RegSvr32 - Fehler beim Laden des Moduls ""
Hallo Trojaner-Board Team,
beim Start des Notebooks erfolgt nacheinander 4x die Anzeige des Fensters
RegSvr32 - Fehler beim Ladendes Moduls ""
Kann das ein Trojaner oder ein Virus sein??? Ich bitte um Hilfe bei der Beseitigung.
Malwarebytes ANTI-MALWARE liefert folgendes Logfile: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 28.05.2016
Suchlaufzeit: 23:49
Protokolldatei: 2016-05-29_2_log.txt
Administrator: Ja
Version: 2.2.1.1043
Malware-Datenbank: v2016.05.28.07
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Aktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: *****
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 425490
Abgelaufene Zeit: 51 Min., 24 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 4
Hijack.SecurityRun, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\SAFER\CODEIDENTIFIERS\0\PATHS\{50AC5F38-0A5C-4C09-A764-572259A72749}, In Quarantäne, [c681e2f9c3d634020c95bcb8cb3829d7],
Hijack.SecurityRun, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\SAFER\CODEIDENTIFIERS\0\PATHS\{5F82316B-7226-4A06-BBDF-42DB7D881F02}, In Quarantäne, [d473ffdc5a3f47ef2978beb657ac4bb5],
Hijack.SecurityRun, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\SAFER\CODEIDENTIFIERS\0\PATHS\{50AC5F38-0A5C-4C09-A764-572259A72749}, In Quarantäne, [b493a437adeccd696839056fbe457888],
Hijack.SecurityRun, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\SAFER\CODEIDENTIFIERS\0\PATHS\{5F82316B-7226-4A06-BBDF-42DB7D881F02}, In Quarantäne, [2027eaf13861a393455cfa7a1ce7d52b],
Registrierungswerte: 4
Hijack.SecurityRun, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\SAFER\CODEIDENTIFIERS\0\PATHS\{50AC5F38-0A5C-4C09-A764-572259A72749}|ItemData, C:\Program Files (x86)\Avira, In Quarantäne, [c681e2f9c3d634020c95bcb8cb3829d7]
Hijack.SecurityRun, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\SAFER\CODEIDENTIFIERS\0\PATHS\{5F82316B-7226-4A06-BBDF-42DB7D881F02}|ItemData, C:\Documents and Settings\All Users\Application Data\Avira, In Quarantäne, [d473ffdc5a3f47ef2978beb657ac4bb5]
Hijack.SecurityRun, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\SAFER\CODEIDENTIFIERS\0\PATHS\{50AC5F38-0A5C-4C09-A764-572259A72749}|ItemData, C:\Program Files (x86)\Avira, In Quarantäne, [b493a437adeccd696839056fbe457888]
Hijack.SecurityRun, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\SAFER\CODEIDENTIFIERS\0\PATHS\{5F82316B-7226-4A06-BBDF-42DB7D881F02}|ItemData, C:\Documents and Settings\All Users\Application Data\Avira, In Quarantäne, [2027eaf13861a393455cfa7a1ce7d52b]
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 5
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK, C:\Users\Bernd\AppData\LocalLow\AskToolbar, In Quarantäne, [06414b90217841f5885c228c8a786e92],
PUP.Optional.ASK, C:\Users\Bernd\AppData\LocalLow\AskToolbar\APNU, In Quarantäne, [06414b90217841f5885c228c8a786e92],
PUP.Optional.ASK, C:\Users\Wanja\AppData\LocalLow\AskToolbar, In Quarantäne, [9cabcd0eafea69cd568eab03fb073dc3],
PUP.Optional.ASK, C:\Users\Wanja\AppData\LocalLow\AskToolbar\APNU, In Quarantäne, [9cabcd0eafea69cd568eab03fb073dc3],
Dateien: 194
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb0036448e-5c9c-4948-9b5e-a6b9828ba7f3.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb040b4f04-0987-4a76-9220-cf116e6e7dee.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb07e56f27-b30b-4c15-b166-a5c877a30a23.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb0a472934-0844-42c1-8da4-f987d0a9e489.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb0ab66ea4-8e37-4b27-9376-903816eba98f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb0b7eb934-918c-4140-a508-c975d1952da9.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb0bb3ef8d-64f6-4846-a56e-17c547cd1bdf.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb0be95eaf-eb17-4cc6-8cd1-e6e03f719786.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb0c8a9568-a22d-43b4-be2b-c6f0e41b73ff.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb0e4e5e22-49a3-4136-a7b9-15ecc1c55f67.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb0fc31ead-bc9e-4f38-9e96-e910bda2d80f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb7b8b57d8-ccea-4ee8-b753-5f0671889b7b.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb7fda7a98-bb91-4e45-b042-e9dc1c33598d.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb80e00d5c-db71-46d3-ac95-f512a131269f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb81d3d98a-1204-4087-8549-f4acb9ca0f43.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb8205746f-e724-4880-9650-35fcc3aeb105.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb82723ed0-2918-4c58-99d4-0efa8b3316e0.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb82c92846-cec7-4ba3-a080-cc22d4600361.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb85b8c38b-e156-458e-a76a-0f7ad3cb1202.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb88c29196-8361-491a-a0ab-b5f0a16ff657.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbd5d416bc-31b1-4aed-a5e6-a6548c27396c.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbd6bb4495-dc9b-42ff-a816-e4f056e3e006.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbdb133ec0-8804-44bf-88a5-5f3422a839cf.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbdc4e034e-1a51-41de-a848-94bb2f1828f3.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbddbc6d58-26f6-412b-8916-6e5531302e99.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbdde4f4ab-5b3b-44d3-9f12-7a8c46b78d2d.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbde4ab18c-57c5-4fa9-9677-529cc75284f8.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbdeb5ee05-e022-47ef-8db3-af1305322f0f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb40929016-4dbe-4843-902d-a1903fcf0669.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb41b27026-5f1e-480a-a7d6-7cbc4bd79a28.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb41c5baa8-7498-4465-a44e-c06c9bbe8a7c.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb4234955d-fc78-424b-a1d8-9dc766a65a3f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb427a3cd1-f180-4ddb-b941-1079efb58837.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb432b5987-1bcc-4169-83ae-7236e8c935db.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb44bb4f38-6635-414e-a218-6d88a54f17f7.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb45648d60-86b4-423e-9998-121d66e14930.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb45ea1027-3313-40ba-b87e-7a44839cf9c9.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb47848164-fb89-4f72-88c1-d6bb6c64a9a6.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb47fab2ca-f16e-49be-8f68-0fc6fe5e465a.