Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   PC braucht eine gefühlte Ewigkeit um hochzufahren (https://www.trojaner-board.de/176278-pc-braucht-gefuehlte-ewigkeit-um-hochzufahren.html)

Lilian-Rose 22.02.2016 23:00
PC braucht eine gefühlte Ewigkeit um hochzufahren
 
Hallo ihr Lieben,

ich hab das Problem, dass mein PC zwischen 20 Minuten und einer halben Stunde braucht, um hochzufahren. Wollte euch bitten, zu überprüfen, ob ich mir einen Virus bzw. einen Trojaner eingefangen habe.

Vielen Dank für eure Hilfe!

Gruß Lilian

burningice 23.02.2016 00:39
:hallo:
Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
  • Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
  • Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
Los geht's :abklatsch:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Lilian-Rose 23.02.2016 10:42
Hallo Rafael,

vielen Dank für Deine Antwort und danke, dass Du mir hilfst!



Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
durchgeführt von Conny (Administrator) auf CONNY-PC (23-02-2016 10:13:07)
Gestartet von C:\Users\Conny\Desktop
Geladene Profile: Conny (Verfügbare Profile: Conny)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(BERNINA International AG) C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-01-10] (Google Inc.)
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [Dropbox Update] => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {3B713BCF-458F-4A2A-BAD2-9784208C169D} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-09]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-09]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=00033BB0&OHP=about%3Ablank&OSP=https%3A%2F%2Fde.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-02-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-09] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default
FF DefaultSearchUrl:
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.jw.org/de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\ask-search.xml [2014-08-06]
FF SearchPlugin: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\avira-safesearch.xml [2014-11-29]
FF SearchPlugin: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\computer-bild-suche.xml [2015-09-28]
FF Extension: CookieCuller - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2015-05-29]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-10-16] [ist nicht signiert]
FF Extension: Avira Browser Safety - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\abs@avira.com [2015-01-15] [ist nicht signiert]
FF Extension: ghostery - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\firefox@ghostery.com.xpi [2016-02-22]
FF Extension: Hilfe Assistent - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\{} [2014-11-03] [ist nicht signiert]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-15] <==== ACHTUNG

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR DefaultSearchURL: Default -> hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f96bdea8-0d1c-43b5-bfc4-62d7f6d6a2b0&searchtype=ds&q={searchTerms}&installDate=01/01/1970
CHR DefaultSearchKeyword: Default -> search.snap.do
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (McAfee Security Scan+) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-28]
CHR Extension: (Google-Suche) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-16]
CHR Extension: (Skype Click to Call) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Google Mail) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1904368 2016-01-20] (Microsoft Corporation)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S4 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2012-06-22] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 UniversalCommunicationServer; C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe [90496 2013-05-02] (BERNINA International AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
R0 DiskSec; C:\Windows\system32\Drivers\DiskSec.sys [14208 2008-04-04] (MAGIX) [Datei ist nicht signiert]
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-20] (AVAST Software)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 SydexFDD; C:\Windows\system32\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows (R) 2000 DDK provider) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-20] (Avast Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Conny\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Conny\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S2 tmcomm; system32\DRIVERS\tmcomm.sys [X]
S2 wntpport; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-23 10:13 - 2016-02-23 10:13 - 00028435 _____ C:\Users\Conny\Desktop\FRST.txt
2016-02-23 10:08 - 2016-02-23 10:09 - 00000000 ____D C:\Users\Conny\Desktop\JW
2016-02-23 10:00 - 2016-02-23 10:00 - 01722368 _____ (Farbar) C:\Users\Conny\Desktop\FRST.exe
2016-02-22 23:43 - 2016-02-22 23:43 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-02-22 23:39 - 2016-02-22 23:39 - 00000162 ____H C:\Users\Conny\Desktop\~$Dok8.odt
2016-02-20 14:24 - 2016-02-20 14:24 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-14 16:02 - 2016-02-14 16:02 - 00001298 _____ C:\Users\Public\Desktop\Watchtower Library 2015 - Deutsch.lnk
2016-02-14 16:02 - 2016-02-14 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2015
2016-02-12 20:01 - 2016-02-13 10:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-10 11:36 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 11:36 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 11:36 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 11:36 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 11:36 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 11:36 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 11:36 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:36 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 11:36 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 11:35 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 11:35 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:35 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 11:35 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 11:34 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 11:34 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 11:34 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 11:34 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 11:34 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 11:34 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:34 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 11:34 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 11:34 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 11:34 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:34 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 11:33 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 11:33 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 11:33 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 11:33 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:33 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 11:33 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:33 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 11:33 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:33 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 11:33 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:33 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 11:33 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 11:33 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 11:33 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 11:33 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 11:33 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 11:33 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:33 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 11:33 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 11:31 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:31 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-04 16:35 - 2016-02-04 16:35 - 00025888 _____ C:\Users\Conny\Kolloidales Silber.odt
2016-01-30 00:40 - 2016-01-30 00:40 - 00038883 _____ C:\Users\Conny\Documents\Dok8.odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-23 10:13 - 2014-03-05 09:11 - 00000000 ____D C:\FRST
2016-02-23 10:11 - 2015-09-16 20:20 - 00000000 ____D C:\Users\Conny\Desktop\Gute Vorträge
2016-02-23 10:10 - 2015-03-12 19:13 - 00000000 ____D C:\Users\Conny\Desktop\Handarbeit Stickdateien
2016-02-23 10:07 - 2011-01-10 22:04 - 00000000 ____D C:\Users\Conny
2016-02-23 10:04 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-23 10:04 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-23 09:54 - 2014-01-21 09:22 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 09:51 - 2014-01-21 09:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-23 09:48 - 2015-06-12 19:37 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job
2016-02-23 09:42 - 2011-01-10 22:01 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-23 09:29 - 2013-03-10 10:53 - 00000000 ___RD C:\Users\Conny\Dropbox
2016-02-23 09:29 - 2013-03-10 10:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Dropbox
2016-02-23 09:26 - 2011-01-10 22:01 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-23 09:26 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-23 09:25 - 2016-01-07 23:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-02-23 09:25 - 2012-10-17 16:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-23 00:26 - 2010-08-28 01:49 - 01595580 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-23 00:26 - 2010-05-12 14:13 - 00699884 _____ C:\Windows\system32\perfh007.dat
2016-02-23 00:26 - 2010-05-12 14:13 - 00149766 _____ C:\Windows\system32\perfc007.dat
2016-02-23 00:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-23 00:18 - 2012-05-31 22:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-22 23:48 - 2015-06-12 19:37 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job
2016-02-22 23:43 - 2011-09-22 18:54 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-20 15:24 - 2012-09-17 16:48 - 00002154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-20 14:14 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-14 16:07 - 2011-01-11 14:21 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Watchtower
2016-02-14 16:02 - 2011-08-18 21:03 - 00000000 ____D C:\Program Files\Watchtower
2016-02-13 11:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-02-11 17:41 - 2009-07-14 05:33 - 00386896 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 17:38 - 2014-12-11 12:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 17:38 - 2014-05-06 22:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-11 17:38 - 2009-07-14 08:49 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 23:41 - 2013-08-15 09:15 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 23:34 - 2010-08-30 17:47 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-01 14:01 - 2011-01-10 22:36 - 00000000 ____D C:\Users\Conny\AppData\Roaming\SoftGrid Client

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2007-03-12 18:59 - 2007-03-12 18:59 - 0299008 _____ () C:\Program Files\navigram_register.exe
2013-03-16 09:27 - 2013-03-16 09:27 - 0000288 _____ () C:\Users\Conny\AppData\Roaming\.backup.dm
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\Bubble Noise
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\Bundle
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\CIOSupport
2014-09-30 11:46 - 2014-09-30 11:48 - 0000055 _____ () C:\Users\Conny\AppData\Roaming\My Profile.xml
2011-09-29 13:09 - 2011-10-04 14:29 - 0001188 _____ () C:\Users\Conny\AppData\Local\crc32list11.txt
2011-09-03 20:06 - 2015-11-08 15:39 - 0005120 _____ () C:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-03 11:37 - 2014-03-03 11:37 - 0001461 _____ () C:\Users\Conny\AppData\Local\recently-used.xbel
2011-03-17 17:55 - 2011-03-17 17:55 - 0000017 _____ () C:\Users\Conny\AppData\Local\resmon.resmoncfg
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Caches
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Calibrators
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Carbon
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Colors
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Command Line Utility
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Common
2011-01-11 22:23 - 2012-05-10 08:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-11-03 14:13 - 2014-10-06 19:06 - 36707080 _____ (Deutsche Telekom AG                                                                                                                                                                                                                                                                                        ) C:\ProgramData\Setup_OnlineManager.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Setup_OnlineManager.exe


Einige Dateien in TEMP:
====================
C:\Users\Conny\AppData\Local\Temp\63j22bqy.dll
C:\Users\Conny\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpodthhw.dll
C:\Users\Conny\AppData\Local\Temp\{485B3219-350D-4D43-B9B5-B5C3EF9AA775}-45.0.2454.85_44.0.2403.157_chrome_updater.exe
C:\Users\Conny\AppData\Local\Temp\{5BC58F71-DEAF-4250-BCBE-695EBC8C347D}-DropboxClient_3.12.5.exe
C:\Users\Conny\AppData\Local\Temp\{97B3D358-6576-46E3-9512-AFE48A643662}-DropboxClient_3.10.11.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-18 22:32

