5493E678341F} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dbbe9c08875 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D1B5BABA-CDEB-4242-AE75-EFCE35AE2B85} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E14E4CB8-2723-4C52-9DD3-AE2CD878A179} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {E4D800BC-5CD1-4787-8749-84DB1266CBA9} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2004-04-17] (InstallShield Software Corporation)
Task: {E6FEEC60-0E5C-447A-9594-CFE2AD37A07F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E73D4B5B-B55C-4AA3-A9A6-FDA77996D824} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {EABB2D3A-DE8F-4C5A-B03C-EA93BFDADF21} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {EE417102-B839-4882-B191-218102D878C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {EE6A80C1-A146-4FB3-B9A9-B018BC17C55D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F41C177F-C173-4C05-9260-741734FFC6A8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FEA49DE7-18D6-44D4-AB41-80C916D5EBB8} - System32\Tasks\Stackout => Rundll32.exe "C:\Program Files\Stackout\Stackout.dll",DqOLeCNPEg
Task: {FEE7E874-B59E-4D42-8C28-523DC88DC588} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Audio Clipper.job => rundll32.exe  C:\Program Files\Audio Clipper\Audio Clipper.dll
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Haxi- White 1-5 patch.job => rundll32.exe   C:\Program Files\Haxi- White 1.5 patch\Haxi- White 1.5 patch.dll

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Leo\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm
Shortcut: C:\Users\Leo\Desktop\samas.bat - Verknüpfung.lnk -> C:\laborquade\exe\samas.bat ()
Shortcut: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Meine Websites auf MSN\target.lnk -> hxxp://www.msnusers.co
Shortcut: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Homa1 auf edu.ts-salzburg.at\target.lnk -> hxxp://edu.ts-salzburg.at/kilianonline/Homa

ShortcutWithArgument: C:\Users\Leo\Desktop\Videociety Movieplayer 1.1 (2).lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 2296157175.www.videociety.de
ShortcutWithArgument: C:\Users\Leo\Desktop\Videociety Movieplayer 1.1.lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 2748084553.www.videociety.de
ShortcutWithArgument: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videociety Movieplayer 1.1 (2).lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 2296157175.www.videociety.de
ShortcutWithArgument: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videociety Movieplayer 1.1.lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 2748084553.www.videociety.de
ShortcutWithArgument: C:\Users\Leo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxps://launchpage.org/?uid=oTlKBGjcgxocXesqx0n14akPSJVHBNckEidtiTm%2Bk10WTLUzHQ56dijfiwP04tfDaXU%3D --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxps://launchpage.org/?uid=oTlKBGjcgxocXesqx0n14akPSJVHBNckEidtiTm%2Bk10WTLUzHQ56dijfiwP04tfDaXU%3D --disable-quic
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxps://launchpage.org/?uid=oTlKBGjcgxocXesqx0n14akPSJVHBNckEidtiTm%2Bk10WTLUzHQ56dijfiwP04tfDaXU%3D --disable-quic

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2017-03-17 17:56 - 2017-03-04 07:31 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-05-21 10:14 - 2015-06-01 11:13 - 02492928 _____ () C:\Program Files\Stackout\Stackout.dll
2016-06-07 20:58 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2016-06-07 20:58 - 2006-02-22 10:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2015-04-09 18:59 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-10 18:04 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-07-08 19:41 - 2015-04-13 15:55 - 00182784 _____ () C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
2011-03-02 17:20 - 2011-03-02 17:20 - 00224256 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2009-12-14 15:13 - 2009-12-14 15:13 - 00079872 _____ () C:\WINDOWS\system32\CX16FWDV.dll
2017-01-10 12:47 - 2017-01-10 12:47 - 00546280 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2017-05-12 17:57 - 2017-04-28 06:30 - 02656960 _____ () C:\Windows\system32\CoreUIComponents.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-04-19 17:19 - 2016-04-19 17:19 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-19 01:08 - 2016-11-02 00:05 - 00401896 _____ () C:\Windows\system32\igfxTray.exe
2017-05-28 12:46 - 2017-05-28 13:17 - 00334336 _____ () C:\Windows\TEMP\g8C05.tmp.exe
2017-05-28 12:46 - 2017-05-28 13:17 - 00476160 _____ () C:\Windows\TEMP\g8C07.tmp.exe
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 11:19 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2017-03-17 17:56 - 2017-03-04 05:19 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 17:56 - 2017-03-04 05:14 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-12 17:57 - 2017-04-28 01:46 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-12 17:57 - 2017-04-28 01:49 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-22 18:14 - 2017-03-22 18:14 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-03-22 18:14 - 2017-03-22 18:14 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll
2015-12-25 19:21 - 2015-12-23 17:31 - 00073216 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-08-10 18:04 - 2017-05-28 13:17 - 00033936 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-08-10 18:04 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2011-03-02 17:16 - 2011-03-02 17:16 - 00208384 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2011-03-02 17:11 - 2011-03-02 17:11 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2011-03-02 17:16 - 2011-03-02 17:16 - 00073216 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2011-03-02 17:17 - 2011-03-02 17:17 - 00603136 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2011-03-02 17:13 - 2011-03-02 17:13 - 00048640 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-11-23 11:17 - 2016-05-11 16:11 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-11-23 11:17 - 2016-05-11 16:11 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-11-23 11:17 - 2016-05-11 16:11 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-12-13 21:25 - 2016-01-28 16:33 - 01058624 _____ () C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\libxml2.dll
2016-12-13 21:25 - 2011-01-13 12:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\PATCHW32.dll
2016-04-19 17:19 - 2016-04-19 17:19 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 17:19 - 2016-04-19 17:19 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-03-12 14:09 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-10-06 22:13 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-04-26 20:51 - 2016-11-01 05:22 - 00866072 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\common\UNO\UNO.dll
2017-04-26 20:50 - 2011-08-24 04:39 - 00081920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\koan\_ctypes.pyd
2017-04-26 20:50 - 2011-08-24 04:39 - 00053248 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd
2017-04-26 20:50 - 2011-08-24 04:39 - 00655360 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd
2012-10-20 06:42 - 2012-07-18 11:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-10-20 08:11 - 2012-02-27 13:00 - 00030432 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\ProcessPrivileges.dll
2012-10-20 08:11 - 2012-02-27 13:00 - 00215264 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\System.ComponentModel.Composition.dll
2012-10-20 08:11 - 2012-02-27 13:00 - 00051424 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Interop.TaskScheduler.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:F0D7EE30 [117]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\comdirect.de -> hxxps://comdirect.de
IE trusted site: HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\habitans.de -> hxxp://www.habitans.de
IE trusted site: HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\ias-gruppe.de -> hxxps://start.ias-gruppe.de

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-22 22:43 - 2017-05-09 19:48 - 00000956 _____ C:\Windows\system32\Drivers\etc\hosts

192.168.0.100           server

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-163866912-915633979-1340512146-1001\Control Panel\Desktop\\Wallpaper -> c:\users\leo\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{68935d15-ce0b-4678-81e6-92f06fb5967c}.bmp
HKU\S-1-5-21-163866912-915633979-1340512146-1003\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "FileOpenBroker"
HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "LogitechQuickCamRibbon"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\StartupApproved\Run: => "VeraCrypt"
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\StartupApproved\Run: => "VideoDownloaderUltimate"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{AF84A180-DEBC-416E-A2E6-048B41B96DB8}] => (Allow) LPort=135
FirewallRules: [{07756C21-056D-4E00-95BE-4C798DA8F67A}] => (Allow) C:\CGM\PRAXISARCHIV\Common\FaxSrv\FaxServer.exe
FirewallRules: [{FA21F95A-6AB7-42D0-B1CB-B07B7C297420}] => (Allow) C:\CGM\PRAXISARCHIV\Client\WordX.exe
FirewallRules: [{4E85966A-D839-490F-BFA7-31F2FB8FD331}] => (Allow) C:\CGM\PRAXISARCHIV\Client\OfficeConnect.exe
FirewallRules: [{02920CD5-AAAE-4CD7-B5A3-CCB8C9E1EB6F}] => (Allow) C:\CGM\PRAXISARCHIV\ArchiveTracerMT.exe
FirewallRules: [{3E7D5148-AE2A-4928-9133-E63AA5FFFC8E}] => (Allow) C:\CGM\PRAXISARCHIV\Client\PraxisArchiv.exe
FirewallRules: [{B1046F8F-0597-404C-902D-F4002E7523D8}] => (Allow) \\192.168.178.3\StarMoney\app\StarMoney.exe
FirewallRules: [{622822F8-4293-49E7-ABA3-1531A74FEFDB}] => (Allow) \\192.168.178.3\StarMoney\app\StarMoney.exe
FirewallRules: [{9B74CDE8-CFF0-4C1A-90FD-B66A3591EDDC}] => (Allow) \\192.168.178.3\StarMoney\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{DBA77E65-DEBC-4E6F-AF7B-97A4D6363557}] => (Allow) \\192.168.178.3\StarMoney\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{C557B851-2C10-4356-B2CA-6523FDD5E5AE}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{90368091-5BA0-4FEB-9103-A1F46C6D0B2A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D35F0802-7495-4F2B-95E3-72C571277458}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E6345B5F-9846-4BA9-A18C-73CD763F0362}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{21AEC0FD-8694-4A28-8303-04D7A421C6A0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E000B90A-B46C-402D-A7CF-9CDF02F1F0F4}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
FirewallRules: [{2E0DACCB-7FC2-4337-B4D4-AECF14C7B498}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
FirewallRules: [{0FE0D37E-027A-47B2-AEB6-6383B26CFF8D}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
FirewallRules: [{FB1E73A7-B1A5-41A4-BA99-A88AF79E4DEB}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
FirewallRules: [{F0957041-5A9F-4D7B-B47F-FC9FC1AD7163}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{0962B175-80F2-46B0-86FB-DFB7F2BDA023}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{16432461-2847-4A95-8489-146679981895}] => (Allow) LPort=1900
FirewallRules: [{7DBCF48B-C2D6-4A02-A4B8-32782055EE40}] => (Allow) LPort=2869
FirewallRules: [{45855D4E-456C-48DD-8B39-F583BEDF89B4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{71BFDFF2-D1E0-4D97-BDAF-CD7700FB882D}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{0F9D396C-1BBB-410A-A416-3B8A898E241A}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{949BEB65-1EDF-432B-B6E6-D40D3FDC96F7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ED0F1832-C017-40B6-82CF-C1A8812DFDF9}] => (Allow) C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MPLite.exe
FirewallRules: [{5F15AD17-4975-4E59-BDFC-B0252523C609}] => (Allow) C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MPLite.exe
FirewallRules: [{B6EDF6CB-101F-4B78-AA43-070D015A56A6}] => (Allow) C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MP.exe
FirewallRules: [{4C5093BB-F081-498D-9BDF-5FFFA0BE1DBC}] => (Allow) C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MP.exe
FirewallRules: [{B6EF11F6-4E10-4925-936B-86C73C0E5263}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{580539F6-F41B-4C32-9610-FBFFFD3C12DD}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{2009B2DE-F2BC-4100-9F54-5D0CC8632CCD}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\app\StarMoney.exe
FirewallRules: [{053ABCF5-7C15-4C9C-9B88-878A528896A5}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\app\StarMoney.exe
FirewallRules: [{031C7255-B11D-4B25-9D7E-9FD0CEAB8A41}] => (Allow) C:\Program Files (x86)\Cherry\eGK_KVK_Software\Demos\ReadeGK\ReadeGK32.exe
FirewallRules: [{E5FE7B30-919B-4798-87F2-5BC286A505B3}] => (Allow) C:\Program Files (x86)\Cherry\eGK_KVK_Software\Demos\ReadeGK\ReadeGK32.exe
FirewallRules: [TCP Query User{2E5ABACA-5719-485E-81A8-833797E38277}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe
FirewallRules: [UDP Query User{81B3521F-1AB9-4B6D-9FCF-4206D0EE8C5D}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe
FirewallRules: [{CA567A32-481C-48BE-B356-F151223C1AAC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{6950C19C-BD66-48AD-9F8F-22F6FB57FF2D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2FF487DD-BB04-43AD-BFCA-1F15CF9C92AF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3FFD02F1-835D-4199-B00A-BAD55655128F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B18F2AA9-E548-48A3-AF7D-C275143028D6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3EA281A7-2A34-4CF8-B752-F7B955559DF0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{97B9731C-7BB8-4286-9D1D-F136EC81377E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{1B661A68-A169-465F-B34D-88FDA3153E63}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{0C5E267A-B231-4DC9-93E5-620D00E17746}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{872A5847-C3A8-4F15-AE31-4F96DE392C26}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{A5B8631B-AEE7-450F-A599-C4D8D5937C6F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{F6A191A7-3434-4035-A688-9F51678A7820}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{E7D731A9-5D62-418F-A537-F82F15529200}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C23A4A2E-9A6E-4F33-A04D-EC562D4A3B60}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0703064-C61B-495C-8D3D-A200B25D33D4}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{22EE1F05-6E38-40B4-9B5C-1206BF03F4CC}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{761B88A7-2FEE-4973-A5B6-56FF309C8619}] => (Allow) C:\Windows\System32\rundll32.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/28/2017 01:19:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.5.0.1207, Zeitstempel: 0x4ffb4350
Name des fehlerhaften Moduls: IAStorUtil.ni.dll, Version: 11.5.0.1207, Zeitstempel: 0x4ffb434b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e421
ID des fehlerhaften Prozesses: 0x1190
Startzeit der fehlerhaften Anwendung: 0x01d2d7a45192d9e5
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\881397a9c7e96b1715d0779c44f6172c\IAStorUtil.ni.dll
Berichtskennung: a1d24fa8-2a29-481f-b9db-22a7cb9bb861
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/28/2017 01:19:52 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (05/28/2017 01:18:22 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) kann nicht mit der Berichtsserver-Datenbank verbunden werden.

Error: (05/28/2017 12:52:22 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Assessment Toolkit\Energy\arm\energy.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 12:52:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Assessment Toolkit\Energy\arm64\energy.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 12:52:07 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\ManagementStudio\CopyDatabaseWizard.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\ManagementStudio\CopyDatabaseWizard.exe" in Zeile 8.
Der Wert "1.0" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/28/2017 12:51:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\activision\wolfenstein\mp\ServerLauncher.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.839_none_ea8af107b9b5cbb4.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.839_none_a2ddba30a539a2ae.manifest.

Error: (05/28/2017 12:48:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.5.0.1207, Zeitstempel: 0x4ffb4350
Name des fehlerhaften Moduls: IAStorUtil.ni.dll, Version: 11.5.0.1207, Zeitstempel: 0x4ffb434b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e421
ID des fehlerhaften Prozesses: 0xaf0
Startzeit der fehlerhaften Anwendung: 0x01d2d79fdfc4d94b
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\881397a9c7e96b1715d0779c44f6172c\IAStorUtil.ni.dll
Berichtskennung: ba9cec6f-bfb2-4da2-ace8-758742614c28
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/28/2017 12:48:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (05/28/2017 12:46:39 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) kann nicht mit der Berichtsserver-Datenbank verbunden werden.


Systemfehler:
=============
Error: (05/28/2017 01:19:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/28/2017 01:17:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "FDResPub" wurde mit folgendem Fehler beendet: 
%%2147952449 = Die angeforderte Adresse ist in diesem Kontext ungültig.

Error: (05/28/2017 01:17:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (05/28/2017 01:17:46 PM) (Source: volmgr) (EventID: 45) (User: )
Description: Das System konnte den Treiber für das Speicherabbild nicht laden.

Error: (05/28/2017 01:17:41 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (05/28/2017 01:17:41 PM) (Source: volmgr) (EventID: 45) (User: )
Description: Das System konnte den Treiber für das Speicherabbild nicht laden.

Error: (05/28/2017 01:10:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_7b8ee" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/28/2017 12:48:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/28/2017 12:45:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "FDResPub" wurde mit folgendem Fehler beendet: 
%%2147952449 = Die angeforderte Adresse ist in diesem Kontext ungültig.

Error: (05/28/2017 12:45:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


CodeIntegrity:
===================================
  Date: 2017-05-19 18:42:06.554
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-14 15:22:57.264
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-14 15:22:57.109
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-14 15:16:50.081
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-05-14 15:15:04.706
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-14 15:15:04.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-14 15:02:38.376
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-12 22:28:31.313
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-05-12 22:00:00.091
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-12 18:41:57.442
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 8063.92 MB
Verfügbarer physikalischer RAM: 5134.91 MB
Summe virtueller Speicher: 16255.92 MB
Verfügbarer virtueller Speicher: 12944.21 MB

==================== Laufwerke ================================

Drive c: (WIN_10) (Fixed) (Total:465.31 GB) (Free:37.7 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Data) (Fixed) (Total:1863.01 GB) (Free:442.79 GB) NTFS
Drive z: (Mediaserver) (Network) (Total:1266.84 GB) (Free:91.46 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0EB7B139)
Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: AF9F62FB)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 28.05.2017, 13:39   #5
burningice
/// Malwareteam
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"



Ist das ein gewerblich genutztes System?

Kannst du mal bitte einen Screenshot der blockierten Zertifikate zeigen?

__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 28.05.2017, 13:53   #6
gerdman
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

Ist mein privat-PC



Ist mein privat-PC, allerdings mit VPN-Zugriff (über Router) auf meine Praxis. Habe aber die VPN-Laufwerksverknüpfungen sicherheitshalber gelöscht.
Ist ein System, auf dem ich alles mögliche ausprobiere, installiere, wieder deinstalliere und letztes Jahr von win 7 auf win10 upgegradet habe. Dürfte sehr viel Datenmüll drauf sein.

Habe Screenshot als pdf angehängt
Angehängte Dateien
Dateityp: pdf Screenshot_Zertifikate.pdf (155,3 KB, 42x aufgerufen)

Alt 28.05.2017, 14:15   #7
burningice
/// Malwareteam
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"



Schritt: 1
Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 28.05.2017, 15:53   #8
gerdman
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"



s. Anhang.
die Fehleinträge in der Hosts-Datei (s. 2. scan) habe ich manuell glöscht; der 3. Scan hat dann keinen Fehler mehr gezeigt.
Die fälschlich gesperrten Zertifikate habe ich über den Zertifikatsmanager manuell gelöscht - mal sehen, ob die jetzt dauerhaft weg bleiben.

Werde jetz den Rechner nochmal neu starten und dann das Ergebnis berichten
Angehängte Dateien
Dateityp: txt mbar-log-2017-05-28 (14-22-49).txt (3,8 KB, 96x aufgerufen)
Dateityp: txt mbar-log-2017-05-28 (14-57-57).txt (2,3 KB, 31x aufgerufen)
Dateityp: txt mbar-log-2017-05-28 (15-24-14).txt (2,1 KB, 40x aufgerufen)

Alt 28.05.2017, 15:58   #9
gerdman
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"



habe win 10 gerade neu gestartet. Im zertifikatsspeicher finden sich derzeit keine "nicht vetrauenswürdig" eingestuften Zertifikate mehr.
Vielleicht ist das Problem damit gelöst. Werde trotzdem weiter beobachten.

Alt 28.05.2017, 16:23   #10
burningice
/// Malwareteam
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"



ja ganz ruhig da wir sind hier noch lange nicht fertig.

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Lade dir folgendes Programm herunter und installiere es: Malwarebytes Anti-Malware
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von AdwCleaner
  • Logfile von Malwarebytes
  • Frst.txt
  • Addition.txt
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 28.05.2017, 17:34   #11
gerdman
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

FRST.txt



Hier sind die Dateien.