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb1004f4df-c726-4017-8fed-21e71e6c90b5.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb1609e073-75d1-4517-905f-5ee6112497f6.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb2e22785c-084f-4e0d-a0e3-38728324b26c.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb40307504-2d5d-447b-919d-8a176e680feb.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb49e6d703-1456-4edd-bbea-d7fc42a41c78.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb503f0c4d-c6a8-49af-b744-9ce02bb789fd.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb6173525f-51c8-43b0-8c03-42771de8d021.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb6a7ff3b5-e9f6-4b53-9871-6a25c65f4470.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb78406272-7987-42d6-b6ad-e0ea44dc0d05.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbaca5af24-206b-4970-8cb1-746f9c1cec95.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc9f26afd-7870-4375-9d75-950001bd750f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbd4232f42-a2ba-4f3d-9d27-aff8f2fb7383.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbe48827c8-9f79-428e-8e91-0815d1a2df53.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbeb7d4f76-1d96-4c11-a2c2-39c3bb21efa5.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbf65ec5be-be6b-4452-86ae-2fddf81707bb.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbbdb29ade-3759-41cc-bef1-73e05824b2ed.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc102e902-3b20-46ff-a1e9-840bad2b1a35.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc14a3fe9-52a9-4070-8509-2edbb946fc3d.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc1667913-f2e7-4069-b2a9-8f6e3af3aa16.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc16a549d-5098-4a4d-b202-d32fad6047f6.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc3b1099b-046a-4f3f-bf67-79ffd1b580e3.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc46d457c-20de-45f2-a8bd-8107bbc35f5a.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc493695e-e090-459a-9d35-ae6eaa1b8693.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc7604993-5c27-4e74-9e06-a3ac2455c4fa.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc7fb67c8-d600-4790-a81a-0d151444ea8e.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc8f69e2e-b66a-4672-970a-36a83f1cc783.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc9ab4d53-0ec8-4add-82bc-574e37c62ec2.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbc9d7c82d-caf0-4e1c-ba96-a7e49ad013fa.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb50487a44-1637-4d8a-ab8a-30eb823fbbe4.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb50ad208d-b2ad-490e-85a5-0229548b32ac.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb52b55e0c-2a42-45b5-beaa-6161d2f25b49.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb56b9737d-053a-4007-9e2b-c7fd7ae61a40.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb5869c7c5-69b7-485c-a35a-ea0197b9939c.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb5a2957b4-4498-4ca5-bc0a-86e1728ec3b7.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb5a58a716-ca8e-4226-96c6-4c21558af284.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb5c7f6a62-4d89-4a06-8107-127d1cf87a59.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb5cbc3016-8119-4179-b959-0dddd17076d4.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb5cddea40-f62c-44ed-acef-40ca63821338.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb5e643bfe-329d-4ad6-bc76-3b20ccac81b8.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb5fd15cab-e230-4206-8d55-bfa1310c188d.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb610d303c-4532-4267-8a9b-f5d3c0881189.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb167a62eb-8f05-410c-83ea-e07166fe7138.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb183df136-9f30-4cda-9b8a-1231cbc5a249.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb1c3675e3-f597-4ab9-a39f-f7487a5358b7.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb1c5745fc-dccd-43d0-b0a8-bef90383628f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb1c594562-c882-4db6-87e4-cc0eb941bfd4.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb1d8b9273-cb09-4e7c-9d97-d3066ff39a41.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb24be66a1-ee9b-44d2-aeeb-d6b604f9df88.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb250c102d-3330-4722-b6b1-9b2b5a27fc84.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb25a709f8-f2a6-4152-97b9-b7437f227cb6.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb2aa0845b-5569-482b-8110-a1ba39d51c3e.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbec41697d-d2df-4a73-af61-50be00a8b83c.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbed04db7d-f7da-490e-9d60-8805ddc85a00.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbef722806-62e7-4fc5-929b-5db4c5329e17.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbf0890029-1d72-4927-b601-803ce34e15e7.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbf0e47328-591a-427a-b202-95fc7a601009.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbf13e846f-fae3-438f-84b8-2c0c704a052b.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbf1c06843-54cb-4995-b8d1-8ec26432db27.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbf20f329d-69ee-48b4-baee-1396b9434d8c.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbf5de40b4-62eb-4b61-ba07-641814acdbae.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbf644def6-34ab-412c-91a5-cad5636eb928.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb64d82fe0-384b-4948-a0a9-0a38e1108a70.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb658dc812-5e9d-433d-975c-d6c1c5226dd4.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb6791b73e-e102-4595-83ec-e9b801f5edff.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb67c29780-433e-42fe-af4d-4e9be029a80f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb69a82894-ed84-439d-94be-82c45be517e0.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb69d610b4-077c-4055-aea1-f5a41b593a59.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb69e2ecf5-2664-48c7-b0a4-496be488e787.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb6a2c6b57-9d16-4faa-89d8-a2583e3afee7.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb6a7e7f76-4e12-4932-89f4-9042d86dab20.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb97cd39e6-2812-4f1f-bb30-bd1fc579ed40.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb991046f4-f656-43d9-be15-e0d601ab14b7.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb9ae3121e-5527-4da9-9e4c-4ef62550d29e.