==================== Ende vom FRST.txt ============================Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
durchgeführt von Conny (2016-02-23 10:14:41)
Gestartet von C:\Users\Conny\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2011-01-10 21:04:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-185569535-4180466776-3876511590-500 - Administrator - Disabled)
Conny (S-1-5-21-185569535-4180466776-3876511590-1000 - Administrator - Enabled) => C:\Users\Conny
Gast (S-1-5-21-185569535-4180466776-3876511590-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-185569535-4180466776-3876511590-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
BERNINA ARTlink 7 (HKLM\...\{CA812D88-2139-4107-97B5-1B2D2A1DD04D}) (Version: 18.0.94.7011 - BERNINA)
BERNINA ARTlink 7 (Version: 18.0.94.7011 - Wilcom) Hidden
BERNINA Universal Communication Server (HKLM\...\{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}) (Version: 1.27.70 - BERNINA)
Blackboard Collaborate Launcher (HKLM\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon iP3600 series Benutzerregistrierung (HKLM\...\Canon iP3600 series Benutzerregistrierung) (Version:  - )
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version:  - )
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.5.0.7 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller51278dcd0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52b3284a0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52d266760) (Version: 1.0.0.0 - Conexant Systems)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815a - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dropbox (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
easyFly 3 Starter Edition (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}) (Version: 3.0.1.11 - IPACS)
e-Sword (HKLM\...\{8E436940-A944-4D67-A45B-1876E23BB9C0}) (Version: 9.08.0003 - Rick Meyers)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Lexware Info Service (HKLM\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
MAGIX Audio Cleaning Lab 16 deluxe (HKLM\...\mclab_16dlx) (Version: 16.0.0.0 - MAGIX AG)
MAGIX Audio Cleaning Lab 16 deluxe (Version: 16.0.0.0 - MAGIX AG) Hidden
MAGIX PC Check & Tuning 2010 5.0.22.687 (D) (HKLM\...\MAGIX PC Check & Tuning 2010 D) (Version: 5.0.22.687 - MAGIX AG)
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MEDION GoPal Assistant (HKLM\...\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}) (Version: 6.2.0.12196 - MEDION)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.5.1 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
my editor v5.00 (HKLM\...\{6B435248-5F4F-4CE9-A533-CB3D8D97A210}) (Version: 5.00.8505.2014 - Wings Systems Ltd.)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.2.1 - Nikon)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.3.0 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Profili 2 (HKLM\...\Profili 2) (Version:  - )
Quicken DELUXE 2014 (HKLM\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.32.00.0004 - Haufe-Lexware GmbH & Co.KG)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6136 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Schrankplaner (HKLM\...\{C92CE7AF-B104-4710-8F5C-9F833976D308}) (Version: 3.01.00 - schrankplaner.de)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sweet Home 3D version 3.1 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Uniblue RegistryBooster (HKLM\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version:  - Uniblue Systems Ltd)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Video Grabber (HKLM\...\Uninstaller51278dcb0) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52b328480) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52d266740) (Version: 1.0.0.0 - Conexant Systems)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.2.1 - Nikon)
VoipStunt (HKLM\...\VoipStunt_is1) (Version: 4.09 build 661 - Finarea S.A. Switzerland)
Watchtower Library 2011 - Deutsch (HKLM\...\{8BE514E8-4486-4730-8B68-FA15EEDC942E}) (Version: 13.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - Deutsch (HKLM\...\{CFDF0961-77C7-4392-96EE-624DFE81C3C2}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - hrvatsko izdanje (HKLM\...\{56067BE8-31E8-4796-9EA2-164CDB5ACCF7}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2013 - Deutsch (HKLM\...\{61118DEB-78F1-4158-97ED-78A457550FE7}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2015 - Deutsch (HKLM\...\{AEB12380-3E2F-4A9F-B8DF-1BD7682DE663}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Wilcom TrueSizer e3.0 (HKLM\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Wilcom TrueSizer e3.0 (Version: 17.0.185.7427 - Wilcom) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2015 (HKLM\...\{F8738EA4-CE8F-4D4B-8478-6ADB18B165F4}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wuala (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Conny\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0694FA8A-71C8-4F5D-AACA-0D7E0EC23467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1146A79F-834C-4E3E-AE60-25376A2F0C32} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {508DFAA9-A4C7-43C0-B9EB-1CF6D6BF0159} - System32\Tasks\{AB34AA99-BADE-4F56-8BE7-B62F817BA872} => pcalua.exe -a "C:\Program Files\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {5962BB5D-E22C-48DF-8BFF-A58FEDFD8EDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {72660B4F-A773-4C60-8F36-EA5EBFD568E1} - System32\Tasks\Start Registry Reviver => C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe
Task: {A56D78C3-8218-48CE-BCC6-F9BCD07BFEA9} - System32\Tasks\{D6C07A53-11F0-44F1-8FB2-A2B09B196048} => pcalua.exe -a C:\Users\Conny\Downloads\ADE_2.0_Installer.exe -d C:\Users\Conny\Downloads
Task: {BB1571C3-45D2-4BD6-AF06-4628247E13B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {C89EC6C7-F641-4831-AE2B-553A25EACD36} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {D00F2FB4-80F4-49C5-82E2-025ED397C0E7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {E5EE64D2-F42F-4C48-8D87-4AF66A1D44AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E9E1F514-54AB-4250-B4B6-4B5C81A5488B} - System32\Tasks\{1D3FF1F2-CC6B-4C77-A161-109C6F1A455A} => pcalua.exe -a C:\Users\Conny\AppData\Local\Temp\Temp1_profile_version_3206.zip\setup.exe
Task: {F92D8508-9933-4CF7-BB8F-6BECA4BE71AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software)
Task: {FC9A3894-3B7C-4BBF-B7D5-520290D33A13} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-20 20:00 - 2015-07-20 20:00 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-20 20:00 - 2015-07-20 20:00 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-22 21:59 - 2016-02-22 21:59 - 02835968 _____ () C:\Program Files\AVAST Software\Avast\defs\16022201\algo.dll
2014-01-12 11:01 - 2012-06-22 09:29 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2015-07-20 20:00 - 2015-07-20 20:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00381752 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020816 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 01682760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021840 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00038696 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021832 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-20 14:23 - 2016-02-16 19:39 - 00026456 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00117056 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00024392 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsync.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00023376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00052024 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021824 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019776 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020280 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00022352 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00084792 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-02-20 14:24 - 2016-02-16 19:39 - 01826096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\sip.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 03928880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 01971504 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00531248 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00132912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00223544 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00207672 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00158008 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00042808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-20 14:24 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-20 14:24 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00024904 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00546096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00357680 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-02-20 14:24 - 2016-01-12 19:52 - 00697304 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-02-11 19:08 - 2016-02-11 19:08 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\7dca33cfefb99e28847d01e4665f2214\IsdiInterop.ni.dll
2010-08-30 19:04 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-01-07 23:31 - 2016-02-22 23:45 - 00153032 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2016-01-07 23:31 - 2016-02-22 23:45 - 00022472 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-03-19 10:54 - 2015-10-13 02:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Conny\Desktop\FRST.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2014-03-07 16:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B5BB3F09-3F28-4037-ADDF-ED0D9521AD3F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7E1E0E25-5811-48BA-8112-A999DE7DA7F1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5D17EE8E-2B60-4228-90AE-0DF6430EF885}] => (Allow) svchost.exe
FirewallRules: [{811CA0F5-D2BB-4A4D-BE17-4014C5E8BC67}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{1D853E59-2575-4067-9F21-DE76C38A37B7}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{30E69FC8-3BEF-4B3C-B402-933778084EAA}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{9E4248B8-B08B-4A20-9DBE-8BBD3F09CECC}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{4687042B-D555-4A1A-8039-1AD75E458545}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{961DDA7A-4319-4911-9776-A89874CE5335}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [{34DA1426-B63B-474F-8DEF-EB5235221BDD}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [TCP Query User{6B778748-C7B6-4A46-81D2-56ADEA63F1A7}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{FED1122E-4925-4558-BB06-142DCA1E502E}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{2605EEA3-C05C-459A-87D1-842F42681013}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{38E3F568-5839-4423-B7F7-825F441E9A3F}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{C1A531C8-1DCD-4DFA-82BE-CE5888CD32FD}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{7172C1E6-B85E-41BD-96A0-91C9CFA8119A}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{CE46AC23-B67F-4108-B551-AFF5D9782AD8}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{F877EC4A-9159-4A64-ABC7-2C95CD583B21}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{E73F7B8C-8D61-423F-92F6-41B4EE6DEAD8}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{3C609447-8057-4BCF-B11B-5FCA7ECC5A3C}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{39DCAE11-5CF4-4AC2-94EA-3595A667BBF9}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{B5B309C3-7463-4C30-AD15-7700AD51E9E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{796C015A-E095-4D97-8615-A51836C2BB2E}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{E533F68C-9F2E-4D27-B503-8603931A946A}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{69A98C7C-2D08-429A-BDD8-F97B185625D2}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FD8D8E36-1BB4-4BBB-AFB4-89635DFB6CE7}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{130F31E3-FF6C-4582-9B49-4194BAEB4B39}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{635854E1-9AB3-49FD-AD53-26ABE6288B52}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [TCP Query User{4957885E-9DC6-48AF-A709-0FD7610930C7}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{0CBAC78E-6FDF-485D-99DA-654A55EF276E}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [{692BDFF9-D89E-4F8D-95AE-221810CAE02F}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{2C43FFDD-B6BD-41A4-8BD6-AA2AB5E8ACAD}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{1C9A6C83-81BF-4563-BDCD-CC9BB4160B55}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{350386DF-4A82-427C-9962-B7EB9BD6D34E}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{91395ADC-2BDE-4B46-8494-9EB27A9F6BD5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C6E35A0B-6B7A-4247-B0D4-51F114611254}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D91B19E8-D1DB-4CCC-9FD6-8BDAFD9CF437}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D8CD9CAA-3253-4250-AE28-A3473F8B19B6}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{01DFA9BD-033B-45E3-8995-A7F5E4645E4A}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{F3306F5C-2F22-4574-B627-437CC875CB06}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{9ED28E55-2CA2-4F42-8E9D-B7F789F2B6CD}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{1CEE4FDC-A750-422E-BF02-54313427F605}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{071C0213-F2D1-4E87-8E3A-164870268B8D}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{5BFFFE32-342A-4DBF-A20D-25DFB5BF308B}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{243400B4-CA6D-4A25-8CAA-42EDCB018C28}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{18E738B9-3F17-4BBA-9045-1E4375E39A6E}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{627658B7-DB21-4DE6-8548-530E847DBE8B}] => (Allow) C:\Users\Conny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{FA30B07B-7F14-4D50-92AF-EEFCA9D3D396}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FE75D3F4-E8D1-4CFB-933D-6209B76DFF6C}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{0A4EC1A1-3B46-45A0-9BF7-910C850A4A46}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [{A5BDF030-2E00-440F-8298-3EE9A52D72B3}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{0EA845AE-B769-468C-BC49-64CA7AF58BE5}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{C5E5ECF1-9DF5-4D24-8CD9-FB695F96D803}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{7134D83D-E8E8-4235-A798-2FE8D9DA33F4}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{7CB4C706-0C27-4B19-865D-815C72462270}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{E3B3F49D-318B-458B-9996-94602E7A3B4C}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{2CBE49FE-1280-4E63-84CD-6A6B240E6A94}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{8C617366-DC95-4B51-AC60-3619F4EE1DE5}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{8049D308-47AD-4656-B8E4-FF0389C5D98C}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{944C753C-8B4D-4193-8F20-0269D1175512}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{0E0A14D1-5FE6-4430-BCD0-DC3481E510DA}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{73FE0611-6B7C-44E0-A9F2-F78142FB7FC6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE19B7A7-4403-4BC4-8281-661A9265FB98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA0C48A7-A4EA-4EE4-9C93-1A05765AF979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8274CD7-8D0E-4CEB-A85D-7D2D260C6077}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{05DB99BC-CB68-457B-859C-9EC460476FA8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5E9E69BC-6EC8-4A84-BC79-6C6F7872BF2C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{EB4831F9-9BE1-44B9-AAEC-71C5B4077093}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B17B8E5F-4C83-4DD8-9665-A2B50F2029F2}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{200C6D82-A0ED-4E15-917B-F41277C0081E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8F33AE0D-E430-42CB-8C6B-71E0C3E0349F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DBDD8041-CAD2-4CBF-83FC-0D30AD8185AA}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{A32D8C8E-4BF5-4C68-8B07-959AE85FF082}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [{E4355044-8680-4492-A43A-904A15EEC2F5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{78AF9F1A-8246-4DC5-82AE-C4FC7F0EA340}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A6B220F1-D801-47D9-A621-2277B6B58787}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AF8BFD75-C3B3-4A57-A7EC-44C89A708810}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{67CF725E-AD3D-4CEE-9FA1-8BDD832B9CAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E6100A1A-0058-4987-8414-8D3338B3020D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