Interessant: Firefox startet nicht. Fehlermeldung: Konfigurationsdatei konnte nicht gelesen werden. Bitte kontaktieren Sie Ihren System-Administrator

Denke mal, dass die Datei von der Anti-Malware oder GData gesperrt wurde

FRST.txt
[CODEUntersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-05-2017
durchgeführt von Leo (Administrator) auf QUADCORE-I5 (28-05-2017 17:19:40)
Gestartet von C:\Users\Leo\Downloads
Geladene Profile: Leo & UpdatusUser & MSSQLServerOLAPService & ReportServer & MsDtsServer120 (Verfügbare Profile: Leo & UpdatusUser & MSSQLServerOLAPService & ReportServer & MSSQLFDLauncher & SQLSERVERAGENT & MsDtsServer120 & MSSQLSERVER)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Alle) =========================

(Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(IBM Corp) C:\Windows\SysWOW64\nslsvice.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IBM Corp) C:\Windows\SysWOW64\nsl.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\conhost.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
(Microsoft Corporation) C:\Windows\System32\taskeng.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(IBM Corp) C:\Program Files (x86)\lotus\notes\ntmulti.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.WTSNXEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER\OLAP\bin\msmdsrv.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Windows\explorer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Users\Leo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Farbar) C:\Users\Leo\Downloads\FRST64(1).exe

==================== Registry (Alle) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-02] ()
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1314112 2015-02-09] (FileOpen Systems Inc.)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [725280 2012-08-27] (Oki Data Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4243168 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-03-16] (Apple Inc.)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2016-12-17] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [30264 2009-10-06] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [CDIWTSEnabler] => wscript "C:\Program Files (x86)\Cherry\CDI\cdiwtsclient.vbs"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [SpeechExecSDQuickLoad] => C:\Program Files (x86)\Philips Speech\SpeechExec Dictate\SEDict.exe [3430416 2016-03-21] (Speech Processing Solutions GmbH)
HKLM-x32\...\Run: [PowerDVD12DMREngine] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [513304 2016-11-01] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [386088 2016-11-01] (CyberLink Corp.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2015-10-30] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26112 2015-10-30] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [4516800 2017-03-04] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [4075184 2017-03-04] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [] => [X]
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-05-25] (Glarysoft Ltd)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [OneDrive] => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1518808 2017-04-12] (Microsoft Corporation)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [5489808 2016-11-04] (IDRIX)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\RedFox\AnyDVD\AnyDVDtray.exe [11030528 2017-05-05] (RedFox)
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-163866912-915633979-1340512146-1003\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-163866912-915633979-1340512146-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-163866912-915633979-1340512146-1003\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [4516800 2017-03-04] (Microsoft Corporation) <==== ACHTUNG
HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [167936 2016-07-01] (Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [842240 2017-03-04] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - Keine Datei
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - Keine Datei
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\System32\EhStorShell.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Offline Files] -> {4E77131D-3629-431c-9818-C5679DC83E81} => C:\Windows\System32\cscui.dll [2017-03-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Leo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BootExecute: autocheck autochk *
AlternateShell: cmd.exe

==================== Internet (Alle) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [65024 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [55808 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70656 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [70656 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23552 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [312160 2016-05-28] (Microsoft Corporation)
Winsock: Catalog5-x64 01 C:\Windows\system32\NLAapi.dll [80896 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5-x64 02 C:\Windows\system32\napinsp.dll [68096 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [87040 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5-x64 04 C:\Windows\system32\pnrpnsp.dll [87040 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [31744 2015-10-30] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [357216 2016-05-28] (Microsoft Corporation)
Hosts: 192.168.0.100 server
Tcpip\..\Interfaces\{17c1f411-9307-40f5-9a1d-ee7ed90c4bdc}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{29da9083-c071-4fe1-8443-3d1fad58c598}: [NameServer] 192.168.178.1
Tcpip\..\Interfaces\{ce6720c6-251d-4ab7-8a8a-f8b63ce173de}: [DhcpNameServer] 192.168.0.1 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-163866912-915633979-1340512146-1003\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-163866912-915633979-1340512146-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-163866912-915633979-1340512146-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-163866912-915633979-1340512146-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
URLSearchHook: HKU\S-1-5-21-163866912-915633979-1340512146-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-163866912-915633979-1340512146-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-163866912-915633979-1340512146-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-163866912-915633979-1340512146-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {E6E723A7-46B5-4C92-A0C7-212CA110DA98} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {E6E723A7-46B5-4C92-A0C7-212CA110DA98} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-163866912-915633979-1340512146-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-163866912-915633979-1340512146-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-163866912-915633979-1340512146-1001 -> {E6E723A7-46B5-4C92-A0C7-212CA110DA98} URL =
SearchScopes: HKU\S-1-5-21-163866912-915633979-1340512146-1003 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Kein Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-22] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\23.8\pdfforgeToolbarIE64.dll Keine Datei
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-163866912-915633979-1340512146-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2016-10-25] (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2016-10-25] (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2015-10-30] (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2015-10-30] (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll [2014-03-31] (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2017-03-04] (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2017-03-04] (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2012-11-10] (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2015-10-30] (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2015-10-30] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll [2014-03-31] (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-03-29] (Microsoft Corporation)
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2016-10-25] (Microsoft Corporation)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2016-10-25] (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2017-04-28] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-03-29] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] (Microsoft Corporation)
Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll [2014-03-31] (Microsoft Corporation)
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll [2014-03-31] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Keine Datei
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2010-02-28] (Microsoft Corporation)
Filter-x32: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2012-10-31] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe

FireFox:
========
FF DefaultProfile: z4l03ruv.default-1494428104936
FF ProfilePath: C:\Users\Leo\AppData\Roaming\TomTom\HOME\Profiles\raxen8ss.default [2016-11-23]
FF Extension: (Kein Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nicht gefunden]
FF ProfilePath: C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936 [2017-05-28]
FF Homepage: Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936 -> hxxps://www.google.de/?gws_rd=ssl
FF NetworkProxy: Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936 -> type", 0
FF Extension: (Shield Recipe Client) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936\features\{c12fbbad-744b-4fa4-ae23-5949d3deb5e0}\shield-recipe-client@mozilla.org.xpi [2017-05-21]
FF ProfilePath: C:\Users\Leo\AppData\Roaming\KompoZer\Profiles\qo2jmiju.default [2016-06-11]
FF Extension: (KompoZer (classic)) - C:\Users\Leo\AppData\Roaming\KompoZer\Profiles\qo2jmiju.default\Extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2015-11-20] [ist nicht signiert]
FF Extension: (Default) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2017-05-20] [ist nicht signiert]
FF Extension: (Application Update Service Helper) - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi [2017-05-20] [ist nicht signiert]
FF Extension: (Multi-process staged rollout) - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi [2017-05-20] [ist nicht signiert]
FF Extension: (Pocket) - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi [2017-05-20] [ist nicht signiert]
FF Extension: (Web Compat) - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi [2017-05-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bonjour4firefox@apple.com] - C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension
FF Extension: (Bonjour Extension for Firefox) - C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension [2013-02-28] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-04-04]
FF HKLM-x32\...\Mozilla Firefox 53.0.3\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF Extension: (Kein Name) - C:\Program Files (x86)\Mozilla Firefox\components [2016-11-18] [ist nicht signiert]
FF HKLM-x32\...\Mozilla Firefox 53.0.3\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF Extension: (Kein Name) - C:\Program Files (x86)\Mozilla Firefox\plugins [2017-04-14] [ist nicht signiert]
FF HKLM-x32\...\Mozilla Thunderbird 45.8.0\Extensions: [Components] - C:\Program Files (x86)\Mozilla Thunderbird\components => nicht gefunden
FF HKLM-x32\...\Mozilla Thunderbird 45.8.0\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Thunderbird\plugins => nicht gefunden
FF HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Mozilla Firefox 53.0.3\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Mozilla Firefox 53.0.3\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Mozilla Thunderbird 45.8.0\Extensions: [Components] - C:\Program Files (x86)\Mozilla Thunderbird\components => nicht gefunden
FF HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Mozilla Thunderbird 45.8.0\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Thunderbird\plugins => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-24] ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-163866912-915633979-1340512146-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2012-03-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll [2012-03-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Leo\AppData\Roaming\mozilla\plugins\npasperaweb.dll [2013-02-27] (Aspera, Inc. )
StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\988562.js [2017-05-09] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\channel-prefs.js [2017-05-05]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://de.search.yahoo.com/?type=971163&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://de.search.yahoo.com/?type=971163&fr=yo-yhp-ch"
CHR NewTab: Default -> "chrome-extension://icfefgaiandjaieopcfbidalbebjlhjl/ntp/newtab.html"
CHR DefaultSearchURL: Default -> {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:iOSSearchLanguage}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:contextualSearchVersion}ie={inputEncoding }
CHR DefaultSearchKeyword: Default -> google.com
CHR DefaultNewTabURL: Default -> {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google :inputType}{google:cursorPosition}{google:currentPageUrl}{googleageClassification}{google:searchVersion}{google:sessionToken}{googlerefetchQuery}s ugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default [2017-03-24]
CHR Extension: (Google Docs) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-24]
CHR Extension: (Chrome Media Router) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-12-17]
StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

==================== Dienste (Alle) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83056 2017-04-25] (Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [271960 2017-03-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
S3 AJRouter; C:\Windows\System32\AJRouter.dll [23040 2015-10-30] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [97792 2015-10-30] (Microsoft Corporation)
R2 AppHostSvc; C:\Windows\system32\inetsrv\apphostsvc.dll [64512 2016-03-11] (Microsoft Corporation)
R2 AppHostSvc; C:\Windows\SysWOW64\inetsrv\apphostsvc.dll [56832 2016-03-11] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [45056 2016-11-22] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [94720 2015-10-30] (Microsoft Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [200192 2016-02-13] (Microsoft Corporation)
S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [165376 2016-02-13] (Microsoft Corporation)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [504320 2017-03-04] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [2175488 2017-03-04] (Microsoft Corporation)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51376 2015-10-30] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [275456 2016-03-11] (Microsoft Corporation)
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [1054208 2017-03-04] (Microsoft Corporation)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5044784 2017-01-19] (G DATA Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [1022440 2016-12-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3236168 2017-01-10] (G Data Software AG)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114176 2015-10-30] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [361472 2016-03-29] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [794112 2016-03-29] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [1132544 2016-10-25] (Microsoft Corporation)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462096 2015-08-12] (Apple Inc.)
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2015-04-13] () [Datei ist nicht signiert]
R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [587776 2016-10-25] (Microsoft Corporation)
R3 Browser; C:\Windows\System32\browser.dll [134656 2016-03-29] (Microsoft Corporation)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-10-30] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [91136 2016-08-03] (Microsoft Corporation)
S4 CDPSvc; C:\Windows\System32\CDPSvc.dll [287744 2017-03-04] (Microsoft Corporation)
R2 CertPropSvc; C:\Windows\System32\certprop.dll [192000 2017-03-04] (Microsoft Corporation)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [569344 2015-07-31] (REINER SCT)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [98072 2016-11-01] (CyberLink Corp.)
S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [625000 2017-04-28] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [754664 2017-04-28] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [461824 2017-04-28] (Microsoft Corporation)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [301552 2016-11-02] (Intel Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [79872 2016-05-28] (Microsoft Corporation)
R2 CscService; C:\Windows\System32\cscsvc.dll [735232 2016-02-13] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [85784 2016-11-01] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [302872 2016-11-01] (CyberLink)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [905728 2017-04-28] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [186880 2015-10-30] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [527872 2016-09-07] (Microsoft Corporation)
R2 DeviceAssociationService; C:\Windows\system32\das.dll [445440 2016-10-05] (Microsoft Corporation)
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [111616 2015-10-30] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [34304 2015-10-30] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [355840 2016-05-28] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [293888 2016-05-28] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [31744 2015-10-30] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1637216 2017-03-04] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-11] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [224256 2011-03-02] () [Datei ist nicht signiert]
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [278016 2016-09-07] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [200192 2016-05-28] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57856 2015-10-30] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [285184 2017-03-04] (Microsoft Corporation)
R2 DoSvc; C:\Windows\system32\dosvc.dll [1097728 2017-03-04] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [264704 2015-10-30] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [170496 2015-10-30] (Microsoft Corporation)
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [205824 2015-10-30] (Microsoft Corporation)
S3 DsSvc; C:\Windows\System32\DsSvc.dll [145408 2016-03-11] (Microsoft Corporation)
S3 Eaphost; C:\Windows\System32\eapsvc.dll [112640 2016-09-07] (Microsoft Corporation)
R2 EFS; C:\Windows\system32\efssvc.dll [60416 2015-10-30] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [111616 2015-10-30] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [314368 2016-09-07] (Microsoft Corporation)
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1743872 2016-09-07] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [473088 2015-10-30] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [345600 2015-10-30] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [651776 2015-10-30] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [21504 2015-10-30] (Microsoft Corporation)
R2 FDResPub; C:\Windows\system32\fdrespub.dll [35840 2015-10-30] (Microsoft Corporation)
S3 fhsvc; C:\Windows\system32\fhsvc.dll [118784 2016-10-25] (Microsoft Corporation)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [341312 2015-02-09] (FileOpen Systems Inc.)
S3 FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1087792 2016-12-26] (Flexera Software LLC)
R2 FontCache; C:\Windows\system32\FntCache.dll [1661952 2017-03-04] (Microsoft Corporation)
R3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2015-10-23] (Microsoft Corporation)
S3 fsssvc; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [1512640 2014-03-31] (Microsoft Corporation)
S3 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [3991016 2017-01-19] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3386872 2017-01-10] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [852968 2016-12-23] (G DATA Software AG)
S2 gpsvc; C:\Windows\System32\gpsvc.dll [1339904 2016-05-28] (Microsoft Corporation)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4608320 2014-11-27] (SafeNet Inc.)
R3 hidserv; C:\Windows\system32\hidserv.dll [36864 2015-10-30] (Microsoft Corporation)
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [31744 2015-10-30] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [279040 2016-10-25] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [464384 2015-10-30] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [381440 2015-10-30] (Microsoft Corporation)
S2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Datei ist nicht signiert]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [163328 2016-05-28] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [119296 2017-04-28] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [957952 2017-04-28] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [634632 2012-06-19] (Intel(R) Corporation)
R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [49376 2012-02-27] (Intel Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [963072 2016-05-28] (Microsoft Corporation)
R3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [689464 2017-03-22] (Apple Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S3 KeyIso; C:\Windows\system32\keyiso.dll [97792 2015-10-30] (Microsoft Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [70656 2015-10-30] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [378880 2015-10-30] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [283136 2017-03-04] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [274432 2017-03-04] (Microsoft Corporation)
S3 lfsvc; C:\Windows\System32\lfsvc.dll [27136 2015-10-30] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-10-30] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [22528 2015-10-30] (Microsoft Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [280576 2015-10-30] (Microsoft Corporation)
R3 lmhosts; C:\Windows\System32\lmhsvc.dll [24576 2015-10-30] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277824 2012-07-19] (Intel Corporation)
R2 Lotus Notes Single Logon; C:\Windows\SysWOW64\nslsvice.exe [20530 2005-12-01] (IBM Corp) [Datei ist nicht signiert]
R2 LSM; C:\Windows\System32\lsm.dll [729600 2015-10-30] (Microsoft Corporation)
R2 LVPrcS64; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [191000 2009-10-07] (Logitech Inc.)
S2 MapsBroker; C:\Windows\System32\moshost.dll [72704 2017-03-04] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-20] (Microsoft Corporation)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52736 2015-10-30] (Microsoft Corporation)
U3 MessagingService_10105602; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_10105602; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_1fe9f20; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_1fe9f20; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_22264171; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_22264171; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_2805d80; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_2805d80; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_294dc563; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_294dc563; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_3cc87; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_3cc87; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_4110a2; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_4110a2; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_4eb27f1; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_4eb27f1; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 MessagingService_63fe3; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 MessagingService_63fe3; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_6d8e6; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_6d8e6; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7b29c; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7b29c; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7eb04; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7eb04; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7ec8d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_7ec8d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_83adf; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_83adf; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_84931; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_84931; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_8c236; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_8c236; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_93a21e; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_93a21e; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_9551f; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_9551f; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_95cd17; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_95cd17; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_b9401; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_b9401; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_bc77fc; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_bc77fc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_f33b3d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 MessagingService_f33b3d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [173512 2017-05-20] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [870912 2016-04-23] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [147968 2015-10-30] (Microsoft Corporation)
R2 MsDtsServer120; C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe [216768 2016-09-24] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151040 2015-10-30] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [66048 2015-10-30] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [58368 2015-10-30] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26624 2016-03-11] (Microsoft Corporation)
R2 MSSQL$WTSNXEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.WTSNXEXPRESS\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
S3 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [372416 2016-09-24] (Microsoft Corporation)
S4 MSSQLServerADHelper100; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [59744 2010-04-03] (Microsoft Corporation)
R2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER\OLAP\bin\msmdsrv.exe [51156160 2015-04-21] (Microsoft Corporation)
R2 Multi-user Cleanup Service; C:\Program Files (x86)\lotus\notes\ntmulti.exe [57393 2005-12-01] (IBM Corp) [Datei ist nicht signiert]
R2 NAUpdate; C:\Program Files (x86)\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [168960 2015-10-30] (Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [338432 2016-03-29] (Microsoft Corporation)
R3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [79872 2017-03-04] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [Datei ist nicht signiert]
S3 Netlogon; C:\Windows\system32\netlogon.dll [847360 2016-09-07] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [713728 2016-03-11] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [265728 2016-10-25] (Microsoft Corporation)
R2 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [135848 2015-10-30] (Microsoft Corporation)
R2 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [135848 2015-10-30] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [547840 2015-10-30] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [211456 2016-08-03] (Microsoft Corporation)
S2 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [135848 2015-10-30] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [135848 2015-10-30] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [289792 2016-05-06] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [649216 2016-09-07] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [371712 2015-10-30] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [30720 2015-10-30] (Microsoft Corporation)
R2 nvsvc; C:\Windows\system32\nvvsvc.exe [891240 2012-10-02] (NVIDIA Corporation)
R2 nvUpdatusService; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1258856 2012-10-10] (NVIDIA Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [342016 2017-03-04] (Microsoft Corporation)
U2 OneSyncSvc_10105602; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_10105602; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_1fe9f20; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_1fe9f20; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_22264171; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_22264171; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_2805d80; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_2805d80; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_294dc563; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_294dc563; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_3cc87; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_3cc87; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_4110a2; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_4110a2; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_4eb27f1; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_4eb27f1; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_50ee0; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_50ee0; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
R2 OneSyncSvc_63fe3; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
R2 OneSyncSvc_63fe3; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_6d8e6; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_6d8e6; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7b29c; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7b29c; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7eb04; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7eb04; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7ec8d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_7ec8d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_83adf; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_83adf; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_84931; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_84931; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_8c236; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_8c236; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_93a21e; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_93a21e; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_9551f; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_9551f; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_95cd17; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_95cd17; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_b9401; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_b9401; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_bc77fc; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_bc77fc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_f33b3d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U2 OneSyncSvc_f33b3d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [351232 2017-03-04] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [434176 2015-10-30] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [528736 2016-10-25] (Microsoft Corporation)
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1978880 2016-09-07] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2015-10-30] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [752640 2017-03-04] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [252928 2016-03-11] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_10105602; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_10105602; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_1fe9f20; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_1fe9f20; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_22264171; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_22264171; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_2805d80; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_2805d80; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_294dc563; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_294dc563; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_3cc87; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_3cc87; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_4110a2; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_4110a2; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_4eb27f1; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_4eb27f1; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 PimIndexMaintenanceSvc_63fe3; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 PimIndexMaintenanceSvc_63fe3; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_6d8e6; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_6d8e6; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7b29c; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7b29c; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7eb04; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7eb04; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7ec8d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_7ec8d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_83adf; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_83adf; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_84931; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_84931; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_8c236; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_8c236; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_93a21e; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_93a21e; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_9551f; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_9551f; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_95cd17; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_95cd17; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_b9401; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_b9401; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_bc77fc; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_bc77fc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_f33b3d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 PimIndexMaintenanceSvc_f33b3d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 pla; C:\Windows\system32\pla.dll [1487360 2016-09-07] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1537536 2016-09-07] (Microsoft Corporation)
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [111616 2015-10-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [Datei ist nicht signiert]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [27648 2015-10-30] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [351232 2017-03-04] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [392192 2016-05-28] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [113664 2015-10-30] (Microsoft Corporation)
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [3337728 2017-04-28] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [328192 2016-03-29] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [286720 2017-03-04] (Microsoft Corporation)
S3 QWAVE; C:\Windows\SysWOW64\qwave.dll [246784 2017-03-04] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [106496 2016-02-13] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [696320 2015-10-30] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [507904 2016-09-07] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [436224 2016-09-07] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [156160 2015-10-30] (Microsoft Corporation)
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2467008 2015-04-21] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [1073152 2017-03-04] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [79360 2015-10-30] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10752 2015-10-30] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [905728 2017-04-28] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [57912 2016-09-07] (Microsoft Corporation)
S2 SCardSvr; C:\Windows\System32\SCardSvr.dll [235520 2015-10-30] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [181760 2015-10-30] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1001472 2017-03-04] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [192000 2017-03-04] (Microsoft Corporation)
S4 SDRSVC; C:\Windows\System32\SDRSVC.dll [150528 2016-07-01] (Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [31232 2016-03-11] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [73216 2015-10-30] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1297408 2017-03-04] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [339968 2017-03-04] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [180224 2016-02-13] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [372736 2015-10-30] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [313344 2015-10-30] (Microsoft Corporation)
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [456704 2016-03-11] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [608768 2015-10-30] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [559616 2015-10-30] (Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies)
S3 smphost; C:\Windows\System32\smphost.dll [23552 2015-10-30] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [20992 2015-10-30] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [591872 2016-09-07] (Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [15872 2015-10-30] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [755712 2016-09-07] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [6536248 2017-04-28] (Microsoft Corporation)
S4 SQLAgent$WTSNXEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.WTSNXEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S3 SQLBrowser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [270016 2014-02-21] (Microsoft Corporation)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2016-09-24] (Microsoft Corporation)
R2 SQLWriter; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [134336 2015-04-21] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [239616 2015-10-30] (Microsoft Corporation)