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stba0fb0e0e-3468-40d4-ad4a-459ab449f295.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stba57c4753-583e-403f-abd5-76167cdc55ee.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stba58c19f8-7a09-46d1-9776-261a4c76ab8b.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stba78ea7ab-3edc-40a9-944c-edf2b5aa6482.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stba951ec80-8e63-4ab1-aff1-e18cdada5e9a.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbaaa37ce4-62d1-4aa4-834f-b3e9f1cbbb41.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb4c240d41-cf25-40d9-a6f4-6904b7966b99.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb4d20d908-1d19-428d-acf6-15b265d4482d.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb4d7a7263-29c8-4036-a0b5-14aea54de2ce.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb4e8738f2-4922-4271-99f8-28e079fd090a.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb4e9be4a8-ae8e-4a6c-b0ca-97997ebc7c88.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb4eb2bda0-12d9-4c82-8309-3bffbdd50ea4.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb4fbd40ac-5036-4cd4-98a4-33bdae265f6f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbca170558-6ffa-4190-8da7-c34913663de2.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbca2a8c50-7ea7-4b9c-9f2e-d89418946c96.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbcce80dda-297a-4ff5-97f1-db34ae1d099f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbcdadb0c9-50dd-4ec4-b28f-d05290cc51f9.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbcdefce60-d03f-4462-8d2d-a0eb8911c819.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbcefa7d1b-23f7-488d-891a-81e9b31eec30.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbd0926c19-86d4-432b-85bc-fb98016bc777.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbd1fd582a-27f1-4819-a702-44e2be15f478.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbd4220f8c-62e8-4727-b335-e4ce4cacdd09.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb10d16000-bf71-4d36-9aaa-4ab8abf1ba87.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb10de8812-e29a-47ed-b39e-e00f4921d0f1.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb11957ada-2ca0-4f48-ac4f-e441ab24b0eb.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb119e1f11-5c60-4ed1-8057-8c1cea2153f7.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb11ff7e9b-1c34-4602-b37c-8d46049510da.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb13aa73b9-1899-4549-a936-e763ef72f358.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb14abf80a-e331-4ee2-af2c-59c5062605a6.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb1556c446-899c-4f41-b0d9-784993fd31ba.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb15ec18ea-4ca2-4b6c-a0d2-fa92360fd0de.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbacd542ba-4a2d-4ab8-8074-0b1fe9144015.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbae0cc77c-67c8-4026-810c-2f7588780979.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbb120958f-c3c5-441c-baae-ef0538fb5e31.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbb1712b1a-8850-46d8-ba8f-b5c4897c1d08.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbb1a22ff1-a231-4308-ac35-55f6d7b64013.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbb1d69900-392f-4614-83fa-4189ee808fdc.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbb3022ef8-c440-43ae-8182-f8b4e4f8668e.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbb4c36b3a-a961-4927-a005-8ab273a28353.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbba4b6154-3c25-4756-8fe1-17cc2b81dbfa.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbbb28d83d-6994-43f6-9984-1faecdb05a31.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbbb3c3223-92dd-430f-9b0e-47170ccf497a.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb2ed78ad7-dcaf-4c56-b447-913579c93b79.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb34feda73-7ae0-453d-9bc8-d5f2dc3b3575.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb3588f8c7-c56c-4c81-9a8d-3c4b733f1b7c.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb3698c18a-ee49-4cf0-a6a1-0ec30b51cddf.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb36a20b73-8a48-42a9-8ec5-ff27c5ff8a2c.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb39c19260-1457-4a66-bb30-5054075177d0.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb3a08f34f-33fc-463e-acf1-3ef068e50998.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb3a5cbe7d-f845-4548-a694-4d01f4261c8b.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb3f3ea530-f426-4ef3-b7b1-ad17c399b9f5.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb8c4a7166-9451-4978-9b35-2d53712864b3.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb8db4e7ae-c4db-4cac-a6d6-73d2a54bfc51.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb90bdaaee-9381-4c39-96ea-9ecb3211fbeb.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb920d82ac-a415-4030-a225-c464161ee1a1.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb921b13b1-e18c-438a-bfbd-9ba1a376586a.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb937c3217-63a3-405b-a51e-598f57def93c.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb9556ae60-6cb6-4ae2-8a9d-4d6536ab23b3.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb95bdcd44-dafc-47c0-8d50-c2d40245ebee.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb964f3adf-439d-42e6-ae74-7ccf34db76e9.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb6afd9a9f-4658-4eb8-816c-297b1368810f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb6c177732-ee88-475b-87b9-e5e58e87702e.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb6c33caec-63d0-486d-9be4-8713533da8b8.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb6c840f33-eff2-4570-ab85-7de4731d54ef.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb7066933c-4fb2-4862-a6ef-171ff62cefcb.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb7190e937-662b-4029-b63f-9949e18a21b4.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb75f32f72-62d4-44b9-8c72-b8eb16f7d226.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stb76eb1010-23be-4fad-952e-ed803e7abdc3.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbe5a0b782-64df-4a7f-869b-52d32e43abae.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbe5ac9444-d166-49fd-8ed7-c03b283a41cd.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbe5af010e-833b-4304-b3df-ae5f16668a77.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbe63f0bbe-b635-434b-a0ac-0f6bfc1818fa.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbe7be7cfe-26e7-43e6-9764-602ac722a414.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbe7f09c68-3fea-485a-8bb2-dbe0b42db577.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbe9ad9f78-d710-42ea-aac6-1cedaed07750.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbf8ffe6a2-f1fe-4521-ad63-c6b0aa362679.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbfbf3d3ca-9e6d-4e23-8298-e1070cf1682b.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbfc4c867f-7330-4a58-b8c7-4d7739b12060.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbfdc9b4e9-0955-4132-bb6b-d353b5fb1bf3.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbfdda64ff-9cb5-47d6-8767-b7b06a14f39f.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK.Gen, C:\Users\Wanja\AppData\Local\Temp\APN-Stub\Stbfe9b2bcc-5e9f-4934-a24f-621dcd059de2.log, In Quarantäne, [182fecefa1f80c2a4d6dbdee23df7c84],