24-01-2016 13:49:19 Windows Update
24-01-2016 19:00:38 Windows-Sicherung
27-01-2016 17:23:12 Windows Update
31-01-2016 10:41:12 Windows Update
31-01-2016 19:00:32 Windows-Sicherung
03-02-2016 16:10:23 Windows Update
07-02-2016 12:18:38 Windows Update
07-02-2016 19:01:31 Windows-Sicherung
10-02-2016 23:26:36 Windows Update
14-02-2016 16:08:24 Windows Update
14-02-2016 19:00:25 Windows-Sicherung
17-02-2016 23:30:38 Windows Update
21-02-2016 13:34:06 Windows Update
21-02-2016 19:00:44 Windows-Sicherung
23-02-2016 00:21:22 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/23/2016 09:37:02 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/23/2016 09:27:01 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=104C}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (02/23/2016 09:27:01 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=104C}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (02/22/2016 11:40:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 15.0.4787.1000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1200

Startzeit: 01d16dc1b10ae95d

Endzeit: 70

Anwendungspfad: C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE

Berichts-ID: 349716f0-d9b5-11e5-9e73-6c626d8c240d

Error: (02/22/2016 06:05:06 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/22/2016 05:56:08 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=16B8}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (02/22/2016 05:56:08 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=16B8}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (02/21/2016 07:14:06 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"

Error: (02/21/2016 06:59:33 PM) (Source: UniversalCommunicationServer) (EventID: 0) (User: )
Description: Universal Communication Server Terminating: True
reason: System.UnhandledExceptionEventArgs
Stack: TraceEnvironment.XTrace+AssertionFailedException: unexpected message length 4
  at TraceEnvironment.XTrace.Assert(Boolean aCondition, String aFormat, Object[] aObjects)
  at UniversalCommunicationServer.ServerConnection.stateConnectedOnServerDataReceived(evServerDataReceived aEvent)
  at UniversalCommunicationServer.ServerConnection.stateConnected.onServerDataReceived(evServerDataReceived aEvent)
  at UniversalCommunicationServer.ServerConnection.Consume(Object aEvent)
  at MultiThreading.Reactive.MainLoop()
  at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
  at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
  at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
  at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
  at System.Threading.ThreadHelper.ThreadStart()

Error: (02/21/2016 11:06:47 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:


Systemfehler:
=============
Error: (02/23/2016 09:26:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/23/2016 09:26:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/22/2016 06:26:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.213.6863.0)

Error: (02/22/2016 06:25:43 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.213.6851.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.8.0204.00

        Quellpfad: 4.8.0204.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/22/2016 06:02:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (02/22/2016 06:00:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Mobile-basierte Geräteverbindungen" wurde nicht richtig gestartet.

Error: (02/22/2016 05:56:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053AvastVBoxSvc{F319F1B8-7587-4146-AF9C-0D6D77819BF1}

Error: (02/22/2016 05:56:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AvastVBox COM Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/22/2016 05:56:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AvastVBox COM Service erreicht.

Error: (02/22/2016 05:54:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 80%
Installierter physikalischer RAM: 2039.11 MB
Verfügbarer physikalischer RAM: 405.71 MB
Summe virtueller Speicher: 4078.23 MB
Verfügbarer virtueller Speicher: 1790.33 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:1079.3 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:0.01 GB) NTFS
Drive e: (WTLIB15X) (CDROM) (Total:0.85 GB) (Free:0 GB) UDF
Drive f: (EX FESTPL 4) (Fixed) (Total:931.47 GB) (Free:855.98 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== Ende vom Addition.txt ============================

burningice 23.02.2016 13:38
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Lilian-Rose 23.02.2016 17:33
Danke Rafael