Alt 28.05.2017, 17:35   #12
gerdman
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

FRST.txt, Teil 2



FRST.txt, Teil2

Code:
ATTFilter
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [212480 2015-10-30] (Microsoft Corporation)
R2 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-11-25] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2746368 2016-09-07] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2180096 2016-09-07] (Microsoft Corporation)
R2 Stereo Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [382824 2012-10-02] (NVIDIA Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [643584 2016-09-07] (Microsoft Corporation)
S3 StorSvc; C:\Windows\system32\storsvc.dll [617984 2016-09-07] (Microsoft Corporation)
S3 svsvc; C:\Windows\system32\svsvc.dll [13824 2015-10-30] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [467968 2016-09-07] (Microsoft Corporation)
S4 SysMain; C:\Windows\system32\sysmain.dll [1088512 2015-10-30] (Microsoft Corporation)
R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [380416 2016-05-28] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [151040 2017-03-04] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [311808 2015-10-30] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [254976 2015-10-30] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757040 2017-04-06] (TeamViewer GmbH)
S3 TermService; C:\Windows\System32\termsrv.dll [1033216 2016-09-07] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [59392 2015-10-30] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [290304 2015-10-30] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [506880 2016-09-07] (Microsoft Corporation)
R3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [163840 2016-03-11] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [115200 2015-10-30] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [121856 2015-10-30] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [87040 2016-07-01] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [43008 2015-10-30] (Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [278016 2016-02-13] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1224704 2016-03-11] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [949248 2016-03-11] (Microsoft Corporation)
U3 UnistoreSvc_10105602; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_10105602; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_1fe9f20; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_1fe9f20; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_22264171; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_22264171; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_2805d80; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_2805d80; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_294dc563; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_294dc563; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_3cc87; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_3cc87; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_4110a2; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_4110a2; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_4eb27f1; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_4eb27f1; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 UnistoreSvc_63fe3; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 UnistoreSvc_63fe3; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_6d8e6; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_6d8e6; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_7b29c; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_7b29c; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_7eb04; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_7eb04; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_7ec8d; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_7ec8d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_83adf; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_83adf; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_84931; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_84931; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_8c236; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_8c236; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_93a21e; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_93a21e; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_9551f; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_9551f; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_95cd17; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_95cd17; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_b9401; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_b9401; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_bc77fc; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_bc77fc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_f33b3d; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UnistoreSvc_f33b3d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [365376 2012-07-19] (Intel Corporation)
S3 upnphost; C:\Windows\System32\upnphost.dll [452608 2016-09-07] (Microsoft Corporation)
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [329216 2016-09-07] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1490432 2017-03-04] (Microsoft Corporation)
U3 UserDataSvc_10105602; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_10105602; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_1fe9f20; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_1fe9f20; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_22264171; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_22264171; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_2805d80; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_2805d80; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_294dc563; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_294dc563; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_3cc87; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_3cc87; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_4110a2; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_4110a2; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_4eb27f1; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_4eb27f1; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 UserDataSvc_63fe3; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
S3 UserDataSvc_63fe3; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_6d8e6; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_6d8e6; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_7b29c; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_7b29c; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_7eb04; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_7eb04; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_7ec8d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_7ec8d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_83adf; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_83adf; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_84931; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_84931; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_8c236; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_8c236; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_93a21e; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_93a21e; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_9551f; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_9551f; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_95cd17; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_95cd17; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_b9401; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_b9401; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_bc77fc; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_bc77fc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_f33b3d; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
U3 UserDataSvc_f33b3d; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation) <==== ACHTUNG (ServiceDLL nicht gefunden)
R2 UserManager; C:\Windows\System32\usermgr.dll [912384 2016-09-07] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [379392 2017-04-28] (Microsoft Corporation)
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [360448 2016-03-11] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [667136 2016-09-07] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1465344 2016-09-07] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [527872 2016-09-07] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2016-03-11] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\SysWOW64\inetsrv\w3logsvc.dll [72192 2016-03-11] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [579072 2016-03-11] (Microsoft Corporation)
R2 W3SVC; C:\Windows\SysWOW64\inetsrv\iisw3adm.dll [504320 2016-03-11] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [497664 2016-10-25] (Microsoft Corporation)
R3 WAS; C:\Windows\system32\inetsrv\iisw3adm.dll [579072 2016-03-11] (Microsoft Corporation)
R3 WAS; C:\Windows\SysWOW64\inetsrv\iisw3adm.dll [504320 2016-03-11] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1570816 2016-10-25] (Microsoft Corporation)
S2 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [621568 2016-02-13] (Microsoft Corporation)
R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [606720 2016-10-25] (Microsoft Corporation)
R3 wcncsvc; C:\Windows\System32\wcncsvc.dll [471040 2016-09-07] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [43008 2015-10-30] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [33792 2015-10-30] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [100352 2015-10-30] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [89600 2015-10-30] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [100352 2015-10-30] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [89600 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [228864 2016-10-05] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [199680 2016-10-05] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [211456 2015-10-30] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [27648 2015-10-30] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [96256 2015-10-30] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [143360 2015-10-30] (Microsoft Corporation)
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [75264 2016-09-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-04-28] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [791552 2017-03-04] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [616960 2017-03-04] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [225280 2015-10-30] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2573824 2016-09-07] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2177024 2016-09-07] (Microsoft Corporation)
S3 WlanSvc; C:\Windows\System32\wlansvc.dll [2295808 2016-10-25] (Microsoft Corporation)
S3 wlidsvc; C:\Windows\system32\wlidsvc.dll [2054144 2017-03-04] (Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [202752 2015-10-30] (Microsoft Corporation)
S4 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1474560 2017-03-04] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1872896 2016-10-25] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [86528 2016-04-23] (Microsoft Corporation)
S3 WpnService; C:\Windows\system32\WpnService.dll [49152 2015-10-30] (Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [190464 2017-03-28] (Microsoft Corporation)
R3 WSearch; C:\Windows\system32\SearchIndexer.exe [938496 2017-03-04] (Microsoft Corporation)
R3 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [760320 2017-03-04] (Microsoft Corporation)
S3 WSService; C:\Windows\System32\WSService.dll [3449168 2017-04-28] (Microsoft Corporation)
S3 wuauserv; C:\Windows\system32\wuaueng.dll [2280960 2017-04-28] (Microsoft Corporation)
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [104448 2015-10-30] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [1213440 2017-03-04] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [948736 2016-09-07] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1139712 2016-03-11] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1035776 2016-09-07] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Treiber (Alle) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [235520 2015-10-30] (Microsoft Corporation)
S0 3ware; C:\Windows\System32\drivers\3ware.sys [107360 2015-10-30] (LSI)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [563552 2016-03-11] (Microsoft Corporation)
R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [127840 2015-10-30] (Microsoft Corporation)
S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [12288 2015-10-30] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [14336 2015-10-30] (Microsoft Corporation)
S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [12800 2015-10-30] (Microsoft Corporation)
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [1135456 2015-10-30] (PMC-Sierra)
R1 AFD; C:\Windows\system32\drivers\afd.sys [578912 2016-02-13] (Microsoft Corporation)
S0 agp440; C:\Windows\System32\drivers\agp440.sys [63328 2015-10-30] (Microsoft Corporation)
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [218624 2016-09-07] (Microsoft Corporation)
R2 aksdf; C:\Windows\system32\drivers\aksdf.sys [91784 2014-11-27] (SafeNet Inc.)
R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [162136 2014-11-27] (SafeNet Inc.)
S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [121856 2015-10-30] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [119296 2015-10-30] (Microsoft Corporation)
S0 amdsata; C:\Windows\System32\drivers\amdsata.sys [83296 2015-10-30] (Advanced Micro Devices)
S0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2015-10-30] (AMD Technologies Inc.)
S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [26976 2015-10-30] (Advanced Micro Devices)
S3 ampa; C:\Windows\system32\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
S3 ampa; C:\Windows\SysWOW64\ampa.sys [19568 2015-11-10] () [Datei ist nicht signiert]
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [154448 2016-07-11] (RedFox)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [154448 2016-07-11] (RedFox)
S3 AppID; C:\Windows\System32\drivers\appid.sys [146272 2016-03-11] (Microsoft Corporation)
S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [131936 2015-10-30] (PMC-Sierra, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
S3 AsyncMac; C:\Windows\System32\drivers\asyncmac.sys [28160 2015-10-30] (Microsoft Corporation)
S0 atapi; C:\Windows\System32\drivers\atapi.sys [28512 2015-10-30] (Microsoft Corporation)
R3 avmaura; C:\Windows\System32\drivers\avmaura.sys [116480 2014-08-01] (AVM Berlin)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2015-10-30] (Broadcom Corporation)
R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [55808 2015-10-30] (Microsoft Corporation)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [41472 2017-03-28] (Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [36704 2015-10-30] (Microsoft Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2015-10-30] (Windows (R) Win 7 DDK provider)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2015-10-30] (Windows (R) Win 7 DDK provider)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [9728 2015-10-30] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [104960 2016-10-25] (Microsoft Corporation)
S3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [43008 2016-10-25] (Microsoft Corporation)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [65536 2015-10-30] (Microsoft Corporation)
S3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2015-10-30] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [65536 2015-10-30] (Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [37376 2015-10-30] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [117248 2016-02-13] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92672 2015-10-30] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\drivers\cdrom.sys [173568 2015-10-30] (Microsoft Corporation)
S3 circlass; C:\Windows\System32\drivers\circlass.sys [48640 2015-10-30] (Microsoft Corporation)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [384864 2016-11-22] (Microsoft Corporation)
S3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [29696 2015-10-30] (Microsoft Corporation)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [609056 2017-04-28] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39264 2015-10-30] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys [40448 2015-10-30] (Microsoft Corporation)
R3 condrv; C:\Windows\System32\drivers\condrv.sys [50016 2015-10-30] (Microsoft Corporation)
R1 CSC; C:\Windows\System32\drivers\csc.sys [553472 2017-03-28] (Microsoft Corporation)
R1 ctxusbm; C:\Windows\system32\DRIVERS\ctxusbm.sys [89536 2012-03-19] (Citrix Systems, Inc.)
S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S1 dam; C:\Windows\System32\drivers\dam.sys [61792 2017-03-28] (Microsoft Corporation)
R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [148992 2017-03-04] (Microsoft Corporation)
R0 disk; C:\Windows\System32\drivers\disk.sys [103264 2015-10-30] (Microsoft Corporation)
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [33792 2015-10-30] (Microsoft Corporation)
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [16168 2015-10-30] (Microsoft Corporation)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-05-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-05-09] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2012-12-14] (DT Soft Ltd)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [1987424 2017-04-28] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-10-30] (QLogic Corporation)
R0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [88416 2015-10-30] (Microsoft Corporation)
S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [117088 2015-10-30] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [40344 2014-12-21] (Elaborate Bytes AG)
S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [12288 2015-10-30] (Microsoft Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-05-09] ()
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [320000 2015-10-30] (Microsoft Corporation)
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [335712 2016-04-23] (Microsoft Corporation)
S3 fdc; C:\Windows\System32\drivers\fdc.sys [32256 2015-10-30] (Microsoft Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [87552 2016-04-23] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [85344 2015-10-30] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [35840 2015-10-30] (Microsoft Corporation)
S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [26112 2015-10-30] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [377696 2015-10-30] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [62816 2015-10-30] (Microsoft Corporation)
S3 fssfltr; C:\Windows\System32\DRIVERS\fssfltr.sys [57856 2012-09-12] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [31584 2015-10-30] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [638816 2016-04-23] (Microsoft Corporation)
S0 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [66912 2015-10-30] (Microsoft Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [196152 2017-05-21] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [46104 2017-05-21] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [38984 2017-05-21] (G DATA Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [294968 2017-05-21] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [157240 2017-05-21] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [86584 2017-05-21] (G DATA Software AG)
R3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [13312 2015-10-30] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2016-10-25] (Microsoft Corporation)
S3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [163680 2015-10-30] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-10-30] (Microsoft Corporation)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [116296 2017-05-21] (G Data Software)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-26] (Glarysoft Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-11-27] (SafeNet Inc.)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [404480 2016-10-25] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [79872 2016-10-25] (Microsoft Corporation)
S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [28160 2015-10-30] (Microsoft Corporation)
S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [107520 2015-10-30] (Microsoft Corporation)
S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [51200 2015-10-30] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50016 2015-10-30] (Microsoft Corporation)
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [46592 2015-10-30] (Microsoft Corporation)
R3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [38400 2015-10-30] (Microsoft Corporation)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [153656 2017-05-21] (G Data Software AG)
S3 HPFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2007-07-16] (Hewlett Packard)
S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2015-10-30] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [1089888 2016-03-29] (Microsoft Corporation)
S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [29024 2015-10-30] (Microsoft Corporation)
S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [16896 2015-10-30] (Microsoft Corporation)
S3 HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [26112 2015-10-30] (Microsoft Corporation)
S3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [114688 2015-10-30] (Microsoft Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2015-10-30] (Intel(R) Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [165888 2015-10-30] (Intel Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [38128 2015-10-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [113152 2015-10-30] (Intel Corporation)
S0 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [645952 2012-07-09] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [673120 2015-10-30] (Intel Corporation)
S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2015-10-30] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-10-30] (Mellanox)
R3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [7966192 2016-11-02] (Intel Corporation)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2012-10-20] (Highresolution Enterprises [www.highrez.co.uk])
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTKVHD64.sys [5118208 2016-06-07] (Realtek Semiconductor Corp.)
R3 IntcDAud; C:\Windows\system32\DRIVERS\IntcDAud.sys [481768 2016-05-12] (Intel(R) Corporation)
S0 intelide; C:\Windows\System32\drivers\intelide.sys [19808 2015-10-30] (Microsoft Corporation)
S0 intelpep; C:\Windows\System32\drivers\intelpep.sys [46432 2015-10-30] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\drivers\intelppm.sys [133632 2015-10-30] (Microsoft Corporation)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-10-30] (Microsoft Corporation)
S3 Ioxmgr64; C:\Windows\System32\Drivers\Ioxmgr64.sys [15544 2015-07-23] (SCHUHFRIED GmbH)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [85504 2015-10-30] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [81408 2015-10-30] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [143360 2015-10-30] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [19456 2015-10-30] (Microsoft Corporation)
S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [22880 2015-10-30] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [277344 2015-10-30] (Microsoft Corporation)
S3 ivusb; C:\Windows\System32\drivers\ivusb.sys [29720 2010-07-29] (Initio Corporation)
R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [62304 2015-10-30] (Microsoft Corporation)
R3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [36864 2015-10-30] (Microsoft Corporation)
R3 kdnic; C:\Windows\System32\drivers\kdnic.sys [23040 2015-10-30] (Microsoft Corporation)
S3 KMWDFILTER; C:\Windows\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [129888 2016-09-07] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [161632 2016-08-03] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [26112 2015-10-30] (Microsoft Corporation)
S3 LGDDCDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2009-04-24] () [Datei ist nicht signiert]
S3 LGII2CDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2009-04-24] () [Datei ist nicht signiert]
R2 lltdio; C:\Windows\System32\drivers\lltdio.sys [64000 2015-10-30] (Microsoft Corporation)
S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108888 2015-10-30] (LSI Corporation)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [104800 2015-10-30] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-10-30] (Avago Technologies)
S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2015-10-30] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [126464 2015-10-30] (Microsoft Corporation)
R3 lvpepf64; C:\Windows\system32\DRIVERS\lv302a64.sys [15896 2009-05-01] (Logitech Inc.)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 LVRS64; C:\Windows\system32\DRIVERS\lvrs64.sys [327576 2009-05-01] (Logitech Inc.)