PUP.Optional.ASK, C:\Users\Bernd\AppData\LocalLow\AskToolbar\APNU\config.xml, In Quarantäne, [06414b90217841f5885c228c8a786e92],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end)
FRST64 liefert folgende Ergebnisse:
FRST Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016
durchgeführt von ***** (Administrator) auf ***** (29-05-2016 01:04:54)
Gestartet von C:\_data\Software\Antivirus-Antimalware\Testprogramm FRST\FRST
Geladene Profile: ***** & (Verfügbare Profile: ***** & ***** & ***** & *****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Lexware\QuickSteuer Deluxe\2015\AAVUpdateManager\aavus.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Installer Service\LxInstallerService.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\SQL Anywhere 12\Bin32\dbsrv12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(simplitec GmbH) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(FUJI PHOTO FILM CO., LTD.) C:\Program Files\FinePixViewer\QuickDCF.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [REGSHAVE] => C:\Program Files (x86)\REGSHAVE\REGSHAVE.EXE [53248 2002-02-04] (FUJI PHOTO FILM CO., LTD.)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2008-04-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-07] (Easybits)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-08] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Symantec <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ACHTUNG
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\...\Run: [zvmpqto] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\...\Run: [EgutDuva] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\...\Run: [IlujeLsuhj] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\...\Run: [EkjokPenxa] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\...\MountPoints2: D - D:\LaunchU3.exe -a
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\...\MountPoints2: {8d0ba406-271d-11e0-a8b4-c80aa91a38aa} - H:\LaunchU3.exe -a
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\...\MountPoints2: {daf97978-fa04-11df-a4d8-c80aa91a38aa} - D:\HPLauncher.exe
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [zvmpqto] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EgutDuva] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [IlujeLsuhj] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EkjokPenxa] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: D - D:\LaunchU3.exe -a
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {8d0ba406-271d-11e0-a8b4-c80aa91a38aa} - H:\LaunchU3.exe -a
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {daf97978-fa04-11df-a4d8-c80aa91a38aa} - D:\HPLauncher.exe
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [zvmpqto] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [EgutDuva] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [IlujeLsuhj] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [EkjokPenxa] => regsvr32.exe "
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: D - D:\LaunchU3.exe -a
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {8d0ba406-271d-11e0-a8b4-c80aa91a38aa} - H:\LaunchU3.exe -a
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {daf97978-fa04-11df-a4d8-c80aa91a38aa} - D:\HPLauncher.exe
HKU\S-1-5-21-2537826404-3137134143-2315302358-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2537826404-3137134143-2315302358-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2537826404-3137134143-2315302358-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {c95f850a-0a4f-11e1-9ba3-c80aa91a38aa} - D:\AutoRun.exe
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {07e88008-0c9a-11e1-ab70-c80aa91a38aa} - G:\AutoRun.exe
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {8d0ba406-271d-11e0-a8b4-c80aa91a38aa} - H:\LaunchU3.exe -a
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {c95f84f8-0a4f-11e1-9ba3-c80aa91a38aa} - D:\AutoRun.exe
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {c95f850a-0a4f-11e1-9ba3-c80aa91a38aa} - D:\AutoRun.exe
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {daf97978-fa04-11df-a4d8-c80aa91a38aa} - G:\HPLauncher.exe
HKU\S-1-5-21-2537826404-3137134143-2315302358-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2537826404-3137134143-2315302358-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-11-14] (EasyBits Software Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk [2012-02-11]
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Exif Launcher.lnk [2010-07-08]
ShortcutTarget: Exif Launcher.lnk -> C:\Programme\FinePixViewer\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2010-07-08]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-2537826404-3137134143-2315302358-1003\User: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{BD200230-8A3A-43B2-ACED-DC7D6F310A43}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{D82C2451-551A-49C4-A188-89AC68A380E5}: [DhcpNameServer] 139.7.30.125 139.7.30.126
Internet Explorer:
==================
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.ecosia.org/?c=de
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.ecosia.org/?c=de
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.ecosia.org/?c=de
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4
HKU\S-1-5-21-2537826404-3137134143-2315302358-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQNOT/4
HKU\S-1-5-21-2537826404-3137134143-2315302358-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQNOT/4
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4
HKU\S-1-5-21-2537826404-3137134143-2315302358-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQNOT/4
HKU\S-1-5-21-2537826404-3137134143-2315302358-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4
SearchScopes: HKLM -> DefaultScope {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000 -> DefaultScope {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000 -> {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2537826404-3137134143-2315302358-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL =
SearchScopes: HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL =
SearchScopes: HKU\S-1-5-21-2537826404-3137134143-2315302358-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {62F26ACD-6C8B-4904-A88E-FACD3AA1DBC9} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll => Keine Datei
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll [2009-08-29] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL [2009-08-30] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-25] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18] (Adobe Systems Incorporated)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-25] (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll [2009-08-29] (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-2537826404-3137134143-2315302358-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler: haufereader - Kein CLSID Wert
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cghlqynt.default
FF Homepage: hxxp://www.ecosia.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-26] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-26] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-03-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cghlqynt.default\Extensions\abs@avira.com [2016-05-17]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{4C0766D3-67A7-45a3-85A2-752F77312F32}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn => nicht gefunden
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AAV UpdateService; C:\Program Files (x86)\Lexware\QuickSteuer Deluxe\2015\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-22] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [Datei ist nicht signiert]
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [125440 2009-09-24] (Hewlett-Packard) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Lexware Installations Dienst; C:\Program Files (x86)\lexware\installer service\LxInstallerService.exe [24064 2012-10-07] (Haufe-Lexware GmbH & Co. KG) [Datei ist nicht signiert]
R2 Lexware_Datenbank_Plus; C:\Program Files (x86)\SQL Anywhere 12\Bin32\dbsrv12.exe [141176 2012-06-01] (iAnywhere Solutions, Inc.)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe [126392 2009-08-25] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [277904 2012-10-13] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [228000 2012-10-13] (Protect Software GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-06] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-22] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-22] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216 2016-05-28] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
U0 qnorllyu; C:\Windows\System32\drivers\ddoksy.sys [79064 2016-05-29] (Malwarebytes)
S1 SRTSP; C:\Windows\system32\drivers\NISx64\1100000.088\SRTSP64.SYS [504880 2009-08-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1100000.088\SRTSPX64.SYS [32304 2009-08-30] (Symantec Corporation)
S2 BrPar; \SystemRoot\System32\drivers\BrPar.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20090829.019\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20090829.019\EX64.SYS [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-29 00:52 - 2016-05-29 00:52 - 00079064 _____ (Malwarebytes) C:\Windows\system32\Drivers\ddoksy.sys
2016-05-28 21:58 - 2016-05-28 21:59 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-28 21:57 - 2016-05-28 21:58 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-28 21:57 - 2016-05-28 21:57 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-05-28 21:54 - 2016-05-28 21:54 - 00168376 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-28 21:51 - 2016-05-28 21:51 - 00552024 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-28 19:04 - 2016-05-28 23:44 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-28 19:03 - 2016-05-28 19:03 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-28 19:03 - 2016-05-28 19:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-28 19:03 - 2016-05-28 19:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-28 19:03 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-28 19:03 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-28 19:03 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-28 18:50 - 2016-05-28 18:58 - 22851472 _____ (Malwarebytes ) C:\Users\*****\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-26 12:31 - 2016-05-26 12:31 - 00001159 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2016-05-26 12:31 - 2016-05-26 12:31 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-05-26 12:31 - 2016-05-26 12:31 - 00000000 ____D C:\Users\*****\AppData\Roaming\Canneverbe Limited
2016-05-26 12:31 - 2016-05-26 12:31 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2016-05-26 12:31 - 2016-05-26 12:31 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2016-05-26 12:27 - 2016-05-26 12:28 - 05383336 _____ (Canneverbe Limited ) C:\Users\*****\Downloads\cdbxp_setup_4.5.7.6139_minimal.exe
2016-05-26 12:15 - 2016-05-26 12:15 - 00002143 _____ C:\Users\*****\Desktop\DVDx - CHIP Installer.lnk
2016-05-26 12:10 - 2016-05-26 12:10 - 01473544 _____ C:\Users\*****\Downloads\dvdx-4.0.1.0-win32 - CHIP-Installer.exe
2016-05-26 11:57 - 2016-05-26 11:57 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-05-26 11:57 - 2016-05-26 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-05-26 11:38 - 2016-05-26 12:11 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2016-05-26 11:37 - 2016-05-26 11:56 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-05-26 11:31 - 2016-05-26 11:34 - 30503216 _____ C:\Users\*****\Downloads\vlc-2.2.3-win32.exe
2016-05-25 12:23 - 2016-05-25 12:23 - 00000000 ____D C:\Users\*****\AppData\Roaming\Sun
2016-05-25 12:23 - 2016-05-25 12:23 - 00000000 ____D C:\Users\*****\.oracle_jre_usage
2016-05-25 12:19 - 2016-05-25 12:19 - 00000000 ____D C:\Users\*****\AppData\LocalLow\Oracle
2016-05-24 23:40 - 2016-05-29 01:04 - 00000000 ____D C:\FRST
2016-05-24 23:38 - 2016-05-24 23:38 - 02382848 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2016-05-24 21:45 - 2016-05-24 21:45 - 05594112 _____ C:\Users\*****\Downloads\clamav-0.99.2-x64.msi
2016-05-24 10:44 - 2016-05-25 12:24 - 00000000 ____D C:\ProgramData\Oracle
2016-05-24 10:42 - 2016-05-25 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-24 10:42 - 2016-05-25 12:22 - 00268352 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2016-05-24 10:42 - 2016-05-25 12:22 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-04 23:19 - 2016-05-24 10:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-29 00:52 - 2009-07-14 06:45 - 00000000 ____D C:\Windows\Setup