Code:
17:21:27.0660 0x0614  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:21:48.0221 0x0614  ============================================================
17:21:48.0221 0x0614  Current date / time: 2016/02/23 17:21:48.0221
17:21:48.0221 0x0614  SystemInfo:
17:21:48.0221 0x0614 
17:21:48.0221 0x0614  OS Version: 6.1.7601 ServicePack: 1.0
17:21:48.0221 0x0614  Product type: Workstation
17:21:48.0221 0x0614  ComputerName: CONNY-PC
17:21:48.0221 0x0614  UserName: Conny
17:21:48.0221 0x0614  Windows directory: C:\Windows
17:21:48.0221 0x0614  System windows directory: C:\Windows
17:21:48.0221 0x0614  Processor architecture: Intel x86
17:21:48.0221 0x0614  Number of processors: 4
17:21:48.0221 0x0614  Page size: 0x1000
17:21:48.0221 0x0614  Boot type: Normal boot
17:21:48.0221 0x0614  ============================================================
17:21:50.0436 0x0614  KLMD registered as C:\Windows\system32\drivers\37900792.sys
17:21:52.0682 0x0614  System UUID: {E58E5BBB-DE1C-E8B6-3C56-B9E3E8361685}
17:21:54.0086 0x0614  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:21:54.0507 0x0614  Drive \Device\Harddisk4\DR6 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x1000, Cylinders: 0x3B60, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:21:54.0507 0x0614  ============================================================
17:21:54.0507 0x0614  \Device\Harddisk0\DR0:
17:21:54.0507 0x0614  MBR partitions:
17:21:54.0507 0x0614  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:21:54.0507 0x0614  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xA9854800
17:21:54.0507 0x0614  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA9887000, BlocksNum 0x5000000
17:21:54.0507 0x0614  \Device\Harddisk4\DR6:
17:21:54.0507 0x0614  MBR partitions:
17:21:54.0507 0x0614  \Device\Harddisk4\DR6\Partition1: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0xE8E0300
17:21:54.0507 0x0614  ============================================================
17:21:54.0648 0x0614  C: <-> \Device\Harddisk0\DR0\Partition2
17:21:54.0773 0x0614  D: <-> \Device\Harddisk0\DR0\Partition3
17:21:54.0773 0x0614  F: <-> \Device\Harddisk4\DR6\Partition1
17:21:55.0428 0x0614  ============================================================
17:21:55.0428 0x0614  Initialize success
17:21:55.0428 0x0614  ============================================================
17:24:13.0263 0x1104  ============================================================
17:24:13.0263 0x1104  Scan started
17:24:13.0263 0x1104  Mode: Manual; SigCheck; TDLFS;
17:24:13.0263 0x1104  ============================================================
17:24:13.0263 0x1104  KSN ping started
17:24:16.0196 0x1104  KSN ping finished: true
17:24:16.0710 0x1104  ================ Scan system memory ========================
17:24:16.0710 0x1104  System memory - ok
17:24:16.0710 0x1104  ================ Scan services =============================
17:24:16.0913 0x1104  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:24:17.0100 0x1104  1394ohci - ok
17:24:17.0147 0x1104  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:24:17.0163 0x1104  ACPI - ok
17:24:17.0210 0x1104  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
17:24:17.0288 0x1104  AcpiPmi - ok
17:24:17.0381 0x1104  [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:24:17.0412 0x1104  AdobeFlashPlayerUpdateSvc - ok
17:24:17.0506 0x1104  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
17:24:17.0537 0x1104  adp94xx - ok
17:24:17.0615 0x1104  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
17:24:17.0631 0x1104  adpahci - ok
17:24:17.0662 0x1104  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
17:24:17.0678 0x1104  adpu320 - ok
17:24:17.0709 0x1104  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
17:24:17.0818 0x1104  AeLookupSvc - ok
17:24:17.0865 0x1104  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD            C:\Windows\system32\drivers\afd.sys
17:24:18.0130 0x1104  AFD - ok
17:24:18.0146 0x1104  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
17:24:18.0161 0x1104  agp440 - ok
17:24:18.0192 0x1104  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx        C:\Windows\system32\DRIVERS\djsvs.sys
17:24:18.0208 0x1104  aic78xx - ok
17:24:18.0239 0x1104  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG            C:\Windows\System32\alg.exe
17:24:18.0317 0x1104  ALG - ok
17:24:18.0333 0x1104  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:24:18.0364 0x1104  aliide - ok
17:24:18.0411 0x1104  [ 90EC928E9542B166583D865F99F85BE8, F484697A6D0FE6E1DC7CAE3D21BEC8041D45111109E887FE6754817ADFCF6DDA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:24:18.0504 0x1104  AMD External Events Utility - ok
17:24:18.0520 0x1104  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:24:18.0536 0x1104  amdagp - ok
17:24:18.0551 0x1104  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:24:18.0567 0x1104  amdide - ok
17:24:18.0582 0x1104  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
17:24:18.0645 0x1104  AmdK8 - ok
17:24:19.0035 0x1104  [ D4EF00B622EBEBEF85AB53C51A509A14, AFDFF78D61D1495BD51197CF26EB34F77871DA0A13E9056DE3776C9364FBC9A9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:24:19.0472 0x1104  amdkmdag - ok
17:24:19.0518 0x1104  [ 0A536B713BF916E62A14D48B0C1739A3, 425184896AD276AD45822655ADEC9EC499A9574E5815426AD6231029B46DD194 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:24:19.0596 0x1104  amdkmdap - ok
17:24:19.0643 0x1104  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:24:19.0690 0x1104  AmdPPM - ok
17:24:19.0737 0x1104  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
17:24:19.0768 0x1104  amdsata - ok
17:24:19.0784 0x1104  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:24:19.0799 0x1104  amdsbs - ok
17:24:19.0815 0x1104  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
17:24:19.0815 0x1104  amdxata - ok
17:24:19.0862 0x1104  [ DB0FEB51DFA00543BF381D2014550FA3, 8A370F77BBC7120FBCF99D2AED04EB773A0C70E9A3C57E0C1CF55105D41AE6AC ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
17:24:19.0908 0x1104  androidusb - ok
17:24:19.0940 0x1104  [ FE4F2ADE5DBB3B888E9EB0A1FBA1F152, B17053A912C73835A2E80176D79885B530E15240B988125114B6B877C903D61C ] AppID          C:\Windows\system32\drivers\appid.sys
17:24:19.0986 0x1104  AppID - ok
17:24:20.0002 0x1104  [ A4DA304773AC1396792C5DE1D1EB601A, ECD23FF67FB1C4B94DBE23F6724E2DA0917CE0E479DE9C9F790A8635A2234950 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:24:20.0018 0x1104  AppIDSvc - ok
17:24:20.0049 0x1104  [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo        C:\Windows\System32\appinfo.dll
17:24:20.0127 0x1104  Appinfo - ok
17:24:20.0174 0x1104  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc            C:\Windows\system32\DRIVERS\arc.sys
17:24:20.0189 0x1104  arc - ok
17:24:20.0205 0x1104  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:24:20.0220 0x1104  arcsas - ok
17:24:20.0345 0x1104  [ 4170FD789CDDE8767972C7C87E6B3400, 36403DF991F451A2A539B7C9BBF1310768701F68AC5EFFA1E5EE0C07A427E5ED ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:24:20.0377 0x1104  aspnet_state - ok
17:24:20.0439 0x1104  [ CED1D37BD8E8AFDBB2DD03650C91A626, 81808C6A4862C59F2EA01BF4AC22FE4B45D5BE7C8B3770E4223CFA1859DF1833 ] aswHwid        C:\Windows\system32\drivers\aswHwid.sys
17:24:20.0470 0x1104  aswHwid - ok
17:24:20.0501 0x1104  [ 9663B8EE07EFFA105E6A326F3F748B0B, AA8611AD3F1E953A07ED8D0FC5CC3E5A4B7BF6DC47AEEF52C9010815BC9CB941 ] aswMonFlt      C:\Windows\system32\drivers\aswMonFlt.sys
17:24:20.0533 0x1104  aswMonFlt - ok
17:24:20.0579 0x1104  [ 47CD8DC2CF2F4CF7F8FF9A9987272652, CA5E050CDB085959C8F82CA2490971CBE30B21CAFFB77169F7CAE7F56EAF16C0 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
17:24:20.0611 0x1104  aswRdr - ok
17:24:20.0642 0x1104  [ 5DE9634CF67CB34085C84BB5E52C129C, D13D57FB9027FF49BE2E581C1CFEED1DBF0DC600D319E90881852F88D6DC4D1E ] aswRvrt        C:\Windows\system32\drivers\aswRvrt.sys
17:24:20.0642 0x1104  aswRvrt - ok
17:24:20.0689 0x1104  [ 684972B2649D271479C4ADED4CC811BD, C6C5338B5D0B703EA1C9C4181A4B2F33D98C0C6E7BE5458B2DEB67CF7AB7456E ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
17:24:20.0735 0x1104  aswSnx - ok
17:24:20.0798 0x1104  [ DC9DD5E30452B780E16E227F033DF9A4, 5D55322FFDD46662CE937066FBDE101BEA1FCFEFABEC0DC4C1984F07CDC583EB ] aswSP          C:\Windows\system32\drivers\aswSP.sys
17:24:20.0829 0x1104  aswSP - ok
17:24:20.0845 0x1104  [ 9096910AFC9AEA718FBB4EE2501CED7B, D684535E84B484602DB1BBC912567F86ABEA5D942DB444947CFDD216D15A0F73 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
17:24:20.0860 0x1104  aswStm - ok
17:24:20.0876 0x1104  [ 24AA84A4F7694FD5C69FE1344D33A0F4, DFE207336D36E82F833F7A84D7CC28ECF3BB5D52AB572C821F3CA3170D07B86F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
17:24:20.0891 0x1104  aswVmm - ok
17:24:20.0907 0x1104  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:24:21.0032 0x1104  AsyncMac - ok
17:24:21.0079 0x1104  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi          C:\Windows\system32\drivers\atapi.sys
17:24:21.0094 0x1104  atapi - ok
17:24:21.0125 0x1104  [ 636C40DAC5D13F4C354973017AA8ADC2, A32B0F39092765FCBC7D0135D8CD905C9FDB302B7A7474195108F8118833A842 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
17:24:21.0203 0x1104  AtiHDAudioService - ok
17:24:21.0235 0x1104  [ 8DF873D0587596C1D35A9CECECC61DA1, 41974FCA452CE48C5A6040BF99D1AC9A1C13FF38DF341443CCE2D2ABBC4C9453 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
17:24:21.0391 0x1104  AtiHdmiService - ok
17:24:21.0453 0x1104  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:24:21.0562 0x1104  AudioEndpointBuilder - ok
17:24:21.0578 0x1104  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:24:21.0609 0x1104  Audiosrv - ok
17:24:21.0718 0x1104  [ A97E144E84A665B22AE6E6A93E4DD465, 888D702B9B9E6C446AD7499571DAEAB072BEF141FF3300E74C6E538FA312BDCD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:24:21.0749 0x1104  avast! Antivirus - ok
17:24:21.0905 0x1104  [ A4C778C47836C9786C6A648C828DFF2B, 85E070A4C6B4D84EEE5600BA71C9A5E8C051A85033A34BBB5FB1BB56E601E93C ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
17:24:22.0061 0x1104  AvastVBoxSvc - ok
17:24:22.0077 0x1104  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:24:22.0171 0x1104  AxInstSV - ok
17:24:22.0202 0x1104  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbdx.sys
17:24:22.0264 0x1104  b06bdrv - ok
17:24:22.0280 0x1104  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
17:24:22.0311 0x1104  b57nd60x - ok
17:24:22.0358 0x1104  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