R3 LVUSBS64; C:\Windows\System32\drivers\LVUSBS64.sys [50072 2008-07-26] (Logitech Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [187320 2017-05-28] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [113592 2017-05-28] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-05-28] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-28] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [93624 2017-05-28] (Malwarebytes)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59744 2015-10-30] (Avago Technologies)
S0 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2015-10-30] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-10-30] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [47616 2015-10-30] (Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [41984 2015-10-30] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\drivers\monitor.sys [38400 2015-10-30] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [59232 2015-10-30] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\drivers\mouhid.sys [32256 2015-10-30] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [102752 2015-10-30] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [76288 2015-10-30] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175616 2016-03-11] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [144384 2016-10-05] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [431456 2017-03-04] (Microsoft Corporation)
R2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [286208 2017-03-04] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [216416 2017-03-04] (Microsoft Corporation)
S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [114688 2016-03-11] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [31232 2015-10-30] (Microsoft Corporation)
S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [46944 2015-10-30] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8704 2015-10-30] (Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [11776 2015-10-30] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [18784 2015-10-30] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\system32\DRIVERS\MSKSSRV.sys [13824 2015-10-30] (Microsoft Corporation)
R2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [81920 2015-10-30] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\system32\DRIVERS\MSPCLOCK.sys [10752 2015-10-30] (Microsoft Corporation)
S3 MSPQM; C:\Windows\system32\DRIVERS\MSPQM.sys [10752 2015-10-30] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [354144 2015-10-30] (Microsoft Corporation)
R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [43872 2015-10-30] (Microsoft Corporation)
S3 MSTEE; C:\Windows\system32\DRIVERS\MSTEE.sys [12800 2015-10-30] (Microsoft Corporation)
S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [15872 2016-09-07] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [125280 2016-10-25] (Microsoft Corporation)
S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2015-10-30] (Marvell Semiconductor, Inc.)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [531968 2017-03-04] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-10-30] (Mellanox)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1152864 2016-03-29] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [50176 2015-10-30] (Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [126976 2015-10-30] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [25600 2015-10-30] (Microsoft Corporation)
S3 Ndisuio; C:\Windows\System32\drivers\ndisuio.sys [63488 2015-10-30] (Microsoft Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [20480 2015-10-30] (Microsoft Corporation)
S3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [188416 2016-10-25] (Microsoft Corporation)
S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [188416 2016-10-25] (Microsoft Corporation)
S3 ndproxy; C:\Windows\System32\DRIVERS\NDProxy.sys [60928 2015-10-30] (Microsoft Corporation)
R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [124928 2016-05-28] (Microsoft Corporation)
R1 NetBIOS; C:\Windows\System32\drivers\netbios.sys [57184 2015-10-30] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [278528 2016-05-28] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [108032 2015-10-30] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [68608 2015-10-30] (Microsoft Corporation)
R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [26624 2015-10-30] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [40960 2015-10-30] (Microsoft Corporation)
R3 NTFS; C:\Windows\System32\Drivers\NTFS.sys [2152280 2016-03-29] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [84168 2013-03-15] (Cyberlink Corp.)
R1 Null; C:\Windows\System32\Drivers\Null.sys [7168 2015-10-30] (Microsoft Corporation)
S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2015-10-30] (NVIDIA Corporation)
S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [166240 2015-10-30] (NVIDIA Corporation)
S0 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [126304 2015-10-30] (Microsoft Corporation)
R3 Parport; C:\Windows\System32\drivers\parport.sys [96768 2015-10-30] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [118624 2016-05-28] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [331616 2016-08-03] (Microsoft Corporation)
S0 pciide; C:\Windows\System32\drivers\pciide.sys [16224 2015-10-30] (Microsoft Corporation)
S0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [118112 2015-10-30] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [51544 2015-10-30] (Microsoft Corporation)
R0 pdc; C:\Windows\System32\drivers\pdc.sys [100192 2017-03-28] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [721408 2015-10-30] (Microsoft Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58208 2015-10-30] (LSI Corporation)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [58720 2015-10-30] (Avago Technologies)
R3 PID_PEPI; C:\Windows\system32\DRIVERS\LV302V64.SYS [2755096 2009-05-01] (Logitech Inc.)
S3 PptpMiniport; C:\Windows\System32\drivers\raspptp.sys [95744 2015-10-30] (Microsoft Corporation)
S3 Processor; C:\Windows\System32\drivers\processr.sys [118272 2015-10-30] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\drivers\pacer.sys [160608 2015-10-30] (Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [48640 2015-10-30] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2015-10-30] (Microsoft Corporation)
S3 RasAgileVpn; C:\Windows\System32\drivers\AgileVpn.sys [105472 2015-10-30] (Microsoft Corporation)
S3 Rasl2tp; C:\Windows\System32\drivers\rasl2tp.sys [104960 2016-03-11] (Microsoft Corporation)
S3 RasPppoe; C:\Windows\System32\drivers\raspppoe.sys [81408 2015-10-30] (Microsoft Corporation)
S3 RasSstp; C:\Windows\System32\drivers\rassstp.sys [78336 2015-10-30] (Microsoft Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32568 2015-08-16] (EldoS Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [420704 2017-03-04] (Microsoft Corporation)
R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [26112 2016-02-13] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [173056 2016-02-13] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [29536 2016-02-13] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [236384 2015-10-30] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [930656 2015-10-30] (Microsoft Corporation)
S4 RsFx0151; C:\Windows\System32\DRIVERS\RsFx0151.sys [313696 2011-06-17] (Microsoft Corporation)
S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-21] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\drivers\rspndr.sys [80896 2015-10-30] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 S332x64; C:\Windows\system32\DRIVERS\S332x64.sys [78336 2013-04-05] (Identive                                                    )
S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [8704 2015-10-30] (Microsoft Corporation)
S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [110432 2015-10-30] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [43008 2017-03-04] (Microsoft Corporation)
S3 sdbus; C:\Windows\System32\drivers\sdbus.sys [277848 2016-09-07] (Microsoft Corporation)
S3 sdstor; C:\Windows\System32\drivers\sdstor.sys [95072 2016-02-13] (Microsoft Corporation)
S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [74584 2015-10-30] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [155488 2015-10-30] (Microsoft Corporation)
R3 Serenum; C:\Windows\System32\drivers\serenum.sys [25088 2015-10-30] (Microsoft Corporation)
R3 Serial; C:\Windows\System32\drivers\serial.sys [83968 2016-03-29] (Microsoft Corporation)
S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [27648 2015-10-30] (Microsoft Corporation)
S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [18432 2015-10-30] (Microsoft Corporation)
S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2015-10-30] (Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2015-10-30] (Silicon Integrated Systems)
S3 SKYNETU2; C:\Windows\System32\drivers\SkyNETU2_AMD64.SYS [518232 2010-05-10] (TechniSat Digital, S.A.)
R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [532832 2015-10-30] (Microsoft Corporation)
S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [77664 2015-10-30] (Microsoft Corporation)
R2 srv; C:\Windows\System32\DRIVERS\srv.sys [407552 2017-04-28] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [689152 2017-04-28] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [236544 2016-09-07] (Microsoft Corporation)
S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2015-10-30] (Promise Technology, Inc.)
R3 StillCam; C:\Windows\system32\DRIVERS\serscan.sys [12800 2015-10-30] (Microsoft Corporation)
R0 storahci; C:\Windows\System32\drivers\storahci.sys [133984 2015-10-30] (Microsoft Corporation)
S0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46944 2015-10-30] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [79200 2015-10-30] (Microsoft Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [78848 2015-10-30] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [34144 2015-10-30] (Microsoft Corporation)
S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [36192 2015-10-30] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\drivers\swenum.sys [17760 2015-10-30] (Microsoft Corporation)
S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [64000 2015-10-30] (Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2403168 2016-07-01] (Microsoft Corporation)
S3 Tcpip6; C:\Windows\System32\drivers\tcpip.sys [2403168 2016-07-01] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [52224 2015-10-30] (Microsoft Corporation)
R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [118624 2016-02-13] (Microsoft Corporation)
R3 teamviewervpn; C:\Windows\System32\drivers\teamviewervpn.sys [35112 2015-07-07] (TeamViewer GmbH)
S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [38752 2016-02-13] (Microsoft Corporation)
S3 TPM; C:\Windows\System32\drivers\tpm.sys [211296 2016-05-28] (Microsoft Corporation)
S3 tsusbflt; C:\Windows\System32\drivers\TsUsbFlt.sys [61952 2015-10-30] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [33280 2015-10-30] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\drivers\tunnel.sys [153600 2015-10-30] (Microsoft Corporation)
S0 uagp35; C:\Windows\System32\drivers\uagp35.sys [66400 2015-10-30] (Microsoft Corporation)
S3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [77664 2015-10-30] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [63488 2016-04-23] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46592 2015-10-30] (Microsoft Corporation)
R3 Ucx01000; C:\Windows\System32\drivers\ucx01000.sys [209248 2015-10-30] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2015-10-30] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [321024 2015-10-30] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [28512 2015-10-30] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [258912 2016-05-28] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [94048 2015-10-30] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [131424 2016-09-07] (Microsoft Corporation)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
S0 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [66912 2015-10-30] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\drivers\umbus.sys [56832 2015-10-30] (Microsoft Corporation)
S3 UmPass; C:\Windows\System32\drivers\umpass.sys [13824 2015-10-30] (Microsoft Corporation)
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [28512 2015-10-30] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [57696 2015-10-30] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [27488 2015-10-30] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.)
R3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [131584 2015-10-30] (Microsoft Corporation)
R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [159072 2015-10-30] (Microsoft Corporation)
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [102400 2015-10-30] (Microsoft Corporation)
R3 usbehci; C:\Windows\System32\drivers\usbehci.sys [95584 2015-10-30] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\drivers\usbhub.sys [500064 2015-10-30] (Microsoft Corporation)
R3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [534872 2016-04-23] (Microsoft Corporation)
S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [29696 2015-10-30] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [27648 2015-10-30] (Microsoft Corporation)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [23040 2015-10-30] (Microsoft Corporation)
S3 usbser; C:\Windows\System32\drivers\usbser.sys [67072 2016-04-23] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [127840 2016-03-11] (Microsoft Corporation)
S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [35328 2015-10-30] (Microsoft Corporation)
R3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [378208 2016-03-29] (Microsoft Corporation)
R1 VBoxDrv; C:\Windows\System32\DRIVERS\VBoxDrv.sys [238352 2013-07-04] (Oracle Corporation)
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [131856 2013-07-04] (Oracle Corporation)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [120080 2013-07-04] (Oracle Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [52576 2015-10-30] (Microsoft Corporation)
R0 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [467368 2016-11-04] (IDRIX)
S3 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [200536 2015-10-30] (Microsoft Corporation)
S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [712032 2016-10-25] (Microsoft Corporation)
S3 vhf; C:\Windows\System32\drivers\vhf.sys [31744 2015-10-30] (Microsoft Corporation)
S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [99672 2015-10-30] (Microsoft Corporation)
S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [25088 2015-10-30] (Microsoft Corporation)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [81248 2015-10-30] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [367968 2015-10-30] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [414560 2015-10-30] (Microsoft Corporation)
S3 vpci; C:\Windows\System32\drivers\vpci.sys [74080 2015-10-30] (Microsoft Corporation)
R3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52080 2013-12-13] (Cisco Systems, Inc.)
S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [166752 2015-10-30] (VIA Technologies Inc.,Ltd)
S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2015-10-30] (VIA Corporation)
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [26624 2015-10-30] (Microsoft Corporation)
R1 vwififlt; C:\Windows\System32\drivers\vwififlt.sys [74240 2015-10-30] (Microsoft Corporation)
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [30208 2015-10-30] (Microsoft Corporation)
S3 wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [79872 2015-10-30] (Microsoft Corporation)
S3 wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [79872 2015-10-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [794432 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [695296 2017-03-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R0 WFPLWFS; C:\Windows\System32\drivers\wfplwfs.sys [154464 2015-10-30] (Microsoft Corporation)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [42688 2015-10-30] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-10-30] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-10-30] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-10-30] (Mellanox)
S3 WINUSB; C:\Windows\System32\drivers\WinUSB.SYS [89088 2015-10-30] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-10-30] (Mellanox)
R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [18432 2015-10-30] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [199008 2015-10-30] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221888 2015-10-30] (Microsoft Corporation)
S3 wpcfltr; C:\Windows\System32\DRIVERS\wpcfltr.sys [52768 2015-10-30] (Microsoft Corporation)
S3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [30560 2015-10-30] (Microsoft Corporation)
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [22528 2015-10-30] (Microsoft Corporation)
S3 WsAudio_Device; C:\Windows\system32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare)
R3 WSDPrintDevice; C:\Windows\System32\drivers\WSDPrint.sys [22528 2015-10-30] (Microsoft Corporation)
R3 WSDScan; C:\Windows\system32\DRIVERS\WSDScan.sys [24576 2015-10-30] (Microsoft Corporation)
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [98816 2015-10-30] (Microsoft Corporation)
R3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [238592 2016-03-11] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [26112 2016-03-29] (Microsoft Corporation)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [29896 2016-11-04] (CyberLink Corp.)
U3 idsvc; kein ImagePath
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-28 17:19 - 2017-05-28 17:20 - 00163747 _____ C:\Users\Leo\Downloads\FRST.txt
2017-05-28 17:15 - 2017-05-28 17:15 - 00591348 _____ C:\Users\Leo\Desktop\mbam.txt
2017-05-28 17:09 - 2017-05-28 17:09 - 00001867 _____ C:\Users\Leo\Desktop\Malwarebytes.lnk
2017-05-28 17:08 - 2017-05-28 17:08 - 00000022 _____ C:\Windows\S.dirmngr
2017-05-28 16:52 - 2017-05-28 17:08 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-05-28 16:52 - 2017-05-28 17:08 - 00093624 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-05-28 16:51 - 2017-05-28 17:08 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-05-28 16:51 - 2017-05-28 16:51 - 00001918 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-28 16:51 - 2017-05-28 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-28 16:51 - 2017-05-28 16:51 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-28 16:51 - 2017-05-09 16:37 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-05-28 16:43 - 2017-05-28 16:47 - 00000000 ____D C:\AdwCleaner
2017-05-28 16:40 - 2017-05-28 16:51 - 63364552 _____ (Malwarebytes ) C:\Users\Leo\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-28 16:39 - 2017-05-28 16:43 - 04102600 _____ C:\Users\Leo\Desktop\AdwCleaner_6.046.exe
2017-05-28 14:53 - 2017-05-28 14:53 - 00001510 _____ C:\Windows\Tasks\Stackout.job
2017-05-28 14:22 - 2017-05-28 17:08 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-28 14:22 - 2017-05-28 16:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-28 14:22 - 2017-05-28 15:54 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-28 14:21 - 2017-05-28 16:52 - 00187320 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-05-28 14:21 - 2017-05-28 15:47 - 00000000 ____D C:\Users\Leo\Desktop\mbar
2017-05-28 14:21 - 2017-05-28 14:21 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Leo\Downloads\mbar-1.09.3.1001.exe
2017-05-28 13:21 - 2017-05-28 13:22 - 02429952 _____ (Farbar) C:\Users\Leo\Downloads\FRST64(1).exe
2017-05-21 20:47 - 2017-05-21 20:47 - 01202184 _____ (Adobe Systems Incorporated) C:\Users\Leo\Downloads\flashplayer25au_ha_install(2).exe
2017-05-21 15:17 - 2017-05-21 15:17 - 04148178 _____ C:\Users\Leo\Downloads\Yamaha HB-Sduro_Tech_Präsi.pdf
2017-05-21 15:17 - 2017-05-21 15:17 - 00790246 _____ C:\Users\Leo\Downloads\BedienungsanleitungBatavusStreamRazerYamaha2015_DE.pdf
2017-05-21 15:16 - 2017-05-21 15:16 - 00356042 _____ C:\Users\Leo\Downloads\bikespeed_RS_Yamaha_Yamaha_Einbauanleitung_DE.pdf
2017-05-21 15:14 - 2017-05-21 15:14 - 06727816 _____ C:\Users\Leo\Downloads\E-Pack_Manual_2016__German.pdf
2017-05-21 15:09 - 2017-05-21 15:09 - 05634730 _____ C:\Users\Leo\Downloads\Haibike_Betriebsanleitung_Yamaha_2016.pdf
2017-05-21 10:43 - 2017-05-21 10:43 - 00116296 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2017-05-21 10:43 - 2017-05-21 10:43 - 00028208 _____ (G DATA Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2017-05-21 10:22 - 2017-05-21 10:22 - 00086584 _____ (G DATA Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2017-05-21 10:22 - 2017-05-21 10:22 - 00046104 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2017-05-21 10:22 - 2017-05-21 10:22 - 00038984 _____ (G DATA Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2017-05-21 10:22 - 2017-05-21 10:22 - 00002133 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-05-21 10:22 - 2017-05-21 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-05-21 10:21 - 2017-05-21 10:21 - 00294968 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2017-05-21 10:21 - 2017-05-21 10:21 - 00196152 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2017-05-21 10:21 - 2017-05-21 10:21 - 00157240 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2017-05-21 10:21 - 2017-05-21 10:21 - 00153656 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2017-05-21 10:14 - 2017-05-21 10:14 - 00016786 _____ C:\Windows\System32\Tasks\Stackout
2017-05-20 13:43 - 2017-05-21 12:13 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2017-05-20 13:08 - 2017-05-20 13:08 - 00001522 _____ C:\Windows\Tasks\Audio Clipper.job
2017-05-20 11:20 - 2017-05-20 11:21 - 319268864 _____ C:\Users\Leo\Downloads\kav_rescue_10.iso
2017-05-20 11:19 - 2017-05-20 11:19 - 00001524 _____ C:\Users\Leo\Desktop\Kaspersky Security Scan Version 16.0.0.1344 installieren.lnk
2017-05-20 11:13 - 2017-05-20 11:19 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-05-20 11:12 - 2017-05-20 11:13 - 02671128 _____ (Kaspersky Lab) C:\Users\Leo\Downloads\kss16.0.0.1344en_ru_de_fr_es_it_zh-hans_pl_tr_nl_cs_ko_id_pt_ar_vi_hi_zh-hant_fa_10518.exe
2017-05-19 22:49 - 2017-05-19 22:49 - 00751387 _____ C:\Users\Leo\Downloads\video_downloadhelper-6.3.1-fx.zip
2017-05-19 19:58 - 2017-05-28 13:24 - 00079527 _____ C:\Users\Leo\Downloads\Addition-1.txt
2017-05-19 19:57 - 2017-05-28 17:19 - 00000000 ____D C:\FRST
2017-05-19 19:57 - 2017-05-28 13:24 - 00087743 _____ C:\Users\Leo\Downloads\FRST-1.txt
2017-05-19 19:56 - 2017-05-19 19:57 - 02429952 _____ (Farbar) C:\Users\Leo\Downloads\FRST64.exe
2017-05-14 10:21 - 2017-05-14 10:21 - 00459146 _____ C:\Users\Leo\Downloads\key1011finder.zip
2017-05-14 10:16 - 2017-05-14 10:16 - 00000154 _____ C:\Users\Leo\Documents\QUADCORE-I5.txt
2017-05-12 20:09 - 2017-05-12 20:09 - 63035592 _____ (Malwarebytes ) C:\Users\Leo\Downloads\mb3-setup-13595.13595-3.1.2.1733(1).exe
2017-05-12 18:43 - 2017-05-12 18:43 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-12 18:43 - 2017-05-12 18:43 - 00001222 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-05-12 18:41 - 2017-05-12 18:41 - 00246352 _____ (Mozilla) C:\Users\Leo\Downloads\Firefox Setup Stub 53.0.2.exe
2017-05-12 18:15 - 2017-05-12 18:15 - 00042898 _____ C:\Users\Leo\Documents\Überlassungsvertrag_Fitzner-Packbier.pdf
2017-05-12 18:12 - 2017-05-12 18:12 - 00157104 _____ C:\Users\Leo\Documents\Jobrad_Angebot_XXL-Feld.pdf
2017-05-12 17:58 - 2017-04-28 05:59 - 00602256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-12 17:58 - 2017-04-28 04:57 - 01813408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-12 17:58 - 2017-04-28 04:57 - 00959144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-12 17:58 - 2017-04-28 04:56 - 02945648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-12 17:58 - 2017-04-28 04:56 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-05-12 17:58 - 2017-04-28 04:52 - 05240448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-05-12 17:58 - 2017-04-28 04:45 - 01536600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-12 17:58 - 2017-04-28 03:50 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-05-12 17:58 - 2017-04-28 02:57 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2017-05-12 17:58 - 2017-04-28 02:49 - 00805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2017-05-12 17:58 - 2017-04-28 02:32 - 04078080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-05-12 17:58 - 2017-04-28 02:25 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-12 17:58 - 2017-04-28 02:06 - 04404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-05-12 17:58 - 2017-04-28 01:55 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-12 17:58 - 2017-04-28 01:29 - 00461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-05-12 17:57 - 2017-04-28 06:32 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-05-12 17:57 - 2017-04-28 06:30 - 07465816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-12 17:57 - 2017-04-28 06:30 - 02656960 _____ C:\Windows\system32\CoreUIComponents.dll