2016-05-28 23:01 - 2010-10-17 21:35 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4C6D7470-CB91-47AB-B183-90613157C553}
2016-05-28 22:00 - 2009-07-14 06:45 - 00023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-28 22:00 - 2009-07-14 06:45 - 00023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-28 21:59 - 2013-08-25 22:14 - 00000000 ____D C:\Users\*****\AppData\Roaming\Avira
2016-05-28 21:57 - 2009-11-14 18:59 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-28 21:56 - 2010-04-09 21:18 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2016-05-28 21:53 - 2010-04-09 17:36 - 00000183 _____ C:\ProgramData\HPWALog.txt
2016-05-28 21:52 - 2015-01-21 00:34 - 00000412 _____ C:\Windows\Tasks\simplitec Service Provider.job
2016-05-28 21:51 - 2012-11-06 00:48 - 00000680 __RSH C:\Users\*****\ntuser.pol
2016-05-28 21:51 - 2010-04-09 17:30 - 00000000 ____D C:\Users\*****
2016-05-28 21:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-28 17:01 - 2010-08-10 06:08 - 00000000 ____D C:\Users\*****\AppData\Local\ElevatedDiagnostics
2016-05-28 16:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-28 16:50 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-26 13:58 - 2015-11-10 22:23 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-26 13:58 - 2011-06-25 11:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-25 12:24 - 2009-11-14 19:58 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-24 21:32 - 2010-05-15 23:27 - 00000000 ____D C:\_data
2016-05-24 20:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-24 11:00 - 2011-01-05 14:18 - 00000000 ____D C:\Windows\Minidump
2016-05-23 22:12 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-22 12:35 - 2013-05-12 14:59 - 00000000 ____D C:\Users\*****\AppData\Roaming\Farm Mania 2.1
2016-05-18 22:04 - 2015-12-10 14:21 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-17 22:32 - 2015-12-02 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-10 21:29 - 2009-11-15 02:15 - 00654166 _____ C:\Windows\system32\perfh007.dat
2016-05-10 21:29 - 2009-11-15 02:15 - 00130006 _____ C:\Windows\system32\perfc007.dat
2016-05-10 21:29 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-08 22:04 - 2015-12-10 14:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-01-05 22:31 - 2014-11-01 00:36 - 0000000 _____ () C:\Users\*****\AppData\Roaming\FileIn.cns
2013-01-05 22:31 - 2014-11-01 00:36 - 0000000 _____ () C:\Users\*****\AppData\Roaming\FileOut.cns
2010-05-15 22:20 - 2015-12-03 02:17 - 0003414 _____ () C:\Users\*****\AppData\Roaming\wklnhst.dat
2010-04-09 17:36 - 2010-04-09 17:36 - 0000000 _____ () C:\Users\*****\AppData\Local\AtStart.txt
2010-04-09 17:36 - 2010-04-09 17:36 - 0000000 _____ () C:\Users\*****\AppData\Local\DSwitch.txt
2010-04-09 17:36 - 2010-04-09 17:36 - 0000000 _____ () C:\Users\*****\AppData\Local\QSwitch.txt
2015-12-10 12:58 - 2015-12-10 12:58 - 4600536 _____ (Avira Operations GmbH & Co. KG) C:\ProgramData\avira_de_av_566959f153810__ws1.exe
2009-06-16 13:25 - 2009-06-16 13:25 - 0121512 ____R () C:\ProgramData\DeviceManager.xml.rc4
2010-04-09 17:36 - 2016-05-28 21:53 - 0000183 _____ () C:\ProgramData\HPWALog.txt
2010-02-21 02:41 - 2010-02-21 02:41 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-11-14 19:25 - 2009-11-14 19:25 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-02-21 02:41 - 2010-02-21 02:41 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-11-14 19:21 - 2009-11-14 19:21 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-02-21 02:40 - 2010-02-21 02:40 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-02-21 02:41 - 2010-02-21 02:41 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-11-14 19:20 - 2009-11-14 19:20 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-11-14 19:22 - 2009-11-14 19:25 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-02-21 02:42 - 2010-02-21 02:42 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\avira_de_av_566959f153810__ws1.exe
Einige Dateien in TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\*****\AppData\Local\Temp\SIntf16.dll
C:\Users\*****\AppData\Local\Temp\SIntf32.dll
C:\Users\*****\AppData\Local\Temp\SIntfNT.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-12 21:09
==================== Ende von FRST.txt ============================
Addition: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016
durchgeführt von (2016-05-29 01:16:55)
Gestartet von C:\_data\Software\Antivirus-Antimalware\Testprogramm FRST\FRST
Windows 7 Home Premium Service Pack 1 (X64) (2010-04-09 15:30:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2537826404-3137134143-2315302358-500 - Administrator - Disabled)
***** (S-1-5-21-2537826404-3137134143-2315302358-1002 - Limited - Enabled) => C:\Users\*****
Gast (S-1-5-21-2537826404-3137134143-2315302358-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2537826404-3137134143-2315302358-1005 - Limited - Enabled)
(S-1-5-21-2537826404-3137134143-2315302358-1000 - Administrator - Enabled) => C:\Users\
***** (S-1-5-21-2537826404-3137134143-2315302358-1001 - Limited - Enabled) => C:\Users\*****
***** (S-1-5-21-2537826404-3137134143-2315302358-1003 - Limited - Enabled) => C:\Users\*****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.1 - Hewlett-Packard) Hidden
Adis-Betrachter (Version 2.1.0.0) (HKLM-x32\...\{543CDC99-00DF-4EF0-B536-09C5F3617240}_is1) (Version: - VIT-PCS GmbH)
Adobe Acrobat 7.1.0 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V) (Version: 7.1.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
AMD USB Filter Driver (HKLM-x32\...\{5271C0D4-24E4-4C3D-A782-C012033FD3CF}) (Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
ArcSoft PhotoImpression (HKLM-x32\...\{6C5D7191-140A-11D6-B5A0-0050DA208A93}) (Version: - )
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{bfb60b68-92b8-481b-b416-7e05b4ea01c9}) (Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20064 - Ask.com) <==== ACHTUNG
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-2537826404-3137134143-2315302358-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20064 - Ask.com) <==== ACHTUNG
BILDmobil (HKLM-x32\...\BILDmobil) (Version: 11.301.08.01.35 - Huawei Technologies Co.,Ltd)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6139 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3325 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1005 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
EPSON Copy Utility (HKLM-x32\...\{B69CC1A5-0404-11D6-ABCB-005004C21D30}) (Version: - )
EPSON Scan (HKLM-x32\...\{0E0131B2-CF18-40D9-A331-60A3746C1204}) (Version: - )