17:24:22.0451 0x1104  BDESVC - ok
17:24:22.0467 0x1104  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:24:22.0561 0x1104  Beep - ok
17:24:22.0623 0x1104  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE            C:\Windows\System32\bfe.dll
17:24:22.0732 0x1104  BFE - ok
17:24:22.0779 0x1104  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
17:24:22.0951 0x1104  BITS - ok
17:24:22.0966 0x1104  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:24:23.0013 0x1104  blbdrive - ok
17:24:23.0075 0x1104  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:24:23.0122 0x1104  Bonjour Service - ok
17:24:23.0138 0x1104  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:24:23.0200 0x1104  bowser - ok
17:24:23.0216 0x1104  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:24:23.0278 0x1104  BrFiltLo - ok
17:24:23.0294 0x1104  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:24:23.0309 0x1104  BrFiltUp - ok
17:24:23.0341 0x1104  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
17:24:23.0403 0x1104  BridgeMP - ok
17:24:23.0419 0x1104  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser        C:\Windows\System32\browser.dll
17:24:23.0497 0x1104  Browser - ok
17:24:23.0512 0x1104  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
17:24:23.0590 0x1104  Brserid - ok
17:24:23.0606 0x1104  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:24:23.0653 0x1104  BrSerWdm - ok
17:24:23.0668 0x1104  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:24:23.0684 0x1104  BrUsbMdm - ok
17:24:23.0699 0x1104  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:24:23.0715 0x1104  BrUsbSer - ok
17:24:23.0731 0x1104  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:24:23.0746 0x1104  BTHMODEM - ok
17:24:23.0777 0x1104  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv        C:\Windows\system32\bthserv.dll
17:24:23.0824 0x1104  bthserv - ok
17:24:23.0996 0x1104  [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
17:24:24.0058 0x1104  c2cautoupdatesvc - ok
17:24:24.0152 0x1104  [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc      C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
17:24:24.0230 0x1104  c2cpnrsvc - ok
17:24:24.0308 0x1104  catchme - ok
17:24:24.0355 0x1104  [ F6B032F03602321CBAD380A6EB883525, 0793ABED0CB32EBDF9BEE4A5A47F65CF76A9D1AD45920E7CFAD3764854450E8C ] cbfs3          C:\Windows\system32\drivers\cbfs3.sys
17:24:24.0573 0x1104  cbfs3 - ok
17:24:24.0604 0x1104  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:24:24.0651 0x1104  cdfs - ok
17:24:24.0713 0x1104  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
17:24:24.0791 0x1104  cdrom - ok
17:24:24.0823 0x1104  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc    C:\Windows\System32\certprop.dll
17:24:24.0854 0x1104  CertPropSvc - ok
17:24:24.0885 0x1104  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:24:24.0963 0x1104  circlass - ok
17:24:25.0010 0x1104  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
17:24:25.0025 0x1104  CLFS - ok
17:24:25.0259 0x1104  [ 7E96F1AAE7A96B1B601B1A1705E5FDD4, BAA7A32676C46A04DAABA4371D66C35740C6445582DF4D20BF10AC2AB2595F35 ] ClickToRunSvc  C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe
17:24:25.0322 0x1104  ClickToRunSvc - ok
17:24:25.0415 0x1104  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:24:25.0447 0x1104  clr_optimization_v2.0.50727_32 - ok
17:24:25.0525 0x1104  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:24:25.0603 0x1104  clr_optimization_v4.0.30319_32 - ok
17:24:25.0618 0x1104  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:24:25.0649 0x1104  CmBatt - ok
17:24:25.0681 0x1104  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:24:25.0696 0x1104  cmdide - ok
17:24:25.0743 0x1104  [ 780FFC005741C9316576086155E55F56, D863E5657F1468410BBDD657D5EA8A2FDDB70FED459CDE3178CB8FDB910058EC ] CNG            C:\Windows\system32\Drivers\cng.sys
17:24:25.0759 0x1104  CNG - ok
17:24:25.0774 0x1104  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:24:25.0790 0x1104  Compbatt - ok
17:24:25.0805 0x1104  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:24:25.0837 0x1104  CompositeBus - ok
17:24:25.0837 0x1104  COMSysApp - ok
17:24:25.0930 0x1104  cpuz132 - ok
17:24:25.0946 0x1104  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
17:24:25.0961 0x1104  crcdisk - ok
17:24:26.0039 0x1104  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:24:26.0086 0x1104  CryptSvc - ok
17:24:26.0195 0x1104  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:24:26.0273 0x1104  cvhsvc - ok
17:24:26.0320 0x1104  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:24:26.0367 0x1104  DcomLaunch - ok
17:24:26.0398 0x1104  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc      C:\Windows\System32\defragsvc.dll
17:24:26.0429 0x1104  defragsvc - ok
17:24:26.0461 0x1104  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:24:26.0523 0x1104  DfsC - ok
17:24:26.0570 0x1104  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:24:26.0632 0x1104  Dhcp - ok
17:24:26.0695 0x1104  [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack      C:\Windows\system32\diagtrack.dll
17:24:26.0788 0x1104  DiagTrack - ok
17:24:26.0788 0x1104  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
17:24:26.0851 0x1104  discache - ok
17:24:26.0897 0x1104  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:24:26.0929 0x1104  Disk - ok
17:24:26.0991 0x1104  [ F6010162368D9BEF934F1647F2430446, 72ADDD38427B8E8D801A5C982CCE2A3B2F4FD0E21D68EDDFC9B019F4F39A8CC0 ] DiskSec        C:\Windows\system32\drivers\DiskSec.sys
17:24:27.0007 0x1104  DiskSec - detected UnsignedFile.Multi.Generic ( 1 )
17:24:30.0017 0x1104  Detect skipped due to KSN trusted
17:24:30.0017 0x1104  DiskSec - ok
17:24:30.0033 0x1104  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:24:30.0095 0x1104  Dnscache - ok
17:24:30.0127 0x1104  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc        C:\Windows\System32\dot3svc.dll
17:24:30.0173 0x1104  dot3svc - ok
17:24:30.0205 0x1104  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS            C:\Windows\system32\dps.dll
17:24:30.0251 0x1104  DPS - ok
17:24:30.0298 0x1104  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
17:24:30.0454 0x1104  drmkaud - ok
17:24:30.0532 0x1104  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
17:24:30.0579 0x1104  DXGKrnl - ok
17:24:30.0626 0x1104  [ BC093CCA6939CF65BDDAA2FDE3E34CBE, D25FA7B3382C53969770883808B9BC45689F631DE1DDE535AB3A53AA45946F0B ] DxVGrb          C:\Windows\system32\drivers\DxVGrb.sys
17:24:30.0719 0x1104  DxVGrb - ok
17:24:30.0751 0x1104  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost        C:\Windows\System32\eapsvc.dll
17:24:30.0797 0x1104  EapHost - ok
17:24:30.0907 0x1104  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv          C:\Windows\system32\DRIVERS\evbdx.sys
17:24:31.0016 0x1104  ebdrv - ok
17:24:31.0063 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] EFS            C:\Windows\System32\lsass.exe
17:24:31.0125 0x1104  EFS - ok
17:24:31.0187 0x1104  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
17:24:31.0297 0x1104  ehRecvr - ok
17:24:31.0312 0x1104  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched        C:\Windows\ehome\ehsched.exe
17:24:31.0375 0x1104  ehSched - ok
17:24:31.0406 0x1104  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
17:24:31.0437 0x1104  elxstor - ok
17:24:31.0453 0x1104  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:24:31.0484 0x1104  ErrDev - ok
17:24:31.0499 0x1104  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem    C:\Windows\system32\es.dll
17:24:31.0546 0x1104  EventSystem - ok
17:24:31.0577 0x1104  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat          C:\Windows\system32\drivers\exfat.sys
17:24:31.0624 0x1104  exfat - ok
17:24:31.0640 0x1104  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
17:24:31.0687 0x1104  fastfat - ok
17:24:31.0718 0x1104  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax            C:\Windows\system32\fxssvc.exe
17:24:31.0780 0x1104  Fax - ok
17:24:31.0811 0x1104  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
17:24:31.0811 0x1104  fdc - ok
17:24:31.0827 0x1104  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost        C:\Windows\system32\fdPHost.dll
17:24:31.0874 0x1104  fdPHost - ok
17:24:31.0889 0x1104  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:24:31.0952 0x1104  FDResPub - ok
17:24:31.0967 0x1104  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:24:31.0983 0x1104  FileInfo - ok
17:24:31.0999 0x1104  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
17:24:32.0030 0x1104  Filetrace - ok
17:24:32.0061 0x1104  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:24:32.0092 0x1104  flpydisk - ok
17:24:32.0123 0x1104  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:24:32.0139 0x1104  FltMgr - ok
17:24:32.0217 0x06cc  Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
17:24:32.0233 0x1104  [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache      C:\Windows\system32\FntCache.dll
17:24:32.0357 0x1104  FontCache - ok
17:24:32.0420 0x1104  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:24:32.0451 0x1104  FontCache3.0.0.0 - ok
17:24:32.0498 0x1104  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
17:24:32.0529 0x1104  FsDepends - ok
17:24:32.0591 0x1104  [ CBE5F69A5E5B918225F420BA748F3742, 930C81195346239A7843CAE140896698675E8025BF32C3E71D2BDDA53FAB0264 ] FsUsbExDisk    C:\Windows\system32\FsUsbExDisk.SYS
17:24:32.0623 0x1104  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
17:24:35.0228 0x06cc  Object send P2P result: true
17:24:35.0618 0x1104  Detect skipped due to KSN trusted
17:24:35.0618 0x1104  FsUsbExDisk - ok
17:24:35.0665 0x1104  [ 96633419F4A1E37ACB89B45EBCCFE001, 53DC59D8EB89F380BC2DBB009EDFFD66552D68B8606187A75FEF64707267E4F9 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
17:24:35.0727 0x1104  FsUsbExService - ok
17:24:35.0743 0x1104  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:24:35.0758 0x1104  Fs_Rec - ok
17:24:35.0789 0x1104  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:24:35.0821 0x1104  fvevol - ok
17:24:35.0852 0x1104  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:24:35.0867 0x1104  gagp30kx - ok
17:24:35.0914 0x1104  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc          C:\Windows\System32\gpsvc.dll
17:24:35.0961 0x1104  gpsvc - ok
17:24:36.0008 0x1104  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate        C:\Program Files\Google\Update\GoogleUpdate.exe
17:24:36.0023 0x1104  gupdate - ok