2017-05-12 17:57 - 2017-04-28 06:30 - 01997840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-12 17:57 - 2017-04-28 06:30 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-05-12 17:57 - 2017-04-28 06:30 - 01098640 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-05-12 17:57 - 2017-04-28 06:30 - 00800080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-12 17:57 - 2017-04-28 06:27 - 00754664 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-05-12 17:57 - 2017-04-28 06:08 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2017-05-12 17:57 - 2017-04-28 05:59 - 01862000 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-05-12 17:57 - 2017-04-28 05:59 - 01558280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-12 17:57 - 2017-04-28 05:38 - 01060432 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-05-12 17:57 - 2017-04-28 05:32 - 02608912 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-12 17:57 - 2017-04-28 05:32 - 01323272 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-12 17:57 - 2017-04-28 05:31 - 03699280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-12 17:57 - 2017-04-28 05:31 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-05-12 17:57 - 2017-04-28 05:31 - 00026464 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-05-12 17:57 - 2017-04-28 05:28 - 22560744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-05-12 17:57 - 2017-04-28 05:28 - 00566104 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-05-12 17:57 - 2017-04-28 05:27 - 06604992 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-05-12 17:57 - 2017-04-28 05:26 - 01540224 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-05-12 17:57 - 2017-04-28 05:26 - 00692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2017-05-12 17:57 - 2017-04-28 05:25 - 06536248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2017-05-12 17:57 - 2017-04-28 05:24 - 01128104 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2017-05-12 17:57 - 2017-04-28 05:24 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-05-12 17:57 - 2017-04-28 05:23 - 00609056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-05-12 17:57 - 2017-04-28 05:20 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-12 17:57 - 2017-04-28 05:04 - 00881664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-05-12 17:57 - 2017-04-28 04:53 - 01987424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-12 17:57 - 2017-04-28 04:53 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-05-12 17:57 - 2017-04-28 04:52 - 01594928 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-12 17:57 - 2017-04-28 04:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-12 17:57 - 2017-04-28 04:24 - 00824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-05-12 17:57 - 2017-04-28 04:23 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-05-12 17:57 - 2017-04-28 04:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-05-12 17:57 - 2017-04-28 04:19 - 01370224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-12 17:57 - 2017-04-28 04:16 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-05-12 17:57 - 2017-04-28 04:15 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-12 17:57 - 2017-04-28 04:13 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-05-12 17:57 - 2017-04-28 04:11 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-12 17:57 - 2017-04-28 04:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-05-12 17:57 - 2017-04-28 04:05 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-05-12 17:57 - 2017-04-28 04:03 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-05-12 17:57 - 2017-04-28 04:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2017-05-12 17:57 - 2017-04-28 04:01 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.ps.dll
2017-05-12 17:57 - 2017-04-28 03:59 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-05-12 17:57 - 2017-04-28 03:58 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-05-12 17:57 - 2017-04-28 03:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-12 17:57 - 2017-04-28 03:55 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-12 17:57 - 2017-04-28 03:55 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2017-05-12 17:57 - 2017-04-28 03:54 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-05-12 17:57 - 2017-04-28 03:53 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-12 17:57 - 2017-04-28 03:53 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-12 17:57 - 2017-04-28 03:52 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-12 17:57 - 2017-04-28 03:51 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-05-12 17:57 - 2017-04-28 03:51 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2017-05-12 17:57 - 2017-04-28 03:50 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-05-12 17:57 - 2017-04-28 03:49 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-05-12 17:57 - 2017-04-28 03:46 - 00383488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-12 17:57 - 2017-04-28 03:45 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-05-12 17:57 - 2017-04-28 03:41 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-05-12 17:57 - 2017-04-28 03:40 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-05-12 17:57 - 2017-04-28 03:39 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-05-12 17:57 - 2017-04-28 03:38 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-05-12 17:57 - 2017-04-28 03:38 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-05-12 17:57 - 2017-04-28 03:35 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-12 17:57 - 2017-04-28 03:35 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-12 17:57 - 2017-04-28 03:33 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2017-05-12 17:57 - 2017-04-28 03:32 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2017-05-12 17:57 - 2017-04-28 03:32 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-12 17:57 - 2017-04-28 03:31 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-12 17:57 - 2017-04-28 03:31 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-05-12 17:57 - 2017-04-28 03:31 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-05-12 17:57 - 2017-04-28 03:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-12 17:57 - 2017-04-28 03:30 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-12 17:57 - 2017-04-28 03:29 - 02127872 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-12 17:57 - 2017-04-28 03:28 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-05-12 17:57 - 2017-04-28 03:28 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-12 17:57 - 2017-04-28 03:26 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-05-12 17:57 - 2017-04-28 03:24 - 01752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-12 17:57 - 2017-04-28 03:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2017-05-12 17:57 - 2017-04-28 03:23 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-05-12 17:57 - 2017-04-28 03:21 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-05-12 17:57 - 2017-04-28 03:21 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2017-05-12 17:57 - 2017-04-28 03:20 - 04456448 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-05-12 17:57 - 2017-04-28 03:19 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-05-12 17:57 - 2017-04-28 03:19 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-05-12 17:57 - 2017-04-28 03:19 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2017-05-12 17:57 - 2017-04-28 03:15 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-12 17:57 - 2017-04-28 03:15 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-12 17:57 - 2017-04-28 03:15 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2017-05-12 17:57 - 2017-04-28 03:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-12 17:57 - 2017-04-28 03:11 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-05-12 17:57 - 2017-04-28 03:11 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-05-12 17:57 - 2017-04-28 03:10 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-05-12 17:57 - 2017-04-28 03:07 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2017-05-12 17:57 - 2017-04-28 03:07 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-12 17:57 - 2017-04-28 03:04 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-05-12 17:57 - 2017-04-28 03:03 - 03586048 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-05-12 17:57 - 2017-04-28 03:03 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-05-12 17:57 - 2017-04-28 03:01 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-05-12 17:57 - 2017-04-28 03:00 - 05123072 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-05-12 17:57 - 2017-04-28 02:56 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-12 17:57 - 2017-04-28 02:55 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-12 17:57 - 2017-04-28 02:55 - 00501760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-12 17:57 - 2017-04-28 02:55 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-12 17:57 - 2017-04-28 02:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-12 17:57 - 2017-04-28 02:53 - 01729536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-12 17:57 - 2017-04-28 02:51 - 02280960 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-12 17:57 - 2017-04-28 02:50 - 01526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-12 17:57 - 2017-04-28 02:47 - 04826624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-05-12 17:57 - 2017-04-28 02:47 - 03695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-05-12 17:57 - 2017-04-28 02:47 - 03404800 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-12 17:57 - 2017-04-28 02:47 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-05-12 17:57 - 2017-04-28 02:46 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2017-05-12 17:57 - 2017-04-28 02:44 - 07977984 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-05-12 17:57 - 2017-04-28 02:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-05-12 17:57 - 2017-04-28 02:36 - 16985600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-05-12 17:57 - 2017-04-28 02:35 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-05-12 17:57 - 2017-04-28 02:27 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-12 17:57 - 2017-04-28 02:25 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2017-05-12 17:57 - 2017-04-28 02:22 - 04412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-05-12 17:57 - 2017-04-28 02:22 - 02878976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-12 17:57 - 2017-04-28 02:21 - 13018112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-05-12 17:57 - 2017-04-28 02:20 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-05-12 17:57 - 2017-04-28 02:19 - 06296064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-05-12 17:57 - 2017-04-28 02:16 - 22375424 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-05-12 17:57 - 2017-04-28 02:12 - 04889600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-12 17:57 - 2017-04-28 02:11 - 06312448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-05-12 17:57 - 2017-04-28 02:09 - 13393920 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-12 17:57 - 2017-04-28 02:08 - 03993600 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-05-12 17:57 - 2017-04-28 02:06 - 12139008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-12 17:57 - 2017-04-28 02:05 - 24605184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-12 17:57 - 2017-04-28 02:04 - 19344896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-12 17:57 - 2017-04-28 02:04 - 03660288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-12 17:57 - 2017-04-28 02:04 - 02911744 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-05-12 17:57 - 2017-04-28 02:04 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-12 17:57 - 2017-04-28 02:03 - 18673152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-05-12 17:57 - 2017-04-28 01:58 - 00821248 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2017-05-12 17:57 - 2017-04-28 01:57 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-12 17:57 - 2017-04-28 01:57 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-05-12 17:57 - 2017-04-28 01:53 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2017-05-12 17:57 - 2017-04-28 01:50 - 07853568 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-05-12 17:57 - 2017-04-28 01:47 - 05670912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-05-12 17:57 - 2017-04-28 01:45 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-05-12 17:36 - 2017-05-12 17:36 - 00004437 _____ C:\Users\Leo\Documents\zerti-untrus.txt
2017-05-12 17:10 - 2017-05-12 17:10 - 63035592 _____ (Malwarebytes ) C:\Users\Leo\Downloads\mb3-setup-13595.13595-3.1.2.1733.exe
2017-05-12 14:09 - 2017-05-12 14:09 - 00001554 _____ C:\Windows\Tasks\Haxi- White 1-5 patch.job
2017-05-10 19:45 - 2017-05-21 10:19 - 281128592 _____ (G DATA Software AG) C:\Users\Leo\Downloads\GDATA_INTERNETSECURITY_BASE_WEU_25.3.0.3.exe
2017-05-10 19:40 - 2017-05-20 10:37 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-10 17:50 - 2017-05-10 17:50 - 00927888 _____ (G DATA Software AG) C:\Users\Leo\Downloads\AVCleaner.exe
2017-05-10 16:55 - 2017-05-10 16:55 - 00000000 ____D C:\Users\Leo\Desktop\Alte Firefox-Daten
2017-05-10 15:55 - 2017-05-10 15:55 - 00000000 ____D C:\Users\Leo\AppData\Local\navi
2017-05-09 19:51 - 2017-05-09 19:51 - 24792608 _____ (Disc Soft Ltd) C:\Users\Leo\Downloads\DTLite1051-0229_paid.exe
2017-05-09 18:41 - 2017-05-10 15:55 - 00000000 ____D C:\ProgramData\VideoMemoryDiagnostic
2017-05-09 18:41 - 2017-05-09 18:41 - 00016856 _____ C:\Windows\System32\Tasks\Haxi- White 1-5 patch
2017-05-09 18:41 - 2017-05-09 18:41 - 00001042 _____ C:\Users\Leo\Desktop\Play Warframe.lnk
2017-05-09 18:41 - 2017-05-09 18:41 - 00001036 _____ C:\Users\Leo\Desktop\Play WarThunder.lnk
2017-05-09 18:41 - 2017-04-27 16:36 - 00000195 _____ C:\Users\Leo\Desktop\Download Video and Audio Online.url
2017-05-09 18:09 - 2017-05-09 18:09 - 00000000 ____D C:\Users\Leo\AppData\Local\Disc_Soft_Ltd
2017-05-09 17:59 - 2017-05-09 17:59 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2017-05-09 17:59 - 2017-05-09 17:59 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2017-05-06 09:23 - 2017-05-06 09:23 - 00051624 _____ C:\Windows\uninstaller.dat
2017-05-05 17:32 - 2017-05-05 17:32 - 00001278 _____ C:\Users\Public\Desktop\CloneDVD2.lnk
2017-05-05 17:19 - 2017-05-05 17:19 - 00001173 _____ C:\Users\Public\Desktop\AnyDVD.lnk
2017-05-05 17:19 - 2017-05-05 17:19 - 00000000 ____D C:\ProgramData\RedFox
2017-05-05 17:19 - 2017-05-05 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RedFox
2017-05-05 17:19 - 2017-05-05 17:19 - 00000000 ____D C:\Program Files (x86)\RedFox
2017-05-05 17:18 - 2017-05-05 17:18 - 00000898 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 6.lnk
2017-05-05 17:18 - 2017-05-05 17:18 - 00000886 _____ C:\Users\Public\Desktop\Total Uninstall 6.lnk
2017-05-05 17:18 - 2017-05-05 17:18 - 00000016 _____ C:\ProgramData\mntemp
2017-05-05 17:18 - 2017-05-05 17:18 - 00000000 ____D C:\ProgramData\Martau
2017-05-05 17:18 - 2017-05-05 17:18 - 00000000 ____D C:\Program Files\Total Uninstall 6
2017-05-05 17:15 - 2017-05-05 17:17 - 26751832 _____ (Gavrila Martau ) C:\Users\Leo\Downloads\Total-Uninstall-Setup-6.19.0.exe
2017-05-05 17:12 - 2017-05-05 18:03 - 33817960 _____ C:\Users\Leo\Downloads\SetupCloneBD1151RedFox.exe
2017-05-05 17:12 - 2017-05-05 17:32 - 05262920 _____ C:\Users\Leo\Downloads\SetupCloneDVD2933RedFox.exe
2017-05-05 17:11 - 2017-05-05 17:18 - 14041456 _____ C:\Users\Leo\Downloads\SetupAnyDVD8120.exe
2017-05-05 14:49 - 2017-05-05 14:49 - 00252722 _____ C:\Users\Leo\Downloads\FRITZ.Box 7490 (UI) 113.06.83_01.01.70_0101.export
2017-05-02 17:49 - 2017-05-02 17:49 - 01201768 _____ (Adobe Systems Incorporated) C:\Users\Leo\Downloads\flashplayer25au_ha_install(1).exe
2017-05-01 15:55 - 2017-05-01 15:55 - 00542263 _____ C:\Users\Leo\Downloads\Hennef_FRITZ.Box 7490 (UI) 113.06.83_01.05.17_1555.export
2017-05-01 15:51 - 2017-05-01 15:52 - 00668775 _____ C:\Users\Leo\Downloads\FRITZ.Box 7490 (UI) 113.06.83_01.05.17_1552.export
2017-05-01 11:49 - 2017-05-01 11:49 - 00145600 _____ C:\Users\Leo\Downloads\Adac.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-28 17:15 - 2016-03-11 22:29 - 02767824 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-28 17:15 - 2016-02-13 18:59 - 01139772 _____ C:\Windows\system32\perfh007.dat
2017-05-28 17:15 - 2016-02-13 18:59 - 00304090 _____ C:\Windows\system32\perfc007.dat
2017-05-28 17:15 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2017-05-28 17:08 - 2016-08-10 18:05 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-28 17:08 - 2016-08-10 18:05 - 00000000 __SHD C:\Users\Leo\IntelGraphicsProfiles
2017-05-28 17:08 - 2016-02-13 19:26 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-28 17:08 - 2012-11-05 20:21 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-28 17:07 - 2015-10-30 08:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-05-28 17:00 - 2016-11-18 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-28 16:50 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-28 16:50 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2017-05-28 16:46 - 2016-08-06 12:16 - 00000000 ____D C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2017-05-28 16:46 - 2016-04-24 14:44 - 00000953 _____ C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-05-28 16:46 - 2016-04-24 14:44 - 00000905 _____ C:\Users\Leo\Desktop\Start Tor Browser.lnk
2017-05-28 16:46 - 2016-04-24 14:43 - 00000000 ____D C:\Users\Leo\Desktop\Tor Browser
2017-05-28 16:46 - 2016-01-05 22:49 - 00001008 _____ C:\Users\Leo\Desktop\Internet Explorer.lnk
2017-05-28 16:46 - 2013-08-25 18:55 - 00000000 ____D C:\Users\Leo\AppData\Roaming\Yahoo!
2017-05-28 16:46 - 2012-11-16 20:34 - 00001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-28 16:46 - 2012-11-16 20:34 - 00001361 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-28 16:42 - 2016-11-18 21:48 - 00000000 ____D C:\Users\Leo\AppData\LocalLow\Mozilla
2017-05-28 15:52 - 2015-10-30 08:28 - 00032768 ___SH C:\Windows\system32\config\ELAM
2017-05-28 14:54 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\TAPI
2017-05-28 14:54 - 2015-10-30 08:28 - 00000000 ____D C:\Program Files\Stackout
2017-05-28 12:49 - 2014-08-16 11:23 - 00000000 ____D C:\Users\Leo\AppData\Local\Adobe
2017-05-25 14:20 - 2016-09-11 15:48 - 00001024 ____H C:\AMTAG.BIN
2017-05-25 14:05 - 2013-08-15 22:19 - 00000000 ____D C:\Windows\system32\MRT
2017-05-25 14:03 - 2013-05-16 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2017-05-25 14:03 - 2013-05-16 14:52 - 00000000 ____D C:\Program Files (x86)\Acronis
2017-05-25 14:01 - 2012-11-05 19:56 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-25 14:00 - 2013-05-16 14:53 - 00000000 ____D C:\ProgramData\Acronis
2017-05-23 18:48 - 2015-03-27 19:30 - 00000000 ____D C:\Users\Leo\AppData\Roaming\JOSM
2017-05-23 18:45 - 2017-04-07 17:34 - 00000000 ____D C:\Users\Leo\.egvp2_client
2017-05-23 17:04 - 2016-03-12 11:59 - 00000000 ____D C:\Program Files (x86)\StarMoney 10 apoEdition
2017-05-21 20:45 - 2012-11-05 20:53 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-05-21 11:03 - 2012-11-05 20:34 - 00000000 ____D C:\ProgramData\G DATA
2017-05-21 10:20 - 2015-10-30 09:24 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-05-21 10:20 - 2012-11-05 20:34 - 00000000 ____D C:\Program Files (x86)\G Data
2017-05-20 16:58 - 2015-10-30 08:28 - 00000000 ____D C:\Program Files\Audio Clipper
2017-05-20 16:57 - 2014-05-13 19:06 - 00000000 ____D C:\Program Files (x86)\Passware
2017-05-20 11:40 - 2016-03-11 22:30 - 00000000 ____D C:\Users\ReportServer
2017-05-20 11:40 - 2016-03-11 22:30 - 00000000 ____D C:\Users\MSSQLServerOLAPService
2017-05-20 11:40 - 2016-03-11 22:30 - 00000000 ____D C:\Users\MsDtsServer120
2017-05-20 11:19 - 2009-07-14 05:20 - 00000000 ____D C:\Users\Default.migrated
2017-05-20 10:38 - 2012-11-05 21:04 - 00000000 ____D C:\ProgramData\Temp
2017-05-20 10:37 - 2012-11-10 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-20 10:33 - 2012-12-15 11:52 - 00000000 ____D C:\Windows\pss
2017-05-19 21:25 - 2012-11-06 19:38 - 00000000 ____D C:\Users\Leo\AppData\Roaming\SAmAs
2017-05-19 21:16 - 2016-03-13 19:59 - 00000000 ____D C:\Users\Leo\AppData\Local\Deployment
2017-05-19 21:15 - 2012-11-16 20:33 - 00000000 ____D C:\Program Files\Google
2017-05-19 21:15 - 2012-11-14 19:48 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-19 19:44 - 2012-11-14 19:48 - 00000000 ____D C:\Users\Leo\AppData\Local\Google
2017-05-19 19:43 - 2015-05-26 21:26 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2017-05-19 19:42 - 2012-12-31 15:08 - 00000000 ____D C:\Program Files (x86)\DVBViewer TE2
2017-05-19 19:42 - 2012-12-27 21:55 - 00000000 ____D C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2017-05-19 19:41 - 2016-02-13 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-19 19:41 - 2015-04-09 18:59 - 00000000 ____D C:\Program Files (x86)\Corporal
2017-05-19 19:41 - 2012-10-20 06:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-19 19:40 - 2016-02-12 20:57 - 00000000 ____D C:\ProgramData\ZDSupport
2017-05-14 16:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2017-05-12 22:28 - 2017-03-17 20:15 - 00000000 ___RD C:\Users\Leo\Virtual Machines
2017-05-12 22:28 - 2016-02-13 10:22 - 00411912 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\F12
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-12 22:25 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-12 22:06 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2017-05-12 18:20 - 2015-10-30 08:28 - 00000000 ____D C:\Program Files\Haxi- White 1.5 patch
2017-05-12 17:11 - 2017-04-12 19:28 - 00766583 _____ C:\Users\Leo\Downloads\2016-11-28_Fachhaendler_Formular_Leasinganfrage_JobRad_SFG.pdf
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\SysWOW64\Configuration
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\oobe
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\MUI
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\IME
2017-05-10 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\Com
2017-05-10 18:02 - 2013-11-28 19:39 - 00000000 ____D C:\Users\Leo\AppData\Roaming\G Data
2017-05-10 18:02 - 2012-11-16 20:32 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2017-05-10 17:10 - 2015-06-19 17:41 - 00000000 ____D C:\Users\Leo\AppData\Local\Dropbox
2017-05-10 17:10 - 2014-04-27 15:35 - 00000000 ____D C:\Users\Leo\AppData\Roaming\Dropbox
2017-05-10 16:08 - 2012-11-24 15:24 - 00000125 ___SH C:\ProgramData\.zreglib
2017-05-09 18:03 - 2012-11-24 16:00 - 00000000 ____D C:\Users\Leo\AppData\Roaming\DAEMON Tools Lite
2017-05-07 20:57 - 2012-11-24 16:42 - 00000000 ____D C:\ProgramData\DVD Shrink
2017-05-07 18:58 - 2013-03-02 19:37 - 00000000 ____D C:\Users\Leo\AppData\Roaming\HandBrake
2017-05-07 16:33 - 2013-02-28 23:42 - 00000000 ____D C:\Users\Leo\AppData\Roaming\vlc
2017-05-06 13:38 - 2016-04-16 20:54 - 00000000 ____D C:\ProgramData\Elaborate Bytes
2017-05-05 18:12 - 2014-12-25 20:42 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-05 18:04 - 2016-04-16 20:54 - 00001250 _____ C:\Users\Public\Desktop\CloneBD.lnk
2017-05-05 17:32 - 2016-04-16 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2017-05-05 17:32 - 2012-11-24 15:23 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2017-05-02 17:56 - 2016-03-11 23:08 - 00000000 ____D C:\Users\Leo\AppData\Local\Packages
2017-04-29 17:26 - 2016-02-02 15:16 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d15dbbea352be2
2017-04-29 17:26 - 2016-02-02 15:16 - 00003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d15dbbe9c08875
2017-04-29 02:51 - 2015-10-30 09:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:51 - 2015-10-30 09:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 06:23 - 2016-02-13 19:26 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-11-18 19:01 - 2015-11-14 17:52 - 0000031 _____ () C:\Program Files (x86)\Notes.ini
2017-05-21 10:21 - 2017-05-21 10:21 - 0000000 _____ () C:\Users\Leo\AppData\Roaming\gdfw.log
2017-05-21 10:21 - 2017-05-21 10:21 - 0000779 _____ () C:\Users\Leo\AppData\Roaming\gdscan.log
2015-02-26 23:06 - 2015-09-12 20:57 - 0000479 _____ () C:\Users\Leo\AppData\Roaming\isis.xml
2015-10-24 23:44 - 2016-07-02 11:34 - 0028348 _____ () C:\Users\Leo\AppData\Roaming\phpdesigner.xml
2017-04-13 11:34 - 2017-04-13 11:34 - 0000600 _____ () C:\Users\Leo\AppData\Roaming\winscp.rnd
2014-05-13 19:25 - 2014-05-13 19:25 - 0000096 _____ () C:\Users\Leo\AppData\Local\errorlog.txt
2015-09-11 21:49 - 2015-09-11 21:58 - 0004096 ____H () C:\Users\Leo\AppData\Local\keyfile3.drm
2012-11-15 23:58 - 2012-11-15 23:58 - 0000001 _____ () C:\Users\Leo\AppData\Local\llftool.4.12.agreement
2016-02-28 15:58 - 2016-09-04 11:03 - 0000173 _____ () C:\Users\Leo\AppData\Local\msmathematics.qat.Leo
2015-11-28 14:19 - 2015-12-18 22:39 - 0000600 _____ () C:\Users\Leo\AppData\Local\PUTTY.RND
2012-11-16 00:02 - 2012-11-16 00:02 - 0000017 _____ () C:\Users\Leo\AppData\Local\resmon.resmoncfg
2012-11-24 15:24 - 2017-05-10 16:08 - 0000125 ___SH () C:\ProgramData\.zreglib
2016-08-10 18:03 - 2016-08-10 18:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-05 19:43 - 2014-08-09 17:03 - 0001479 _____ () C:\ProgramData\hpzinstall.log
2017-05-05 17:18 - 2017-05-05 17:18 - 0000016 _____ () C:\ProgramData\mntemp