EPSON Smart Panel (HKLM-x32\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version: - )
Farm Frenzy 2 (HKLM-x32\...\Farm Frenzy 2) (Version: - )
Farm Frenzy 3 (HKLM-x32\...\Farm Frenzy 3) (Version: - )
Farm Mania Hot Vacation (HKLM-x32\...\Farm Mania Hot Vacation_is1) (Version: - Realore Studios)
FarmFrenzy (HKLM-x32\...\FarmFrenzy) (Version: - )
FinePixViewer Ver.4.1 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: - )
FUJIFILM USB Driver (HKLM-x32\...\{5490882C-6961-11D5-BAE5-00E0188E010B}) (Version: - )
Haufe iDesk-Browser (HKLM-x32\...\{F48AAE0F-52F4-11DD-B1F7-0050560400B1}) (Version: 8.07.16.5590 - Haufe)
Haufe iDesk-Service (HKLM-x32\...\{D5C8E140-6E6F-11DD-9AA9-0050560400B1}) (Version: 8.08.20.5622 - Haufe)
Herde (HKLM-x32\...\Herde) (Version: - )
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}) (Version: 4.2.5.3 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
ImageMixer VCD2 for FinePix (HKLM-x32\...\{934E9442-D305-4ACF-AD87-A6C11D677CB9}) (Version: - )
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2111 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.) Hidden
Lexware Datenbank plus 2013 (HKLM-x32\...\{5E4A2F76-F5FD-4CC3-9756-20A7B451EA3D}) (Version: 13.25.00.0072 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG)
Lexware Installations Dienst (HKLM-x32\...\{2388A683-06AA-4A2E-96B1-65E557E53D1D}) (Version: 2.00.00.0036 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM-x32\...\{5EA333DC-8C33-4077-9BFE-2326F3FA505F}) (Version: 17.00.00.0186 - Haufe-Lexware GmbH & Co.KG)
Lexware reisekosten plus 2013 (HKLM-x32\...\{78BDF2A9-0F80-4457-A6DE-85E8FB1C8352}) (Version: 13.03.00.0045 - Haufe-Lexware GmbH & Co.KG)
Lexware reisekosten plus 2013 (x32 Version: 13.03.00.0045 - ) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: - EasyBits Software AS)
MAGIX Fotos auf DVD easy (HKLM-x32\...\MX.{6FE7B7B9-A441-47CC-BA23-FF5232B11183}) (Version: 1.0.5.18 - MAGIX Software GmbH)
MAGIX Fotos auf DVD easy (Version: 1.0.5.18 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{0FE72477-C3AE-4269-BC76-8DE86A419687}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2000 Disc 2 (HKLM-x32\...\{00040407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM-x32\...\{00010407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}) (Version: 7.0.43.11502 - muvee Technologies Pte Ltd)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 17.0.0.136 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
P1670 Referenzhandbuch (HKLM-x32\...\P1670 Referenzhandbuch) (Version: - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden
ProtectDisc Helper Driver 10 (HKLM-x32\...\ProtectDisc Driver 10) (Version: 10.0.0.3 - )
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickSteuer Deluxe 2014 (HKLM-x32\...\{F0DDB61B-25D1-4159-8F10-7A5B83B86339}) (Version: 20.06.00.0001 - Haufe-Lexware GmbH & Co.KG)
QuickSteuer Deluxe 2015 (HKLM-x32\...\{49E0E0CA-C817-49C8-861B-B766599BCB96}) (Version: 20.38.173 - Haufe-Lexware GmbH & Co.KG)
QuickSteuer Deluxe 2016 (HKLM-x32\...\{3077FB33-83B4-4B16-9A35-CD160CD3D012}) (Version: 21.21.42 - Haufe-Lexware GmbH & Co.KG)
QuickSteuer DELUXE Wissens-Center 2009 (HKLM-x32\...\{353EA50E-26A0-4ADD-A12A-3FE2E59E5BB3}) (Version: 15.0.0.0 - Haufe Mediengruppe)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
RAW FILE CONVERTER LE (HKLM-x32\...\{D680C913-5955-469D-9D88-C1940F7506D6}) (Version: - )
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2202 - CyberLink Corp.) Hidden
ScanToWeb (HKLM-x32\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version: - )
simpliclean (HKLM-x32\...\simplitec POWER SUITE_is1) (Version: 1.5.2.2 - simplitec GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1BAC4B6E-AD4F-44EC-9896-D2DB5C7F3400} - System32\Tasks\simplitec Service Provider => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe [2014-03-05] (simplitec GmbH)
Task: {254F026D-8F62-4127-9120-B60F1B7AE3F6} - System32\Tasks\{1F63606B-8945-46E2-95C1-65E8733FE257} => pcalua.exe -a C:\Windows\IsUn0407.exe -c -fc:\spiele\Uninst.isu -cc:\spiele\CatanUninstall.dll
Task: {48ADDAC5-6186-4616-BD2F-743EF29B18E5} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-09-24] (Hewlett-Packard)
Task: {6EBE9A71-E67B-4D30-B1D5-D6F6917C5DFB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {73CAD4B8-D699-4247-AFCC-A4FD23C20714} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-09-24] (Hewlett-Packard)
Task: {766E89EE-DA67-4E1A-9A8E-A49B9B1EFC8B} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe [2014-03-05] (simplitec GmbH)
Task: {78C65CEC-8A0D-44C5-94E7-613A63CA31D3} - System32\Tasks\{385B7F02-6DBE-4CE3-A65E-960A4E583815} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {97639C17-5D39-45A0-8CE8-A9B09E54E5DA} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-07] ()
Task: {B0AF1F98-BFDC-4932-8EA7-03EA493413BE} - System32\Tasks\{15802535-E75F-4D3F-BD6B-16661BD7BB87} => pcalua.exe -a F:\EPSETUP.EXE -d F:\
Task: {D6F72A68-0983-47FA-9CCA-A8875EBB3887} - System32\Tasks\{9185708D-5DFF-41D0-B162-9B756A53EE91} => pcalua.exe -a C:\Users\\Desktop\genp5e-64-ger-105.exe -d C:\Users\\Desktop
Task: {ED0015DA-69CA-487A-9CF6-EDA912E1CB27} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: C:\Windows\Tasks\simplitec Service Provider.job => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-10-27 17:30 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Lexware\QuickSteuer Deluxe\2015\AAVUpdateManager\aavus.exe
2009-11-14 19:25 - 2009-07-06 21:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-10-02 16:46 - 2009-10-02 16:46 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-02-21 02:29 - 2010-02-21 02:29 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-01-21 00:33 - 2014-03-05 15:17 - 00150816 _____ () C:\Program Files (x86)\simplitec\simpliclean\modules\common\asp_ipc32.dll
2015-01-21 00:33 - 2014-03-05 15:16 - 00009504 _____ () C:\Program Files (x86)\simplitec\simpliclean\language\ServiceProvider_de.dll
2015-01-21 00:33 - 2014-03-05 15:18 - 00008992 _____ () C:\Program Files (x86)\simplitec\simpliclean\modules\ServicesModule\ServicesModule_de.dll
2009-09-29 16:25 - 2009-09-29 16:25 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-09-29 16:25 - 2009-09-29 16:25 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-09-29 16:25 - 2009-09-29 16:25 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-09-29 16:25 - 2009-09-29 16:25 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-09-29 16:25 - 2009-09-29 16:25 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-29 16:25 - 2009-09-29 16:25 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-09-29 16:25 - 2009-09-29 16:25 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-09-29 16:25 - 2009-09-29 16:25 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2011-10-27 17:22 - 2006-01-12 22:20 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.deu