17:24:36.0039 0x1104  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:24:36.0055 0x1104  gupdatem - ok
17:24:36.0101 0x1104  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc          C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:24:36.0320 0x1104  gusvc - ok
17:24:36.0320 0x1104  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:24:36.0398 0x1104  hcw85cir - ok
17:24:36.0445 0x1104  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:24:36.0491 0x1104  HdAudAddService - ok
17:24:36.0538 0x1104  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:24:36.0569 0x1104  HDAudBus - ok
17:24:36.0585 0x1104  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
17:24:36.0616 0x1104  HidBatt - ok
17:24:36.0647 0x1104  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:24:36.0710 0x1104  HidBth - ok
17:24:36.0725 0x1104  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
17:24:36.0741 0x1104  HidIr - ok
17:24:36.0757 0x1104  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv        C:\Windows\System32\hidserv.dll
17:24:36.0803 0x1104  hidserv - ok
17:24:36.0850 0x1104  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:24:36.0881 0x1104  HidUsb - ok
17:24:36.0897 0x1104  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:24:36.0944 0x1104  hkmsvc - ok
17:24:36.0975 0x1104  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:24:37.0037 0x1104  HomeGroupListener - ok
17:24:37.0069 0x1104  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:24:37.0115 0x1104  HomeGroupProvider - ok
17:24:37.0131 0x1104  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:24:37.0147 0x1104  HpSAMD - ok
17:24:37.0193 0x1104  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:24:37.0271 0x1104  HTTP - ok
17:24:37.0287 0x1104  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:24:37.0303 0x1104  hwpolicy - ok
17:24:37.0334 0x1104  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:24:37.0349 0x1104  i8042prt - ok
17:24:37.0412 0x1104  [ 26541A068572F650A2FA490726FE81BE, 9D6EF745731D45C4482274BE9C56300BBE8843D6C182F0E5C621AB121DBE371E ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
17:24:37.0443 0x1104  iaStor - ok
17:24:37.0490 0x1104  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:24:37.0537 0x1104  IAStorDataMgrSvc - ok
17:24:37.0583 0x1104  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
17:24:37.0615 0x1104  iaStorV - ok
17:24:37.0708 0x1104  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:24:37.0724 0x1104  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:24:40.0579 0x1104  Detect skipped due to KSN trusted
17:24:40.0579 0x1104  IDriverT - ok
17:24:40.0688 0x1104  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc          C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:24:40.0750 0x1104  idsvc - ok
17:24:40.0813 0x1104  IEEtwCollectorService - ok
17:24:40.0896 0x1104  [ 62DD2F604DD1571C4E32D480DB2AB99A, 730C0CAA7AC3E215A98D9BD129C5E1525058637657E29A727BEF1B6D71609D48 ] IGDCTRL        C:\Program Files\1&1\IGDCTRL.EXE
17:24:40.0927 0x1104  IGDCTRL - ok
17:24:40.0960 0x1104  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
17:24:40.0974 0x1104  iirsp - ok
17:24:41.0052 0x1104  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:24:41.0109 0x1104  IKEEXT - ok
17:24:41.0241 0x1104  [ 4BE85CF5831A41104C2DDED55FBC3565, D5052C717710579A31E030CFFCA59B3632591FDDD2CE237C68276AE58783BD6F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:24:41.0352 0x1104  IntcAzAudAddService - ok
17:24:41.0386 0x1104  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:24:41.0398 0x1104  intelide - ok
17:24:41.0418 0x1104  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:24:41.0441 0x1104  intelppm - ok
17:24:41.0460 0x1104  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
17:24:41.0501 0x1104  IPBusEnum - ok
17:24:41.0525 0x1104  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:24:41.0570 0x1104  IpFilterDriver - ok
17:24:41.0604 0x1104  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:24:41.0646 0x1104  iphlpsvc - ok
17:24:41.0667 0x1104  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
17:24:41.0697 0x1104  IPMIDRV - ok
17:24:41.0712 0x1104  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
17:24:41.0758 0x1104  IPNAT - ok
17:24:41.0798 0x1104  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:24:41.0832 0x1104  IRENUM - ok
17:24:41.0849 0x1104  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:24:41.0865 0x1104  isapnp - ok
17:24:41.0893 0x1104  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:24:41.0912 0x1104  iScsiPrt - ok
17:24:41.0936 0x1104  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:24:41.0950 0x1104  kbdclass - ok
17:24:41.0966 0x1104  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:24:41.0981 0x1104  kbdhid - ok
17:24:41.0996 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] KeyIso          C:\Windows\system32\lsass.exe
17:24:42.0019 0x1104  KeyIso - ok
17:24:42.0049 0x1104  [ 0C51E9B34F3521806C78325E511E93EF, 5FB73AADC60FE73023BC50B0DB75B68D74A1546F26A65979A6BFBF3963C6FB24 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:24:42.0067 0x1104  KSecDD - ok
17:24:42.0098 0x1104  [ CC5B7CF2D08FDDAF1112FE2785F33FAC, DC13591CBB72631C2008781FCF40881182DA87BA1A69F3A858DBD33E8D8FFC95 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
17:24:42.0112 0x1104  KSecPkg - ok
17:24:42.0149 0x1104  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm          C:\Windows\system32\msdtckrm.dll
17:24:42.0229 0x1104  KtmRm - ok
17:24:42.0286 0x1104  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:24:42.0343 0x1104  LanmanServer - ok
17:24:42.0369 0x1104  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:24:42.0418 0x1104  LanmanWorkstation - ok
17:24:42.0452 0x1104  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:24:42.0483 0x1104  lltdio - ok
17:24:42.0525 0x1104  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
17:24:42.0571 0x1104  lltdsvc - ok
17:24:42.0575 0x1104  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts        C:\Windows\System32\lmhsvc.dll
17:24:42.0606 0x1104  lmhosts - ok
17:24:42.0633 0x1104  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:24:42.0648 0x1104  LSI_FC - ok
17:24:42.0666 0x1104  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
17:24:42.0680 0x1104  LSI_SAS - ok
17:24:42.0700 0x1104  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:24:42.0713 0x1104  LSI_SAS2 - ok
17:24:42.0734 0x1104  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:24:42.0749 0x1104  LSI_SCSI - ok
17:24:42.0760 0x1104  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv          C:\Windows\system32\drivers\luafv.sys
17:24:42.0814 0x1104  luafv - ok
17:24:42.0965 0x1104  [ 5BC80451109A8DD7F2DDD35BCE2929A3, F97BAD2D43D1E199841BAE5707424B49B4451CD486F249646E898FC7CC7AB4C8 ] LVUVC          C:\Windows\system32\DRIVERS\lvuvc.sys
17:24:43.0122 0x1104  LVUVC - ok
17:24:43.0185 0x1104  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
17:24:43.0248 0x1104  Mcx2Svc - ok
17:24:43.0265 0x1104  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
17:24:43.0278 0x1104  megasas - ok
17:24:43.0314 0x1104  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:24:43.0333 0x1104  MegaSR - ok
17:24:43.0355 0x1104  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS          C:\Windows\system32\mmcss.dll
17:24:43.0406 0x1104  MMCSS - ok
17:24:43.0440 0x1104  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem          C:\Windows\system32\drivers\modem.sys
17:24:43.0483 0x1104  Modem - ok
17:24:43.0504 0x1104  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
17:24:43.0556 0x1104  monitor - ok
17:24:43.0591 0x1104  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:24:43.0603 0x1104  mouclass - ok
17:24:43.0621 0x1104  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:24:43.0674 0x1104  mouhid - ok
17:24:43.0752 0x1104  [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:24:43.0783 0x1104  mountmgr - ok
17:24:43.0859 0x1104  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:24:44.0066 0x1104  MozillaMaintenance - ok
17:24:44.0147 0x1104  [ F112DA773EC3E9D3CDE9221ED300E033, 693C416B281DA3489C096812D0E4E0413C05798D36AF534624C3B29551CE68A4 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
17:24:44.0182 0x1104  MpFilter - ok
17:24:44.0209 0x1104  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:24:44.0227 0x1104  mpio - ok
17:24:44.0354 0x1104  [ BB7BB66A8DAF16950F83AE7BF498AF8F, A96FC3BE055C52B98E7ECDF68D69081620F829B04B5496C73D87F271E40EA638 ] MpKslbf30177f  c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{695EAB3A-2621-4B86-9127-2B514CAEA609}\MpKslbf30177f.sys
17:24:44.0368 0x1104  MpKslbf30177f - ok
17:24:44.0373 0x1104  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:24:44.0427 0x1104  mpsdrv - ok
17:24:44.0477 0x1104  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:24:44.0520 0x1104  MpsSvc - ok
17:24:44.0551 0x1104  [ 6430A074F6E32176FBEF2DEB110AE952, 0161B3CBCF427F5F9C47EDBA7F6848D9D6EB58B7EF203881E0D288B5ABAEEB98 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:24:44.0598 0x1104  MRxDAV - ok
17:24:44.0618 0x1104  [ E900BD16B9EE8F09609D7FBE2027B376, CD71FD868B58EA717499E8D30C78E025DDBCBADA4A7174C4A2FA6E88331AE5E5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:24:44.0697 0x1104  mrxsmb - ok
17:24:44.0718 0x1104  [ 34F71B69DD2875AF07C4DDF19563C457, C679477EFCF2ED385B89F5BE8739D508A6147CE954419EC2F7F4ECA4A6543CAF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:24:44.0754 0x1104  mrxsmb10 - ok
17:24:44.0773 0x1104  [ 14063258261AA807DAADC9233422A5E5, 685E5E4374F59CA500242918D2D887798EECAE5E7C31F05ABACA10F86E788EAD ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:24:44.0811 0x1104  mrxsmb20 - ok
17:24:44.0861 0x1104  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:24:44.0877 0x1104  msahci - ok
17:24:44.0894 0x1104  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
17:24:44.0910 0x1104  msdsm - ok
17:24:44.0930 0x1104  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC          C:\Windows\System32\msdtc.exe
17:24:44.0954 0x1104  MSDTC - ok
17:24:44.0961 0x1104  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:24:45.0002 0x1104  Msfs - ok
17:24:45.0017 0x1104  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
17:24:45.0043 0x1104  mshidkmdf - ok
17:24:45.0071 0x1104  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:24:45.0084 0x1104  msisadrv - ok
17:24:45.0118 0x1104  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
17:24:45.0156 0x1104  MSiSCSI - ok
17:24:45.0159 0x1104  msiserver - ok
17:24:45.0180 0x1104  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