Einige Dateien in TEMP:
====================
2016-10-08 17:06 - 2016-10-08 17:06 - 0387072 _____ (REINER SCT) C:\Users\Leo\AppData\Local\Temp\callback.dll
2017-02-03 16:58 - 2017-02-04 19:46 - 0065536 _____ (Sony DADC Austria AG) C:\Users\Leo\AppData\Local\Temp\drm_dialogs.dll
2016-11-13 19:23 - 2017-02-04 19:46 - 0204800 _____ (Sony DADC Austria AG) C:\Users\Leo\AppData\Local\Temp\drm_dyndata_7400009.dll
2014-09-24 00:42 - 2014-09-24 00:42 - 0013824 _____ () C:\Users\Leo\AppData\Local\Temp\gkey.exe
2016-12-29 14:12 - 2016-12-29 14:12 - 0237568 _____ () C:\Users\Leo\AppData\Local\Temp\infozip2.exe
2016-08-06 12:17 - 2016-08-06 12:17 - 0741440 _____ (Oracle Corporation) C:\Users\Leo\AppData\Local\Temp\jre-8u101-windows-au.exe
2016-10-23 21:24 - 2016-10-23 21:24 - 0737856 _____ (Oracle Corporation) C:\Users\Leo\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-05-20 11:13 - 2017-05-20 11:15 - 2427936 _____ (Kaspersky Lab) C:\Users\Leo\AppData\Local\Temp\kis_setup.exe
2017-05-09 18:41 - 2017-05-09 18:41 - 0024296 _____ () C:\Users\Leo\AppData\Local\Temp\offerpg3.exe
2015-04-13 00:04 - 2015-04-13 00:04 - 0027648 _____ () C:\Users\Leo\AppData\Local\Temp\pkeyui.exe
2017-05-09 18:41 - 2017-05-09 18:41 - 0024298 _____ () C:\Users\Leo\AppData\Local\Temp\Setup.exe
2017-05-09 18:41 - 2017-05-09 18:41 - 1199825 _____ () C:\Users\Leo\AppData\Local\Temp\unins000.exe
2017-05-10 16:52 - 2014-07-07 18:34 - 0157952 _____ () C:\Users\Leo\AppData\Local\Temp\UninstallSer.exe
2017-05-09 18:41 - 2017-05-09 18:41 - 0597261 _____ () C:\Users\Leo\AppData\Local\Temp\vbsetup.exe
2017-02-15 21:00 - 2017-02-15 21:00 - 2258760 _____ (Link64 GmbH) C:\Users\Leo\AppData\Local\Temp\vdu_uninstall_995106.exe
2017-05-10 17:46 - 2017-05-10 17:46 - 2258760 _____ (Link64 GmbH) C:\Users\Leo\AppData\Local\Temp\vdu_uninstall_a4228.exe
2017-05-10 17:47 - 2017-05-10 17:47 - 2258760 _____ (Link64 GmbH) C:\Users\Leo\AppData\Local\Temp\vdu_uninstall_a7742.exe
2017-05-10 17:47 - 2017-05-10 17:47 - 2258760 _____ (Link64 GmbH) C:\Users\Leo\AppData\Local\Temp\vdu_uninstall_ac1f7.exe
2017-05-12 17:01 - 2017-05-12 17:01 - 2258760 _____ (Link64 GmbH) C:\Users\Leo\AppData\Local\Temp\vdu_uninstall_b13a1.exe
2017-04-10 17:18 - 2017-04-10 17:18 - 0393216 _____ (VISUS Technology Transfer GmbH) C:\Users\Leo\AppData\Local\Temp\VisusClient.dll
2017-05-07 16:17 - 2017-05-07 16:17 - 30533688 _____ () C:\Users\Leo\AppData\Local\Temp\vlc-2.2.4-win32.exe
2015-04-12 22:08 - 2016-08-11 10:10 - 0050848 _____ () C:\Users\Leo\AppData\Local\Temp\wabk.exe
2017-02-23 08:22 - 2017-02-23 08:22 - 0000000 _____ () C:\Users\Leo\AppData\Local\Temp\xldbfyy1.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-28 14:50