2011-10-27 17:22 - 2006-01-12 22:13 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.FRA
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2537826404-3137134143-2315302358-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2537826404-3137134143-2315302358-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2537826404-3137134143-2315302358-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2537826404-3137134143-2315302358-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{FEFAB6AD-416A-4438-AC0D-F4F7F92CD519}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{680AED17-1AA1-4727-9C44-B4DC9003CE25}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{2ED1C4F7-17EE-4C71-8232-AFB631837CC0}] => (Allow) svchost.exe
FirewallRules: [{529D88E1-5433-4A37-86D1-059E8C2B3F54}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{70CF7A90-46A8-44F7-9D14-93FA18532AF8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{01C6DFC4-E214-495F-80DF-A6567B8852EC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [TCP Query User{FD68E26F-7DC4-4A07-BEA6-0FACE563257B}F:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) F:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [UDP Query User{D8CA007B-1C47-490E-BA18-DB0827D79E53}F:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) F:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [{5C134CB1-2886-44DA-BFED-EC2CBC0D4DA8}] => (Block) F:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [{3AB3C860-859E-4182-9E0B-7C46F26D1F1F}] => (Block) F:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [{AF6428E5-9875-4BA0-B999-ACB0CA67AE43}] => (Allow) C:\Program Files (x86)\SQL Anywhere 12\Bin32\dbsrv12.exe
FirewallRules: [{CE733D3F-574F-4D91-995E-633D551BECAF}] => (Allow) C:\Program Files (x86)\SQL Anywhere 12\Bin32\dbsrv12.exe
FirewallRules: [{D2A7E26F-B8CA-474F-B49C-81077BDF5431}] => (Allow) C:\Program Files (x86)\Lexware\Installer Service\LxInstallerService.exe
FirewallRules: [{A676E97D-BC45-44BF-AA5A-AC0F16FB23F7}] => (Allow) C:\Program Files (x86)\Lexware\Installer Service\LxInstallerService.exe
FirewallRules: [{AB283AE0-FB9B-4891-B3B4-2C46EBCF5BDF}] => (Allow) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbeng9.exe
FirewallRules: [{BC404E12-0A2F-44F4-B967-260B6831BB5C}] => (Allow) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbeng9.exe
FirewallRules: [TCP Query User{ED58C30F-D959-4159-91DE-1A4CA6B6DB2F}C:\windows\temp\navbrowser.exe] => (Block) C:\windows\temp\navbrowser.exe
FirewallRules: [UDP Query User{E6824E9B-05EE-45D8-8E08-44E67A510058}C:\windows\temp\navbrowser.exe] => (Block) C:\windows\temp\navbrowser.exe
FirewallRules: [{6A13E1C9-6D62-440E-9116-D9C22182FEBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AB94DD08-47E2-49AB-AEC0-D2FE76C9C928}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DE060D3-AD43-48A7-9E85-D2ED1D6283D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BADA56FB-5855-476E-B4C1-09C9F6D0BCE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
06-03-2016 11:53:42 Geplanter Prüfpunkt
28-03-2016 21:07:42 Geplanter Prüfpunkt
12-04-2016 21:09:38 Geplanter Prüfpunkt
24-05-2016 10:38:49 Removed Java(TM) 6 Update 37
24-05-2016 10:41:04 Installed Java 7 Update 79
24-05-2016 22:04:01 Installed ClamAV-x64
24-05-2016 22:54:58 Removed ClamAV-x64
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Atheros AR9285 802.11b/g/n WiFi Adapter
Description: Atheros AR9285 802.11b/g/n WiFi Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/25/2016 10:17:41 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={76FEAD42-519F-4C01-8436-78E8FE13B1F4}: Der Benutzer "*****\" hat eine Verbindung mit dem Namen "Arche W-DSL" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.
Error: (05/25/2016 10:17:03 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={FCA04A9A-E052-44B7-B85B-A44F4D21CED8}: Der Benutzer "*****\" hat eine Verbindung mit dem Namen "Arche W-DSL" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.
Error: (05/24/2016 01:40:11 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/24/2016 01:40:11 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/24/2016 01:40:11 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/24/2016 01:40:11 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (05/24/2016 01:40:04 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/24/2016 01:40:04 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (05/24/2016 01:40:04 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/24/2016 01:40:04 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Systemfehler:
=============
Error: (05/28/2016 09:53:11 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (05/28/2016 09:52:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SRTSP
Error: (05/28/2016 09:51:39 PM) (Source: Service Control Manager) (EventID: 7002) (User: )
Description: Der Dienst "BrPar" ist von der Gruppe "Parallel arbitrator" abhängig. Kein Mitglied dieser Gruppe wurde jedoch gestartet.
Error: (05/28/2016 09:51:29 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (05/28/2016 09:51:14 PM) (Source: SRTSP) (EventID: 5) (User: )
Description: Error loading Symantec real time Anti-Virus driver.
Error: (05/28/2016 09:51:14 PM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.
Error: (05/28/2016 09:48:15 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (05/28/2016 04:40:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SRTSP
Error: (05/28/2016 04:39:10 PM) (Source: Service Control Manager) (EventID: 7002) (User: )
Description: Der Dienst "BrPar" ist von der Gruppe "Parallel arbitrator" abhängig. Kein Mitglied dieser Gruppe wurde jedoch gestartet.
Error: (05/28/2016 04:39:05 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
==================== Speicherinformationen ===========================
Prozessor: AMD Athlon(tm) II Dual-Core M320
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 4092.2 MB
Verfügbarer physikalischer RAM: 3021.58 MB
Summe virtueller Speicher: 8182.61 MB
Verfügbarer virtueller Speicher: 5569.81 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.46 GB) (Free:258.04 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 041DF713)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=103 MB) - (Type=0C)
==================== Ende von Addition.txt ============================
Im voraus vielen Dank für eine Unterstützung. |
So funktioniert es:
TDSSKiller.exe und speichere diese Datei auf dem Desktop
Malwarebytes Anti-Malware 
und 
und speichere die Logdatei auf Deinem Desktop.