17:24:45.0216 0x1104  MSKSSRV - ok
17:24:45.0278 0x1104  [ CC09BB7FDEFC5763CCB3CF7DAE2D76CF, F8F00900EDBA2F64BF136DD0B6C83CAF07C72F24F3D49C78B7EA24757FDBC6D0 ] MsMpSvc        c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:24:45.0292 0x1104  MsMpSvc - ok
17:24:45.0314 0x1104  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:24:45.0344 0x1104  MSPCLOCK - ok
17:24:45.0349 0x1104  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
17:24:45.0385 0x1104  MSPQM - ok
17:24:45.0402 0x1104  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
17:24:45.0419 0x1104  MsRPC - ok
17:24:45.0436 0x1104  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:24:45.0450 0x1104  mssmbios - ok
17:24:45.0457 0x1104  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
17:24:45.0483 0x1104  MSTEE - ok
17:24:45.0522 0x1104  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:24:45.0536 0x1104  MTConfig - ok
17:24:45.0552 0x1104  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup            C:\Windows\system32\Drivers\mup.sys
17:24:45.0566 0x1104  Mup - ok
17:24:45.0592 0x1104  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
17:24:45.0679 0x1104  napagent - ok
17:24:45.0706 0x1104  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
17:24:45.0761 0x1104  NativeWifiP - ok
17:24:45.0814 0x1104  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:24:45.0882 0x1104  NDIS - ok
17:24:45.0927 0x1104  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
17:24:45.0968 0x1104  NdisCap - ok
17:24:45.0978 0x1104  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:24:46.0002 0x1104  NdisTapi - ok
17:24:46.0028 0x1104  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
17:24:46.0064 0x1104  Ndisuio - ok
17:24:46.0113 0x1104  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
17:24:46.0155 0x1104  NdisWan - ok
17:24:46.0160 0x1104  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
17:24:46.0215 0x1104  NDProxy - ok
17:24:46.0251 0x1104  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
17:24:46.0317 0x1104  NetBIOS - ok
17:24:46.0343 0x1104  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
17:24:46.0378 0x1104  NetBT - ok
17:24:46.0388 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] Netlogon        C:\Windows\system32\lsass.exe
17:24:46.0413 0x1104  Netlogon - ok
17:24:46.0444 0x1104  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
17:24:46.0497 0x1104  Netman - ok
17:24:46.0585 0x1104  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:46.0618 0x1104  NetMsmqActivator - ok
17:24:46.0655 0x1104  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:46.0678 0x1104  NetPipeActivator - ok
17:24:46.0709 0x1104  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
17:24:46.0760 0x1104  netprofm - ok
17:24:46.0785 0x1104  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:46.0803 0x1104  NetTcpActivator - ok
17:24:46.0809 0x1104  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:46.0825 0x1104  NetTcpPortSharing - ok
17:24:46.0860 0x1104  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
17:24:46.0873 0x1104  nfrd960 - ok
17:24:46.0943 0x1104  [ 11D101C6EDE012E018F37275CD3DAA3C, DD97E2032BB7B70B5C60B26B0DC57A28A7CC9B817E664963D3213E756B03A1DF ] ngvss          C:\Windows\system32\drivers\ngvss.sys
17:24:46.0970 0x1104  ngvss - ok
17:24:46.0995 0x1104  [ 780FF28BCD8470C5FDDEEF69982AA295, 1ED386E87E0AA733F23D554D2BF4EF4168DB9A419B7BA0BA8FBA20F118BE21DF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:24:47.0010 0x1104  NisDrv - ok
17:24:47.0049 0x1104  [ 3FF257F54649D4F19E39263C5D581CD1, 1F201EEE770A452AA30C6270AAA456A77F9F3A102F473E12C22D3B8809932C1B ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
17:24:47.0072 0x1104  NisSrv - ok
17:24:47.0106 0x1104  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:24:47.0152 0x1104  NlaSvc - ok
17:24:47.0182 0x1104  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:24:47.0214 0x1104  Npfs - ok
17:24:47.0226 0x1104  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi            C:\Windows\system32\nsisvc.dll
17:24:47.0270 0x1104  nsi - ok
17:24:47.0287 0x1104  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:24:47.0335 0x1104  nsiproxy - ok
17:24:47.0401 0x1104  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:24:47.0458 0x1104  Ntfs - ok
17:24:47.0496 0x1104  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
17:24:47.0524 0x1104  Null - ok
17:24:47.0552 0x1104  [ 03AD379554B50FA1802BE4EC2E291E92, DCF2B5DB1C8BDF2473E454F974EA6445C3EEC111252D859EC2EC3F6833390271 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
17:24:47.0697 0x1104  nusb3hub - ok
17:24:47.0732 0x1104  [ 06FE87C9D181AF5F04D192E604E10E6C, 27BBB521C68EAD123117DCD1DEA7436833EC0CFB62F6B6A5AC12E5A2996C7595 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:24:47.0780 0x1104  nusb3xhc - ok
17:24:47.0810 0x1104  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:24:47.0826 0x1104  nvraid - ok
17:24:47.0852 0x1104  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:24:47.0867 0x1104  nvstor - ok
17:24:47.0886 0x1104  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:24:47.0901 0x1104  nv_agp - ok
17:24:47.0925 0x1104  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:24:47.0963 0x1104  ohci1394 - ok
17:24:48.0019 0x1104  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose            C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:24:48.0051 0x1104  ose - ok
17:24:48.0223 0x1104  [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:24:48.0415 0x1104  osppsvc - ok
17:24:48.0448 0x1104  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:24:48.0528 0x1104  p2pimsvc - ok
17:24:48.0557 0x1104  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:24:48.0599 0x1104  p2psvc - ok
17:24:48.0636 0x1104  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport        C:\Windows\system32\DRIVERS\parport.sys
17:24:48.0662 0x1104  Parport - ok
17:24:48.0675 0x1104  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr        C:\Windows\system32\drivers\partmgr.sys
17:24:48.0691 0x1104  partmgr - ok
17:24:48.0698 0x1104  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
17:24:48.0729 0x1104  Parvdm - ok
17:24:48.0762 0x1104  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:24:48.0789 0x1104  PcaSvc - ok
17:24:48.0809 0x1104  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci            C:\Windows\system32\drivers\pci.sys
17:24:48.0824 0x1104  pci - ok
17:24:48.0836 0x1104  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:24:48.0849 0x1104  pciide - ok
17:24:48.0871 0x1104  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:24:48.0888 0x1104  pcmcia - ok
17:24:48.0907 0x1104  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw            C:\Windows\system32\drivers\pcw.sys
17:24:48.0921 0x1104  pcw - ok
17:24:48.0961 0x1104  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:24:49.0000 0x1104  PEAUTH - ok
17:24:49.0066 0x1104  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla            C:\Windows\system32\pla.dll
17:24:49.0181 0x1104  pla - ok
17:24:49.0210 0x1104  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:24:49.0274 0x1104  PlugPlay - ok
17:24:49.0300 0x1104  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
17:24:49.0317 0x1104  PNRPAutoReg - ok
17:24:49.0327 0x1104  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
17:24:49.0348 0x1104  PNRPsvc - ok
17:24:49.0378 0x1104  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
17:24:49.0425 0x1104  PolicyAgent - ok
17:24:49.0451 0x1104  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power          C:\Windows\system32\umpo.dll
17:24:49.0481 0x1104  Power - ok
17:24:49.0525 0x1104  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:24:49.0581 0x1104  PptpMiniport - ok
17:24:49.0607 0x1104  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor      C:\Windows\system32\DRIVERS\processr.sys
17:24:49.0639 0x1104  Processor - ok
17:24:49.0668 0x1104  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc        C:\Windows\system32\profsvc.dll
17:24:49.0752 0x1104  ProfSvc - ok
17:24:49.0772 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:24:49.0795 0x1104  ProtectedStorage - ok
17:24:49.0825 0x1104  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:24:49.0878 0x1104  Psched - ok
17:24:49.0905 0x1104  [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2      c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
17:24:49.0930 0x1104  PSI_SVC_2 - ok
17:24:49.0976 0x1104  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:24:50.0039 0x1104  ql2300 - ok
17:24:50.0077 0x1104  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:24:50.0091 0x1104  ql40xx - ok
17:24:50.0107 0x1104  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE          C:\Windows\system32\qwave.dll
17:24:50.0163 0x1104  QWAVE - ok
17:24:50.0179 0x1104  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:24:50.0195 0x1104  QWAVEdrv - ok
17:24:50.0247 0x1104  [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr        C:\Windows\WindowsMobile\rapimgr.dll
17:24:50.0274 0x1104  RapiMgr - ok
17:24:50.0282 0x1104  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:24:50.0310 0x1104  RasAcd - ok
17:24:50.0320 0x1104  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
17:24:50.0357 0x1104  RasAgileVpn - ok
17:24:50.0375 0x1104  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto        C:\Windows\System32\rasauto.dll
17:24:50.0407 0x1104  RasAuto - ok
17:24:50.0418 0x1104  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
17:24:50.0444 0x1104  Rasl2tp - ok
17:24:50.0484 0x1104  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
17:24:50.0535 0x1104  RasMan - ok
17:24:50.0559 0x1104  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:24:50.0597 0x1104  RasPppoe - ok
17:24:50.0611 0x1104  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
17:24:50.0638 0x1104  RasSstp - ok
17:24:50.0663 0x1104  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
17:24:50.0693 0x1104  rdbss - ok
17:24:50.0703 0x1104  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:24:50.0732 0x1104  rdpbus - ok
17:24:50.0764 0x1104  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:24:50.0808 0x1104  RDPCDD - ok
17:24:50.0870 0x1104  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:24:50.0910 0x1104  RDPENCDD - ok
17:24:50.0915 0x1104  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:24:50.0941 0x1104  RDPREFMP - ok
17:24:51.0031 0x1104  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:24:51.0148 0x1104  RdpVideoMiniport - ok