==================== Ende von FRST.txt ============================]
         
[/CODE]

Alt 28.05.2017, 17:39   #13
gerdman
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

Addition.txt



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-05-2017
durchgeführt von Leo (28-05-2017 17:20:35)
Gestartet von C:\Users\Leo\Downloads
Windows 10 Pro Version 1511 (X64) (2016-03-11 21:07:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-163866912-915633979-1340512146-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-163866912-915633979-1340512146-503 - Limited - Disabled)
Gast (S-1-5-21-163866912-915633979-1340512146-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-163866912-915633979-1340512146-1002 - Limited - Enabled)
Leo (S-1-5-21-163866912-915633979-1340512146-1001 - Administrator - Enabled) => C:\Users\Leo
UpdatusUser (S-1-5-21-163866912-915633979-1340512146-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {12A48B7F-CAF7-5864-4246-A92366268238}
FW: GÂ*DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1&1 Upload-Manager (HKLM-x32\...\1&1 Upload-Manager) (Version: 2.0.676 - 1&1 Internet AG)
64 Bit HP CIO Components Installer (Version: 21.2.1 - HP Inc.) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
ActKey (x32 Version: 1.7.0.0 - Oki Data Corporation) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.19 - Adobe Systems)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.3 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Aldi Bestellsoftware (HKLM-x32\...\Aldi Bestellsoftware) (Version: 4.15.4 - ORWO_Net)
Allway Sync version 15.1.9 (HKLM-x32\...\Allway Sync_is1) (Version:  - Botkind Inc)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 8.1.2.0 - RedFox)
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Aspera Connect (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Aspera Connect) (Version: 2.7.8.51644 - Aspera Inc.)
Assessments on Client (x32 Version: 10.1.10586.0 - Microsoft) Hidden
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
BMI V6.0.2.0 (HKLM-x32\...\{369006B0-DFF3-4BD9-A861-227BBB68DB3E}_is1) (Version: 6.0.2.0 - SVO-Webdesign GbR)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bonjour SDK (HKLM\...\{C0F5A19A-055A-4902-9D41-864127BFAF11}) (Version: 3.0.0.10 - Apple Inc.)
CD/DVD Diagnostic 3.1 (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Diagnostic) (Version: 3.1 - InfinaDyne)
Cherry eGK/KVK Software V3.3 Build 2 (HKLM-x32\...\{005E2D03-8002-4574-A0E7-A63D3F2A033C}) (Version: 3.3.0.2 - ZF Friedrichshafen AG, Electronic Systems)
Chipcardmaster 7.11 (HKLM-x32\...\Chipcardmaster_is1) (Version:  - Dr. Olaf Jacobsen)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05152 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citrix Online Plug-in - Web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.3.0.8 - Citrix Systems, Inc.)
CloneBD (HKLM-x32\...\CloneBD) (Version: 1.1.5.1 - Elaborate Bytes)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
csveditor (HKLM-x32\...\{1C60FB75-804E-4227-8BCD-058DD5D78AEF}) (Version: 1.3.12 - Bertram Fritz)
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.2.5 - REINER SCT)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.7107.58 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Videorekorder (HKLM-x32\...\Debut) (Version: 2.17 - NCH Software)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DVD Player Server (HKLM-x32\...\{28AD52C7-D208-45B2-9735-1FC4FC8FE352}) (Version: 1.0.0 - Floating Cube Studios)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
EGVP (HKLM-x32\...\{EDA192EA-4DA3-416D-965D-65BFDA0E3715}) (Version: 1.5.3.0 - Governikus KG)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
eMule (HKLM-x32\...\eMule) (Version:  - )
EPSON AL-CX16NF (HKLM\...\EPSON AL-CX16NF) (Version:  - )
EPSON AL-CX16NF Scanner (HKLM-x32\...\InstallShield_{A643B136-69E0-439A-9E9B-C56C524C71AE}) (Version:  - )
EPSON AL-CX16NF Scanner (Version: 1.00.0000 - SEIKO EPSON CORPORATION) Hidden
etope Lister 2 (HKLM-x32\...\etope Lister_is1) (Version:  - Freshworx GmbH & Co.KG)
Express Zip ZIP-Programm (HKLM-x32\...\ExpressZip) (Version: 2.17 - NCH Software)
FastImageResizer (remove only) (HKLM-x32\...\FastImageResizer) (Version:  - )
FileOpen Client B952 (HKLM\...\FileOpenClient_is1) (Version: B952 - FileOpen Systems, Inc.)
Flixster Video (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\5cdf686a56bda3b1) (Version: 2.7.0.602 - Flixster Video)
forteManager (HKLM-x32\...\{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}) (Version: 3.18 - LG Soft India)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.47.511 - Digital Wave Ltd)
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version:  - musetips.com)
Free YouTube Download version 3.2.49.1111 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1111 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.3 - G DATA Software AG)
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GDR 4213 für SQL ServerÂ*2014 (KB3070446) (64-bit) (HKLM\...\KB3070446) (Version: 12.1.4213.0 - Microsoft Corporation)
GDR 4232 für SQL ServerÂ*2014 (KB3194720) (64-bit) (HKLM\...\KB3194720) (Version: 12.1.4232.0 - Microsoft Corporation)
Glary Utilities 5.26 (HKLM-x32\...\Glary Utilities 5) (Version: 5.26.0.45 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.1.0) (HKLM-x32\...\GPG4Win) (Version: 2.1.0 - The Gpg4win Project)
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HealthCoach (HKLM-x32\...\HealthCoach) (Version: 1.3.0.0 - Sanitas)
HealthCoach (x32 Version: 1.3.0.0 - Sanitas) Hidden
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
Hercules-390 (64-Bit) (HKLM\...\{2D3858F0-4380-4437-A5E1-49988AB77241}) (Version: 3.08.00 - Hercules)
HFSExplorer 0.21 (HKLM-x32\...\HFSExplorer) (Version: 0.21 - Catacombae Software)
HL-L2300D series (HKLM-x32\...\{46B58839-2405-48D6-A59D-F8246158A6ED}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP LaserJet P2050 Series 6.0 (HKLM\...\{6F801026-6AF0-4520-9153-4C9B4CAAB361}) (Version: 6.0 - HP)
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
hppQFolderP2050 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppusgP2050 (x32 Version: 1.1.0.1 - Hewlett-Packard) Hidden
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - )
Imaging And Configuration Designer (x32 Version: 10.1.10586.0 - Microsoft) Hidden
Imaging Tools Support (x32 Version: 10.1.10586.0 - Microsoft) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Incomedia WebSite X5 v10 - Evolution (HKLM-x32\...\{0A53AC6C-9E9D-451D-AB28-F5D1427C4D56}_is1) (Version: 10.1.12.57 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version:  - Intel(R) Corporation)
Internet Explorer (x32 Version: 9 - Microsoft Corporation) Hidden
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
iTunes (HKLM\...\{164600BE-9CEC-44E6-9B38-2B12D5FE2342}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Jedermann-Verlag Arbeitsmedizin kompakt (HKLM-x32\...\{D2F656A7-B800-4C45-814B-A3259B48F6AB}_is1) (Version: 20121001 - Jedermann-Verlag GmbH)
JiveX DICOM Viewer 5.0.1 (HKLM-x32\...\JiveX [dv] Viewer 5.0.1) (Version:  - VISUS Technology Transfer GmbH)
JonDo (HKLM-x32\...\JonDoUninstall) (Version:  - )
JOSM 8109 (HKLM-x32\...\JOSM) (Version: 8109 - OpenStreetMap JOSM team)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kits Configuration Installer (x32 Version: 10.1.10586.0 - Microsoft) Hidden
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Lotus Notes 6.5.5 de (HKLM-x32\...\{CCD378A2-71C4-4452-8A9D-D84A6FF9B766}) (Version: 6.55.5334 - IBM)
Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.29 - PasswdFinder)
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
MainConcept DTV Decoder Standard (HKLM-x32\...\{059A00AC-1205-423C-91C7-7E6168D804DA}) (Version: 1.5.0.2 - MainConcept GmbH)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
MarketResearch (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
MATLAB(R) Compiler Runtime 7.11 (HKLM-x32\...\{D7D85875-29FC-4E34-9CBE-3B941FA2317B}) (Version: 7.11 - The MathWorks)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
MEDION GoPal Assistant (HKLM-x32\...\{12C77A13-A31B-4565-8E60-494FD65EBB2F}) (Version: 6.4.17.13525 - MEDION)
Merkblätter Gefährliche Arbeitsstoffe 12-2012 (HKLM-x32\...\Merkblätter Gefährliche Arbeitsstoffe 12-2012_is1) (Version:  - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{3FF70821-58E6-44DA-B512-095F547F3F18}) (Version: 16.4.1734.1104 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A7A76890-1134-424F-97DA-7BED0D9CFA19}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2003 (HKLM-x32\...\{90510407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Report Viewer 2014-Laufzeit (HKLM-x32\...\{30956415-84C1-4F0C-B2AD-BC8944730DDA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{01078B88-2981-4F75-96B0-8B22E2D2DE03}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{375DE766-4467-4F48-B56B-4F543819BAB4}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service  (HKLM\...\{C9533745-8C14-466B-A79B-ECD68D5FD46B}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL ServerÂ*2014 Policies  (HKLM-x32\...\{B23A3E56-8859-4F60-B3FA-FA14DE9050B5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL ServerÂ*2014 Transact-SQL ScriptDom  (HKLM\...\{795A5CC6-05AE-4413-BE9B-81EA902B5086}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 - DEU Language Pack (HKLM\...\{CEDCDF4E-1A8D-3E38-85C5-0437D689B6E5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (HKLM\...\{F14401A9-F0A0-33CC-8444-F60823A60DEB}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 - DEU Language Pack (HKLM-x32\...\{96D7B7B6-424F-3A52-8E8D-32CF2615DBD2}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{346FD26F-E575-4A11-B854-451DA62C96C4}) (Version: 12.1.4100.1 - Microsoft Corporation)
MIR USB driver 64 bit (HKLM-x32\...\{C1B3DBF5-6C3C-4140-91C5-AFACF5422451}) (Version: 2.09 - MIR srl Medical International Research)
Movavi Video Converter 15 (HKLM-x32\...\Movavi Video Converter 15) (Version: 15.2.3 - Movavi)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
Nero BurningROM 12 (HKLM-x32\...\{3D9167B2-87EB-4713-90B4-E46F2CAFE28D}) (Version: 12.0.00300 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}) (Version: 12.0.01000 - Nero AG)
novaPDF (novaPDF 7.7 printer) (HKLM\...\novaPDF_is1) (Version: 7.7.393 - Softland)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\CopyTrans Suite) (Version: 4.008 - WindSolutions)
NVIDIA 3D Vision Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.0.0 - Oki Data Corporation)
OKI Color Swatch-Dienstprogramm (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.12 - Okidata)
OKI MC5(3)x2/ES5(3)4x2 Scanner (HKLM-x32\...\InstallShield_{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
OKI Printer Resetter version 2.0.4 (HKLM-x32\...\{08F16BF9-7D05-424A-82CF-17FD554CD301}_is1) (Version: 2.0.4 - )
Oracle VM VirtualBox 4.2.16 (HKLM\...\{4CC3444D-7279-4E83-984F-18E9A7B2E803}) (Version: 4.2.16 - Oracle Corporation)
Passware Kit 6.1 (HKLM-x32\...\Passware Kit 6.1) (Version:  - )
Password Unmask 2.0 (HKLM-x32\...\Password Unmask 2.0) (Version:  - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.7 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v23.8 (HKLM-x32\...\{211CB564-ED00-4565-A12F-968930872980}) (Version: 23.8 - Spigot, Inc.) <==== ACHTUNG
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
phpDesigner 8 version 8.1.2 (HKLM-x32\...\phpDesigner8_is1) (Version:  - MPSOFTWARE)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Remote Desktop Connection (HKLM-x32\...\{60B9A48D-559E-43FA-8F28-D657190E4E52}) (Version: 5.1.2600.0 - Microsoft)
Return to Castle Wolfenstein (HKLM-x32\...\Return to Castle Wolfenstein) (Version: 1.41 - Activision, Inc.)
RMPrepUSB (HKLM-x32\...\RMPrepUSB) (Version:  - )
SAmAs (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\95c477b3f6750ee5) (Version: 14.0.8.0 - SAmAs GmbH)
SAmAs Chipkartenleser (HKLM-x32\...\{DD35FB6B-24BC-426C-8F6E-3E84225A863F}) (Version: 1.0.2 - SAmAs GmbH)
SAmAs Health & Safety Migration (HKLM-x32\...\{57C82A72-7CB1-4336-A41F-A24786A2B32F}) (Version: 1.1.1 - SAmAs GmbH)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
ScannerDriver (Version: 1.0.2.0 - Oki Data Corporation) Hidden
ScummVM 1.5.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
SDP Downloader (HKLM-x32\...\{B547CB8D-549A-436E-97B5-E79F911B11E2}) (Version: 2.3.0 - SDP Multimedia)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 für SQL Server 2008 R2 (KB2528583) (64-bit) (HKLM\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)
Service Pack 1 für SQL ServerÂ*2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skypeâ„¢ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SpeechExec Dictate (HKLM-x32\...\{CBC4E395-9D14-499E-943C-6EB04FD3877A}) (Version: 8.8.880.1 - Speech Processing Solutions GmbH)
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2014 Analysis Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Client Tools (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Data quality client (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Data quality service (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Data quality service (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Full text search (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Integration Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 RS_SharePoint_SharedService (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 SQL Data Quality Common (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.1.4100.1 - Microsoft Corporation)
StarMoney (x32 Version: 3.0.1.31 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney (x32 Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney (x32 Version: 5.0.1.83 - StarFinanz) Hidden
StarMoney 10 apoEdition (HKLM-x32\...\{6BA6677F-EB85-4E16-BD75-DDCF308A62C7}) (Version: 10 - Star Finanz GmbH)
StarMoney Business 7 apoEdition (HKLM-x32\...\{7963FE3E-06CC-4A68-85F7-78D5A7845A6C}) (Version: 7 - Star Finanz GmbH)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.)
SWFPlayer 2.6.2.0 (HKLM-x32\...\SWFPlayer_is1) (Version: 2.6.2.0 - Michael Faust, Alpha Interactive)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
SysTools Export Notes (HKLM-x32\...\SysTools® Export Notes v7.6 - DEMO Version_is1) (Version:  - )
SysTools Lotus Notes to Outlook Express (HKLM-x32\...\SysTools Lotus Notes to Outlook Express - Demo V~2D9DFA59_is1) (Version:  - )
SysTools NSF Converter 1.0 (HKLM-x32\...\SysTools NSF Converter_is1) (Version:  - )
TapinRadio 1.60.1 (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\TapinRadio_is1) (Version:  - Raimersoft)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.76421 - TeamViewer)
TechniSat DVB-PC TV Star (HKLM-x32\...\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}) (Version: 4.3.3 - TechniSat)
Technisat DVB-VC80 Redistributable Modules (HKLM-x32\...\{134007CC-7026-46C2-B46F-40D9FD2AF385}) (Version: 1.0.0 - Technisat)
testo Comfort Software Basic 5.0 (HKLM\...\{77AF4252-3477-4699-BA11-5C2125F1EFC8}) (Version: 5.0.2637.27231 - testo AG)
The Rosetta Stone (HKLM-x32\...\The Rosetta Stone) (Version:  - )
TomTom MyDrive Connect 4.1.3.2964 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.3.2964 - TomTom)
Toolkit Documentation (x32 Version: 10.1.10586.0 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total Uninstall 6.19.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.19.0 - Gavrila Martau)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Unity Web Player (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{D8125A39-ADEE-4187-B04D-DB6CF489AF61}) (Version: 10.3.5500.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
User State Migration Tool (x32 Version: 10.1.10586.0 - Microsoft) Hidden
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.19 - IDRIX)
VideoDownloaderUltimate (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\VideoDownloaderUltimateWinApp) (Version: 1.0.1.100 - Link64)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC Streamer 4.96 (HKLM-x32\...\VLC Streamer_is1) (Version:  - )
Voice Pro 12 Medical (HKLM\...\{3307914B-B97A-4E01-AEEA-43B373D8E5AD}) (Version: 12.1.115.2134 - Linguatec Sprachtechnologien GmbH)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows 7 Upgrade Advisor (HKLM-x32\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{82daddb6-d4e0-42cb-988d-1e7f5739e155}) (Version: 10.1.10586.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
Windows-Treiberpaket - Norav Medical. Norav Medical USB Drivers (05/04/2009 1.1.6001.18002) (HKLM\...\96312993C1C2495C7A4A8199B742D1432F975104) (Version: 05/04/2009 1.1.6001.18002 - Norav Medical.)
WinHTTrack Website Copier 3.48-21 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
winspiroExpress (HKLM-x32\...\{EB477236-23BA-48A6-9953-429AACF74DD9}) (Version: 1.6.0 - Mir Medical International Research)
WinX Free VOB to MP4 Converter 2.0.8 (HKLM-x32\...\WinX Free VOB to MP4 Converter_is1) (Version:  - Digiarty Software,Inc.)
Wireshark 2.2.1 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.1 - The Wireshark developer community, hxxps://www.wireshark.org)
Wizard101(DE) (HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\Wizard101(DE)_is1) (Version:  - Gameforge 4D GmbH)
Wolfenstein (HKLM-x32\...\InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.11 - Activision)
Wolfenstein (x32 Version: 1.0 - Activision) Hidden
Wolfenstein(TM) 1.11 Patch  (x32 Version: 1.11 - Activision) Hidden
Wolfenstein(TM) 1.11 Patch (x32 Version:  - ) Hidden
WPT Redistributables (x32 Version: 10.1.10586.0 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.10586.0 - Microsoft) Hidden
zebNet Windows Keyfinder 2012 R2 (HKLM-x32\...\zebNet Windows Keyfinder 2012 R24.0.0) (Version: 4.0.0 - zebNet Ltd)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0DBDA382-A88E-418E-979A-4BC03A7D035A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {0FDBBB20-E8DB-4DCD-8169-CCDD71CF41E3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {10C5FA60-5886-4961-B2DA-FDC1BEB32D1D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {182CD8CC-1940-491D-97F2-C39AEC71F9EC} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-05-25] (Glarysoft Ltd)
Task: {20D3359C-A67F-4108-8653-3DE7DA86C255} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {29A20215-B95D-49B5-8220-2AF733CBD430} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {2ACF976A-CB59-41A4-B885-C8E8F751EEA8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {2D158E06-94D2-42D0-B19B-5F4C62DBE966} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {2DDBA27A-ADCC-4274-B460-6C0665E06399} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {333B8B1E-EFF8-4C2D-9481-DD82CC3C8176} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {375A478E-A095-4C08-AB4D-A130A2306E50} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {44DC1C18-5718-4D16-94F9-AA16096FF69A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {482741C6-44FD-4AFF-B7AD-3724FAA1B7B4} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13] (InstallShield Software Corporation)
Task: {50579F35-19BB-4509-8762-A8127BFE5EA5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {558AEA4B-D233-4A15-9EAC-3B866FF126C8} - System32\Tasks\{2A4FEDB8-A692-4FB9-9654-3AD88559F4BD} => pcalua.exe -a C:\PROGRA~2\COMMON~1\NORAVS~1\AddPDF.exe -d C:\PROGRA~2\COMMON~1\NORAVS~1
Task: {55DD31E7-E71A-4980-9A9D-979A54532F0B} - \Audio Clipper -> Keine Datei <==== ACHTUNG
Task: {5B7DEE6C-972E-4CF4-8D90-E295E1CA8A8B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {5C4634CB-7B77-4AB0-BF1D-3DB2EB4CD807} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {641CE94D-C689-4742-80EF-D61761166993} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {65285E64-B5E8-45EC-A969-D6C915C97B91} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {656D261E-CDAD-4321-ADD9-BD6669AF71B9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6765400A-8BA2-416B-BFEB-20CED9BCA197} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {67CF1B02-3968-465E-A80C-21BB2B8913D8} - System32\Tasks\{AA1C2385-0C9A-44BA-99FE-A00F46E11B94} => pcalua.exe -a C:\Users\Leo\Downloads\streamtransport2171_setup.exe -d C:\Users\Leo\Desktop
Task: {6BAC80E1-C6DB-49EF-A3A6-B9D4FBA2ACE3} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-05-25] (Glarysoft Ltd)
Task: {73691B48-ACB5-4FE4-BC1E-C9B35A8E05D2} - System32\Tasks\{9DE7791A-65AA-4289-AA72-8BC92D1E2D9A} => pcalua.exe -a "C:\Users\Leo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A4ZXRLFD\AudibleDM_iTunesSetup (1).exe" -d C:\Users\Leo\Desktop
Task: {744DF543-3336-40C7-9126-B9DFB84A18AF} - System32\Tasks\Haxi- White 1-5 patch => Rundll32.exe "C:\Program Files\Haxi- White 1.5 patch\Haxi- White 1.5 patch.dll",mGqbqo
Task: {775C5B89-7A8C-4DA6-9D9F-8A613F8C44DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {77D92256-4485-429F-96A8-B70DC692E414} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {7D1D5181-8518-497F-A85D-197BCFD2C6F0} - System32\Tasks\AdobeAAMUpdater-1.0-Quadcore-I5-Leo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {80574E43-49AD-4904-BC40-C509C78C4EF2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {80DD0136-5F09-4E8E-AC41-F264CEA95B18} - System32\Tasks\{E4C80C91-E935-44B2-BC57-DC6C95A3AFC3} => pcalua.exe -a C:\PROGRA~2\COMMON~1\NORAVS~1\DRIVER~1.EXE -d C:\PROGRA~2\COMMON~1\NORAVS~1 -c 256
Task: {83BCCDCF-9735-47D4-B2BD-441C07CF4841} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8F906B8B-CB1D-4BC5-92E6-02CC1B9C6185} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {912DCEFC-E9BC-492F-9D5A-1AE958F1C44D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9295EAB4-7709-4F23-97D3-EBA8A63CB5CA} - System32\Tasks\GoogleUpdateTaskMachineUA1d15dbbea352be2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9B1117AF-2590-4BD4-8A59-6B0EA892DF45} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {9F08CB19-C7E3-4E9D-896B-653DDABEE7DC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {A4C75D7B-6993-494B-8F92-1EA0483E2454} - \Microsoft\Windows\MemoryDiagnostic\VideoMemoryDiagnostic -> Keine Datei <==== ACHTUNG
Task: {ACA7972C-0BE7-40D1-9DA5-FABF02BBC6D8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {B68A89E7-CD79-4163-9AE5-58FE3AF9BB33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B694E68B-2BFB-4EDB-81CB-50AF34B64BA0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C9840531-AF57-482B-ABF9-9F91371DFF78} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-24] (Adobe Systems Incorporated)
Task: {C9A4D233-75BA-4936-A7ED-04B8C9290539} - System32\Tasks\{2E1B7671-2DB3-4FFD-A53A-7AEA8EDB4608} => pcalua.exe -a F:\AUTORUN.EXE -d F:\
Task: {CB5CF54C-415A-44DC-9D73-5493E678341F} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dbbe9c08875 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D1B5BABA-CDEB-4242-AE75-EFCE35AE2B85} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E14E4CB8-2723-4C52-9DD3-AE2CD878A179} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {E4D800BC-5CD1-4787-8749-84DB1266CBA9} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2004-04-17] (InstallShield Software Corporation)
Task: {E6FEEC60-0E5C-447A-9594-CFE2AD37A07F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E73D4B5B-B55C-4AA3-A9A6-FDA77996D824} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {EABB2D3A-DE8F-4C5A-B03C-EA93BFDADF21} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {EE417102-B839-4882-B191-218102D878C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {EE6A80C1-A146-4FB3-B9A9-B018BC17C55D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F41C177F-C173-4C05-9260-741734FFC6A8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FEA49DE7-18D6-44D4-AB41-80C916D5EBB8} - System32\Tasks\Stackout => Rundll32.exe "C:\Program Files\Stackout\Stackout.dll",DqOLeCNPEg
Task: {FEE7E874-B59E-4D42-8C28-523DC88DC588} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Audio Clipper.job => rundll32.exe  C:\Program Files\Audio Clipper\Audio Clipper.dll
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Haxi- White 1-5 patch.job => rundll32.exe   C:\Program Files\Haxi- White 1.5 patch\Haxi- White 1.5 patch.dll
Task: C:\Windows\Tasks\Stackout.job => rundll32.exe   C:\Program Files\Stackout\Stackout.dll

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Leo\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm
Shortcut: C:\Users\Leo\Desktop\samas.bat - Verknüpfung.lnk -> C:\laborquade\exe\samas.bat ()
Shortcut: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Meine Websites auf MSN\target.lnk -> hxxp://www.msnusers.co
Shortcut: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Homa1 auf edu.ts-salzburg.at\target.lnk -> hxxp://edu.ts-salzburg.at/kilianonline/Homa

ShortcutWithArgument: C:\Users\Leo\Desktop\Videociety Movieplayer 1.1 (2).lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 2296157175.www.videociety.de
ShortcutWithArgument: C:\Users\Leo\Desktop\Videociety Movieplayer 1.1.lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 2748084553.www.videociety.de
ShortcutWithArgument: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videociety Movieplayer 1.1 (2).lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 2296157175.www.videociety.de
ShortcutWithArgument: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videociety Movieplayer 1.1.lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 2748084553.www.videociety.de

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2017-03-17 17:56 - 2017-03-04 07:31 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-06-07 20:58 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2016-06-07 20:58 - 2006-02-22 10:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2015-04-09 18:59 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2015-07-08 19:41 - 2015-04-13 15:55 - 00182784 _____ () C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
2016-10-05 19:17 - 2016-10-05 19:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-10 18:04 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2011-03-02 17:20 - 2011-03-02 17:20 - 00224256 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2017-05-28 16:51 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2009-12-14 15:13 - 2009-12-14 15:13 - 00079872 _____ () C:\WINDOWS\system32\CX16FWDV.dll
2017-01-10 12:47 - 2017-01-10 12:47 - 00546280 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2017-05-12 17:57 - 2017-04-28 06:30 - 02656960 _____ () C:\Windows\system32\CoreUIComponents.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-04-19 17:19 - 2016-04-19 17:19 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-19 01:08 - 2016-11-02 00:05 - 00401896 _____ () C:\Windows\system32\igfxTray.exe
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 11:19 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2017-03-17 17:56 - 2017-03-04 05:19 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 17:56 - 2017-03-04 05:14 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-12 17:57 - 2017-04-28 01:46 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-12 17:57 - 2017-04-28 01:49 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-22 18:14 - 2017-03-22 18:14 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-03-22 18:14 - 2017-03-22 18:14 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll
2016-08-10 18:04 - 2017-05-28 17:08 - 00033936 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-08-10 18:04 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2011-03-02 17:16 - 2011-03-02 17:16 - 00208384 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2011-03-02 17:11 - 2011-03-02 17:11 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2011-03-02 17:16 - 2011-03-02 17:16 - 00073216 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2011-03-02 17:13 - 2011-03-02 17:13 - 00048640 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2011-03-02 17:17 - 2011-03-02 17:17 - 00603136 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2014-11-23 11:17 - 2016-05-11 16:11 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-11-23 11:17 - 2016-05-11 16:11 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-11-23 11:17 - 2016-05-11 16:11 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-12-13 21:25 - 2016-01-28 16:33 - 01058624 _____ () C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\libxml2.dll
2016-12-13 21:25 - 2011-01-13 12:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\PATCHW32.dll
2016-04-19 17:19 - 2016-04-19 17:19 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-03-12 14:09 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-10-06 22:13 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-04-26 20:51 - 2016-11-01 05:22 - 00866072 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\common\UNO\UNO.dll
2017-04-26 20:50 - 2011-08-24 04:39 - 00081920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\koan\_ctypes.pyd
2017-04-26 20:50 - 2011-08-24 04:39 - 00053248 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd
2017-04-26 20:50 - 2011-08-24 04:39 - 00655360 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd
2012-10-20 06:42 - 2012-07-18 11:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-10-20 08:11 - 2012-02-27 13:00 - 00030432 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\ProcessPrivileges.dll
2012-10-20 08:11 - 2012-02-27 13:00 - 00215264 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\System.ComponentModel.Composition.dll
2012-10-20 08:11 - 2012-02-27 13:00 - 00051424 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Interop.TaskScheduler.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:F0D7EE30 [117]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\comdirect.de -> hxxps://comdirect.de
IE trusted site: HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\habitans.de -> hxxp://www.habitans.de
IE trusted site: HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\ias-gruppe.de -> hxxps://start.ias-gruppe.de
IE trusted site: HKU\S-1-5-21-163866912-915633979-1340512146-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172044926\...\comdirect.de -> hxxps://comdirect.de
IE trusted site: HKU\S-1-5-21-163866912-915633979-1340512146-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172044926\...\habitans.de -> hxxp://www.habitans.de
IE trusted site: HKU\S-1-5-21-163866912-915633979-1340512146-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172044926\...\ias-gruppe.de -> hxxps://start.ias-gruppe.de

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-22 22:43 - 2017-05-28 15:23 - 00000856 _____ C:\Windows\system32\Drivers\etc\hosts

192.168.0.100           server

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-163866912-915633979-1340512146-1001\Control Panel\Desktop\\Wallpaper -> c:\users\leo\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{68935d15-ce0b-4678-81e6-92f06fb5967c}.bmp
HKU\S-1-5-21-163866912-915633979-1340512146-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172044926\Control Panel\Desktop\\Wallpaper -> c:\users\leo\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{68935d15-ce0b-4678-81e6-92f06fb5967c}.bmp
HKU\S-1-5-21-163866912-915633979-1340512146-1003\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-163866912-915633979-1340512146-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172045489\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172045535\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172045567\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172045598\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-344959196-2060754871-2302487193-2804545603-1466107430-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172045629\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172045645\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172045676\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "FileOpenBroker"
HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "LogitechQuickCamRibbon"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-163866912-915633979-1340512146-1001\...\StartupApproved\Run: => "VeraCrypt"
HKU\S-1-5-21-163866912-915633979-1340512146-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172044926\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-163866912-915633979-1340512146-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017172044926\...\StartupApproved\Run: => "VeraCrypt"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{AF84A180-DEBC-416E-A2E6-048B41B96DB8}] => (Allow) LPort=135
FirewallRules: [{07756C21-056D-4E00-95BE-4C798DA8F67A}] => (Allow) C:\CGM\PRAXISARCHIV\Common\FaxSrv\FaxServer.exe
FirewallRules: [{FA21F95A-6AB7-42D0-B1CB-B07B7C297420}] => (Allow) C:\CGM\PRAXISARCHIV\Client\WordX.exe
FirewallRules: [{4E85966A-D839-490F-BFA7-31F2FB8FD331}] => (Allow) C:\CGM\PRAXISARCHIV\Client\OfficeConnect.exe
FirewallRules: [{02920CD5-AAAE-4CD7-B5A3-CCB8C9E1EB6F}] => (Allow) C:\CGM\PRAXISARCHIV\ArchiveTracerMT.exe
FirewallRules: [{3E7D5148-AE2A-4928-9133-E63AA5FFFC8E}] => (Allow) C:\CGM\PRAXISARCHIV\Client\PraxisArchiv.exe
FirewallRules: [{B1046F8F-0597-404C-902D-F4002E7523D8}] => (Allow) \\192.168.178.3\StarMoney\app\StarMoney.exe
FirewallRules: [{622822F8-4293-49E7-ABA3-1531A74FEFDB}] => (Allow) \\192.168.178.3\StarMoney\app\StarMoney.exe
FirewallRules: [{9B74CDE8-CFF0-4C1A-90FD-B66A3591EDDC}] => (Allow) \\192.168.178.3\StarMoney\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{DBA77E65-DEBC-4E6F-AF7B-97A4D6363557}] => (Allow) \\192.168.178.3\StarMoney\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{C557B851-2C10-4356-B2CA-6523FDD5E5AE}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{90368091-5BA0-4FEB-9103-A1F46C6D0B2A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D35F0802-7495-4F2B-95E3-72C571277458}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E6345B5F-9846-4BA9-A18C-73CD763F0362}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{21AEC0FD-8694-4A28-8303-04D7A421C6A0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E000B90A-B46C-402D-A7CF-9CDF02F1F0F4}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
FirewallRules: [{2E0DACCB-7FC2-4337-B4D4-AECF14C7B498}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
FirewallRules: [{0FE0D37E-027A-47B2-AEB6-6383B26CFF8D}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
FirewallRules: [{FB1E73A7-B1A5-41A4-BA99-A88AF79E4DEB}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
FirewallRules: [{F0957041-5A9F-4D7B-B47F-FC9FC1AD7163}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{0962B175-80F2-46B0-86FB-DFB7F2BDA023}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{16432461-2847-4A95-8489-146679981895}] => (Allow) LPort=1900
FirewallRules: [{7DBCF48B-C2D6-4A02-A4B8-32782055EE40}] => (Allow) LPort=2869
FirewallRules: [{45855D4E-456C-48DD-8B39-F583BEDF89B4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{71BFDFF2-D1E0-4D97-BDAF-CD7700FB882D}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{0F9D396C-1BBB-410A-A416-3B8A898E241A}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{949BEB65-1EDF-432B-B6E6-D40D3FDC96F7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{ED0F1832-C017-40B6-82CF-C1A8812DFDF9}] => (Allow) C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MPLite.exe
FirewallRules: [{5F15AD17-4975-4E59-BDFC-B0252523C609}] => (Allow) C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MPLite.exe
FirewallRules: [{B6EDF6CB-101F-4B78-AA43-070D015A56A6}] => (Allow) C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MP.exe
FirewallRules: [{4C5093BB-F081-498D-9BDF-5FFFA0BE1DBC}] => (Allow) C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MP.exe
FirewallRules: [{B6EF11F6-4E10-4925-936B-86C73C0E5263}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{580539F6-F41B-4C32-9610-FBFFFD3C12DD}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{2009B2DE-F2BC-4100-9F54-5D0CC8632CCD}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\app\StarMoney.exe
FirewallRules: [{053ABCF5-7C15-4C9C-9B88-878A528896A5}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\app\StarMoney.exe
FirewallRules: [{031C7255-B11D-4B25-9D7E-9FD0CEAB8A41}] => (Allow) C:\Program Files (x86)\Cherry\eGK_KVK_Software\Demos\ReadeGK\ReadeGK32.exe
FirewallRules: [{E5FE7B30-919B-4798-87F2-5BC286A505B3}] => (Allow) C:\Program Files (x86)\Cherry\eGK_KVK_Software\Demos\ReadeGK\ReadeGK32.exe
FirewallRules: [TCP Query User{2E5ABACA-5719-485E-81A8-833797E38277}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe
FirewallRules: [UDP Query User{81B3521F-1AB9-4B6D-9FCF-4206D0EE8C5D}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe
FirewallRules: [{CA567A32-481C-48BE-B356-F151223C1AAC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{6950C19C-BD66-48AD-9F8F-22F6FB57FF2D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2FF487DD-BB04-43AD-BFCA-1F15CF9C92AF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3FFD02F1-835D-4199-B00A-BAD55655128F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B18F2AA9-E548-48A3-AF7D-C275143028D6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3EA281A7-2A34-4CF8-B752-F7B955559DF0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{97B9731C-7BB8-4286-9D1D-F136EC81377E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{1B661A68-A169-465F-B34D-88FDA3153E63}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{0C5E267A-B231-4DC9-93E5-620D00E17746}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{872A5847-C3A8-4F15-AE31-4F96DE392C26}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{A5B8631B-AEE7-450F-A599-C4D8D5937C6F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{F6A191A7-3434-4035-A688-9F51678A7820}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{E7D731A9-5D62-418F-A537-F82F15529200}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C23A4A2E-9A6E-4F33-A04D-EC562D4A3B60}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0703064-C61B-495C-8D3D-A200B25D33D4}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{22EE1F05-6E38-40B4-9B5C-1206BF03F4CC}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{761B88A7-2FEE-4973-A5B6-56FF309C8619}] => (Allow) C:\Windows\System32\rundll32.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/28/2017 05:12:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.5.0.1207, Zeitstempel: 0x4ffb4350
Name des fehlerhaften Moduls: IAStorUtil.ni.dll, Version: 11.5.0.1207, Zeitstempel: 0x4ffb434b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e421
ID des fehlerhaften Prozesses: 0x2aac
Startzeit der fehlerhaften Anwendung: 0x01d2d7c4d91b96fe
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\881397a9c7e96b1715d0779c44f6172c\IAStorUtil.ni.dll
Berichtskennung: a6b6ba4f-4b1e-4e38-8c1d-12fc9a647125
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/28/2017 05:12:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (05/28/2017 05:08:52 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) kann nicht mit der Berichtsserver-Datenbank verbunden werden.

Error: (05/28/2017 04:56:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Assessment Toolkit\Energy\arm\energy.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 04:56:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Assessment Toolkit\Energy\arm64\energy.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 04:56:02 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\ManagementStudio\CopyDatabaseWizard.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\ManagementStudio\CopyDatabaseWizard.exe" in Zeile 8.
Der Wert "1.0" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/28/2017 04:55:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\activision\wolfenstein\mp\ServerLauncher.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.839_none_ea8af107b9b5cbb4.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.839_none_a2ddba30a539a2ae.manifest.

Error: (05/28/2017 04:51:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 11.5.0.1207, Zeitstempel: 0x4ffb4350
Name des fehlerhaften Moduls: IAStorUtil.ni.dll, Version: 11.5.0.1207, Zeitstempel: 0x4ffb434b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e421
ID des fehlerhaften Prozesses: 0x2ba0
Startzeit der fehlerhaften Anwendung: 0x01d2d7c1f3a7a4d2
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Pfad des fehlerhaften Moduls: C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\881397a9c7e96b1715d0779c44f6172c\IAStorUtil.ni.dll
Berichtskennung: 55f52574-9c23-41a5-bf31-26cae5ae5978
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/28/2017 04:51:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorDataMgrSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
   bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (05/28/2017 04:50:28 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) kann nicht mit der Berichtsserver-Datenbank verbunden werden.


Systemfehler:
=============
Error: (05/28/2017 05:14:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/28/2017 05:12:35 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Ãœbermittlungsoptimierung" wurde nicht richtig gestartet.

Error: (05/28/2017 05:09:16 PM) (Source: DCOM) (EventID: 10016) (User: Quadcore-I5)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Quadcore-I5\Leo" (SID: S-1-5-21-163866912-915633979-1340512146-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2017 05:09:16 PM) (Source: DCOM) (EventID: 10016) (User: Quadcore-I5)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Quadcore-I5\Leo" (SID: S-1-5-21-163866912-915633979-1340512146-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2017 05:09:16 PM) (Source: DCOM) (EventID: 10016) (User: Quadcore-I5)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Quadcore-I5\Leo" (SID: S-1-5-21-163866912-915633979-1340512146-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2017 05:09:16 PM) (Source: DCOM) (EventID: 10016) (User: Quadcore-I5)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Quadcore-I5\Leo" (SID: S-1-5-21-163866912-915633979-1340512146-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2017 05:09:16 PM) (Source: DCOM) (EventID: 10016) (User: Quadcore-I5)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Quadcore-I5\Leo" (SID: S-1-5-21-163866912-915633979-1340512146-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2017 05:09:16 PM) (Source: DCOM) (EventID: 10016) (User: Quadcore-I5)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Quadcore-I5\Leo" (SID: S-1-5-21-163866912-915633979-1340512146-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2017 05:09:16 PM) (Source: DCOM) (EventID: 10016) (User: Quadcore-I5)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Quadcore-I5\Leo" (SID: S-1-5-21-163866912-915633979-1340512146-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2017 05:09:16 PM) (Source: DCOM) (EventID: 10016) (User: Quadcore-I5)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Quadcore-I5\Leo" (SID: S-1-5-21-163866912-915633979-1340512146-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-05-19 18:42:06.554
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-14 15:22:57.264
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-14 15:22:57.109
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-14 15:16:50.081
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-05-14 15:15:04.706
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-14 15:15:04.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-14 15:02:38.376
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-12 22:28:31.313
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-05-12 22:00:00.091
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-12 18:41:57.442
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8063.92 MB
Verfügbarer physikalischer RAM: 4828.11 MB
Summe virtueller Speicher: 16255.92 MB
Verfügbarer virtueller Speicher: 12600.07 MB

==================== Laufwerke ================================

Drive c: (WIN_10) (Fixed) (Total:465.31 GB) (Free:37.39 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Data) (Fixed) (Total:1863.01 GB) (Free:442.79 GB) NTFS
Drive z: (Mediaserver) (Network) (Total:1266.84 GB) (Free:91.46 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0EB7B139)
Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: AF9F62FB)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Code:
ATTFilter
# AdwCleaner v6.046 - Bericht erstellt am 28/05/2017 um 16:47:11
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-04-24.1 [Lokal]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Leo - QUADCORE-I5
# Gestartet von : C:\Users\Leo\Desktop\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

[-] Dienst gelöscht: Program Manager


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\ProgramData\saavensharE
[-] Ordner gelöscht: C:\ProgramData\saevenshare
[-] Ordner gelöscht: C:\ProgramData\SearchNewTab
[-] Ordner gelöscht: C:\Users\Leo\AppData\Local\Babylon
[-] Ordner gelöscht: C:\Users\Leo\AppData\Local\AppTrailers
[-] Ordner gelöscht: C:\Users\Leo\AppData\Roaming\Babylon
[-] Ordner gelöscht: C:\Users\Leo\AppData\Roaming\EZDownloader
[-] Ordner gelöscht: C:\Users\Leo\AppData\Roaming\LookThisUp
[-] Ordner gelöscht: C:\Users\Leo\AppData\Roaming\Yahoo!\Companion
[-] Ordner gelöscht: C:\Transfer
[-] Ordner gelöscht: C:\ProgramData\Babylon
[-] Ordner gelöscht: C:\ProgramData\VideoDownloaderUltimateWinApp
[-] Ordner gelöscht: C:\ProgramData\ytd video downloader
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Ordner gelöscht: C:\Program Files (x86)\Application Updater
[-] Ordner gelöscht: C:\Program Files (x86)\EZDownloader
[-] Ordner gelöscht: C:\Program Files (x86)\FLV Player
[-] Ordner gelöscht: C:\Program Files (x86)\GreenTree Applications
[-] Ordner gelöscht: C:\Program Files (x86)\myfree codec
[-] Ordner gelöscht: C:\Program Files (x86)\pdfforge Toolbar
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\ProgramManager
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\freemake shared


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\Public\Desktop\EZDownloader.lnk
[-] Datei gelöscht: C:\Users\Public\Desktop\YTD Video Downloader.lnk
[-] Datei gelöscht: C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\z4l03ruv.default-1494428104936\extensions\ffext_basicvideoext@startpage24.xpi
[-] Datei gelöscht: C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****

[-] Verknüpfung desinfiziert: C:\Users\Public\Desktop\Google Chrome.lnk
[-] Verknüpfung desinfiziert: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] Verknüpfung desinfiziert: C:\Users\Leo\Desktop\Internet Explorer.lnk
[-] Verknüpfung desinfiziert: C:\Users\Leo\Desktop\Start Tor Browser.lnk
[-] Verknüpfung desinfiziert: C:\Users\Leo\Desktop\Tor Browser\Start Tor Browser.lnk
[-] Verknüpfung desinfiziert: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
[-] Verknüpfung desinfiziert: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox\Firefox-Profilmanager.lnk
[-] Verknüpfung desinfiziert: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox\JonDoFox Hilfe.lnk
[-] Verknüpfung desinfiziert: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox\JonDoFox starten.lnk
[-] Verknüpfung desinfiziert: C:\Users\Leo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Verknüpfung desinfiziert: C:\Users\Leo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk


***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: program manager


***** [ Registrierungsdatenbank ] *****

[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\services\program manager
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Prod.cap
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\APN PIP
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\BABSOLUTION
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\BI
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Conduit
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\LookThisUp
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Myfree Codec
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Yahoo\Companion
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Yahoo\YFriendsBar
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\YahooPartnerToolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Link64
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\VideoBox
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\AppDataLow\Software\Settings Manager
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\AppDataLow\Software\AppTrailers
[-] Schlüssel gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1003\Software\Myfree Codec
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\APN PIP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\BABSOLUTION
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\BI
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\LookThisUp
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Myfree Codec
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Yahoo\YFriendsBar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\YahooPartnerToolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Link64
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\VideoBox
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\Settings Manager
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\AppTrailers
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Application Updater
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Conduit
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel gelöscht: HKLM\SOFTWARE\PIP
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FE5AE7DC-7B01-4263-A94C-B4526C276550_is1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\APN PIP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\BABSOLUTION
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\BI
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\LookThisUp
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Myfree Codec
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Yahoo\YFriendsBar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\YahooPartnerToolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Link64
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\VideoBox
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\Settings Manager
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\AppTrailers
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Wert gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Windows\CurrentVersion\Run [iDevice Manager Launcher]
[-] Wert gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [iDevice Manager Launcher]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iDevice Manager Launcher]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iDevice Manager Launcher]
[-] Wert gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Windows\CurrentVersion\Run [VideoDownloaderUltimate]
[-] Wert gelöscht: HKU\S-1-5-21-163866912-915633979-1340512146-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [VideoDownloaderUltimate]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [VideoDownloaderUltimate]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [VideoDownloaderUltimate]
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [AppTrailers]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FLVPlayer.exe
[-] Schlüssel gelöscht: HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
[-] Wert gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]


***** [ Browser ] *****

[-] [C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: yahoo.com search


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [15516 Bytes] - [28/05/2017 16:47:11]
C:\AdwCleaner\AdwCleaner[S0].txt - [15314 Bytes] - [28/05/2017 16:45:57]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [15664 Bytes] ##########
         

Alt 28.05.2017, 17:45   #14
gerdman
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

malwarebytes Logfile



habe die Datei als ZIP angehängt ( ungezipt ist sie ca. 570 MB groß)
Angehängte Dateien
Dateityp: zip mbam-copy.zip (22,2 KB, 2x aufgerufen)

Alt 28.05.2017, 18:41   #15
burningice
/// Malwareteam
 
Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Standard

Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"



du meinst wohl Kilobytes haha

Die FRST Logs kannst gleich nochmal machen, Haken bei allen Whitelists wieder aktivieren und nur zusätzlich bei Adition.txt
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Antwort

Themen zu Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"
automatisch, avast, betrieb, deinstallation, einträge, erneut, gdata, gesperrt, hallo zusammen, hinweis, installieren, internet, komplett, laden, liste, nichts, offline, plötzlich, security, suche, updates, win, windows, zusammen, ähnliches



Ähnliche Themen: Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"


  1. Nicht auffindbarer hartnäckiger Virus/ Trojaner "Gerrupy""snare" "MIO" und weitere
    Log-Analyse und Auswertung - 02.06.2017 (20)
  2. Plötzlich Software "picexa.exe" installiert, "delta-homes.com" als Startseite in sämtlichen Browsern
    Log-Analyse und Auswertung - 10.04.2015 (11)
  3. WIN 8: PC installiert automatisch neue Programme/Apps: z.B. "Game Hug Acarde" oder "Any Protect"
    Log-Analyse und Auswertung - 19.02.2015 (10)
  4. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  5. Programme werden bei "Programme und Funktionen" nicht angezeigt (Windwos 7)
    Log-Analyse und Auswertung - 13.05.2014 (2)
  6. plötzlich sämtliche Dateien/Ordner/Programme weg, Desktop schwarz
    Plagegeister aller Art und deren Bekämpfung - 04.04.2013 (36)
  7. "Deutsche Post(eMail-Anhang)" Alle "EXE(Programme)" werden blockiert "WIN 7 Defender"
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (3)
  8. SSL-Zertifikate und "der gefährlichste Code der Welt"
    Nachrichten - 25.10.2012 (0)
  9. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  10. "system error. hard disk failure detected" sämtliche daten gelöscht
    Log-Analyse und Auswertung - 25.05.2012 (29)
  11. Infaktion: "Iphone 4 gewonnen" + sämtliche Sicherheitstools deaktiviert
    Log-Analyse und Auswertung - 31.05.2011 (9)
  12. Nach dem "Windows diagnostic" virus- alle programme wird nicht angezeigt+ skype funzt. nicht
    Plagegeister aller Art und deren Bekämpfung - 24.04.2011 (6)
  13. Programme aus "Programme"-Ordner öffnen nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 20.03.2011 (1)
  14. "normale" Websiten öffnen sich plötzlich nicht mehr
    Alles rund um Windows - 02.06.2010 (1)
  15. Sämtliche accounts "gehijackt"!
    Plagegeister aller Art und deren Bekämpfung - 23.12.2009 (1)
  16. plötzlich "keine berechtigung" auf Programme (exe.dateien) aufzurufen
    Plagegeister aller Art und deren Bekämpfung - 10.04.2009 (7)
  17. Sämtliche Suchmaschinen melden "Malware-Warnung"
    Plagegeister aller Art und deren Bekämpfung - 28.02.2009 (7)

Zum Thema Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" - Hallo zusammen, nach einem Websitebesuch auf einer halbseidenen Page mit Keygens u.a. stellte ich fest, dass mein GData Internet Security keien Updates mehr laden konnte. Neuinstallation und Deinstallation wurde mit - Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate"...
Archiv
Du betrachtest: Sämtliche AV-Programme plötzlich im Zertifikatsspeicher von Win 10 als "nicht vetrauenswürdige Zertifikate" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.