17:24:51.0208 0x1104  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
17:24:51.0245 0x1104  RDPWD - ok
17:24:51.0267 0x1104  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:24:51.0282 0x1104  rdyboost - ok
17:24:51.0303 0x1104  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:24:51.0345 0x1104  RemoteAccess - ok
17:24:51.0386 0x1104  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:24:51.0421 0x1104  RemoteRegistry - ok
17:24:51.0512 0x1104  [ 7728B6AEDC83BC0DEFD0A53371D4613B, B55EA9186442A9F94C1851E1F3C69FF8C7A4992818950AAB6831AC78ADE48214 ] RichVideo      C:\Program Files\CyberLink\Shared files\RichVideo.exe
17:24:51.0546 0x1104  RichVideo - ok
17:24:51.0583 0x1104  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:24:51.0691 0x1104  RpcEptMapper - ok
17:24:51.0723 0x1104  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
17:24:51.0757 0x1104  RpcLocator - ok
17:24:51.0785 0x1104  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs          C:\Windows\system32\rpcss.dll
17:24:51.0822 0x1104  RpcSs - ok
17:24:51.0836 0x1104  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:24:51.0864 0x1104  rspndr - ok
17:24:51.0885 0x1104  [ 0516998076AD894AE7E362C3110AA071, 1C5B6A55418FE0D324AE2BD9AB9E5AAAB17F398608029E0EEAA0C0AE90040FDA ] RTL8167        C:\Windows\system32\DRIVERS\Rt86win7.sys
17:24:51.0901 0x1104  RTL8167 - ok
17:24:51.0952 0x1104  [ 9CE8DEFFAFFCCBF473015D76AE8EE514, D2EC909865653C4CF56C379D60E10A607E28D69B00BF0EFE6181580C00EF5124 ] RTL8192su      C:\Windows\system32\DRIVERS\RTL8192su.sys
17:24:51.0978 0x1104  RTL8192su - ok
17:24:51.0992 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] SamSs          C:\Windows\system32\lsass.exe
17:24:52.0013 0x1104  SamSs - ok
17:24:52.0045 0x1104  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:24:52.0058 0x1104  sbp2port - ok
17:24:52.0085 0x1104  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:24:52.0130 0x1104  SCardSvr - ok
17:24:52.0151 0x1104  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:24:52.0193 0x1104  scfilter - ok
17:24:52.0240 0x1104  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
17:24:52.0314 0x1104  Schedule - ok
17:24:52.0342 0x1104  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc    C:\Windows\System32\certprop.dll
17:24:52.0374 0x1104  SCPolicySvc - ok
17:24:52.0400 0x1104  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:24:52.0472 0x1104  SDRSVC - ok
17:24:52.0540 0x1104  [ 4A5809A1D796E2675AC0332BF7B0CB11, 7EEEC85A397F04A9460DC37A070D115E19114D9A3E5D9D7E8021F60A7986C8C1 ] SeaPort        C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:24:52.0578 0x1104  SeaPort - ok
17:24:52.0601 0x1104  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:24:52.0630 0x1104  secdrv - ok
17:24:52.0635 0x1104  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
17:24:52.0680 0x1104  seclogon - ok
17:24:52.0708 0x1104  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
17:24:52.0757 0x1104  SENS - ok
17:24:52.0769 0x1104  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:24:52.0806 0x1104  SensrSvc - ok
17:24:52.0832 0x1104  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
17:24:52.0862 0x1104  Serenum - ok
17:24:52.0881 0x1104  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:24:52.0899 0x1104  Serial - ok
17:24:52.0929 0x1104  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:24:52.0956 0x1104  sermouse - ok
17:24:52.0991 0x1104  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:24:53.0027 0x1104  SessionEnv - ok
17:24:53.0048 0x1104  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
17:24:53.0118 0x1104  sffdisk - ok
17:24:53.0135 0x1104  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:24:53.0159 0x1104  sffp_mmc - ok
17:24:53.0175 0x1104  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
17:24:53.0191 0x1104  sffp_sd - ok
17:24:53.0204 0x1104  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
17:24:53.0236 0x1104  sfloppy - ok
17:24:53.0293 0x1104  [ EC5C79BD81F0C55DF53F4818D4F1C2C8, B9650F484CF918781CA3B02278F19E73FA3B619133F75C0C42FEB788A183E0CB ] Sftfs          C:\Windows\system32\DRIVERS\Sftfslh.sys
17:24:53.0324 0x1104  Sftfs - ok
17:24:53.0400 0x1104  [ 1AEBDC693C74EA55FE05D51FA6573EBC, 92E3A6C8D3B5193BD2831DD47C4C58419F72ABC2C21C71A9A690CCFC2D05CBB0 ] sftlist        C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
17:24:53.0468 0x1104  sftlist - ok
17:24:53.0541 0x1104  [ A224670FB892A205E4D99E06C0B85C7C, 3E2E401FF5E0E9EE4C2BE9F5C3144086F5AB015789C36D7263BBAB59FEEB74C7 ] Sftplay        C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:24:53.0572 0x1104  Sftplay - ok
17:24:53.0589 0x1104  [ 9D354D425FB55CDF0EDC7F67FBC5B04E, C3B68F8B5F34B73EF6588DCBB67BE7CB3E59918E7A58D90A83E3D8EBB6ECA291 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:24:53.0603 0x1104  Sftredir - ok
17:24:53.0610 0x1104  [ F369D6B89AA610174A4E90C8513B7C7A, 2AEFA10F57C0ED0466611957DED5425363608E88414DD7DCF74E182117B12F5A ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
17:24:53.0624 0x1104  Sftvol - ok
17:24:53.0657 0x1104  [ 19D34534176E62F35DDB7DC7B7FF2A87, DBBB9155B62482E4782E5302193586514880734BD3617FDCB51798EB404758D6 ] sftvsa          C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
17:24:53.0680 0x1104  sftvsa - ok
17:24:53.0716 0x1104  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:24:53.0774 0x1104  SharedAccess - ok
17:24:53.0811 0x1104  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:24:53.0884 0x1104  ShellHWDetection - ok
17:24:53.0901 0x1104  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:24:53.0914 0x1104  sisagp - ok
17:24:53.0939 0x1104  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:24:53.0952 0x1104  SiSRaid2 - ok
17:24:53.0973 0x1104  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:24:53.0988 0x1104  SiSRaid4 - ok
17:24:54.0065 0x1104  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate    C:\Program Files\Skype\Updater\Updater.exe
17:24:54.0095 0x1104  SkypeUpdate - ok
17:24:54.0121 0x1104  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
17:24:54.0175 0x1104  Smb - ok
17:24:54.0202 0x1104  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:24:54.0236 0x1104  SNMPTRAP - ok
17:24:54.0257 0x1104  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr          C:\Windows\system32\drivers\spldr.sys
17:24:54.0274 0x1104  spldr - ok
17:24:54.0314 0x1104  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler        C:\Windows\System32\spoolsv.exe
17:24:54.0378 0x1104  Spooler - ok
17:24:54.0486 0x1104  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
17:24:54.0657 0x1104  sppsvc - ok
17:24:54.0687 0x1104  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify    C:\Windows\system32\sppuinotify.dll
17:24:54.0733 0x1104  sppuinotify - ok
17:24:54.0770 0x1104  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv            C:\Windows\system32\DRIVERS\srv.sys
17:24:54.0808 0x1104  srv - ok
17:24:54.0835 0x1104  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:24:54.0876 0x1104  srv2 - ok
17:24:54.0901 0x1104  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:24:54.0938 0x1104  srvnet - ok
17:24:54.0957 0x1104  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
17:24:55.0009 0x1104  SSDPSRV - ok
17:24:55.0030 0x1104  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc        C:\Windows\system32\sstpsvc.dll
17:24:55.0061 0x1104  SstpSvc - ok
17:24:55.0107 0x1104  [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus        C:\Windows\system32\DRIVERS\ss_bbus.sys
17:24:55.0133 0x1104  ss_bbus - ok
17:24:55.0154 0x1104  [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl        C:\Windows\system32\DRIVERS\ss_bmdfl.sys
17:24:55.0169 0x1104  ss_bmdfl - ok
17:24:55.0185 0x1104  [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm        C:\Windows\system32\DRIVERS\ss_bmdm.sys
17:24:55.0198 0x1104  ss_bmdm - ok
17:24:55.0207 0x1104  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:24:55.0220 0x1104  stexstor - ok
17:24:55.0262 0x1104  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
17:24:55.0294 0x1104  StiSvc - ok
17:24:55.0314 0x1104  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:24:55.0327 0x1104  swenum - ok
17:24:55.0348 0x1104  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv          C:\Windows\System32\swprv.dll
17:24:55.0400 0x1104  swprv - ok
17:24:55.0462 0x1104  [ 9B2BDD7A8629A9C5A55CD5635DDF136F, 893B19E1A870DCF1EC45544CE901392E724968BB692881ED99A97FCCDFDB13DA ] SydexFDD        C:\Windows\system32\Drivers\sydexfdd.sys
17:24:55.0593 0x1104  SydexFDD - detected UnsignedFile.Multi.Generic ( 1 )
17:24:58.0670 0x1104  SydexFDD ( UnsignedFile.Multi.Generic ) - warning
17:25:01.0555 0x1104  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain        C:\Windows\system32\sysmain.dll
17:25:01.0671 0x1104  SysMain - ok
17:25:01.0682 0x1104  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:25:01.0721 0x1104  TabletInputService - ok
17:25:01.0765 0x1104  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv        C:\Windows\System32\tapisrv.dll
17:25:01.0861 0x1104  TapiSrv - ok
17:25:01.0888 0x1104  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS            C:\Windows\System32\tbssvc.dll
17:25:01.0926 0x1104  TBS - ok
17:25:01.0978 0x1104  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
17:25:02.0036 0x1104  Tcpip - ok
17:25:02.0075 0x1104  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:25:02.0117 0x1104  TCPIP6 - ok
17:25:02.0151 0x1104  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:25:02.0178 0x1104  tcpipreg - ok
17:25:02.0211 0x1104  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:25:02.0259 0x1104  TDPIPE - ok
17:25:02.0274 0x1104  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
17:25:02.0309 0x1104  TDTCP - ok
17:25:02.0354 0x1104  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
17:25:02.0486 0x1104  tdx - ok
17:25:02.0520 0x1104  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:25:02.0548 0x1104  TermDD - ok
17:25:02.0637 0x1104  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService    C:\Windows\System32\termsrv.dll
17:25:02.0764 0x1104  TermService - ok
17:25:02.0778 0x1104  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
17:25:02.0813 0x1104  Themes - ok
17:25:02.0832 0x1104  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER    C:\Windows\system32\mmcss.dll
17:25:02.0867 0x1104  THREADORDER - ok
17:25:02.0903 0x1104  tmcomm - ok
17:25:02.0930 0x1104  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
17:25:02.0966 0x1104  TrkWks - ok
17:25:02.0996 0x1104  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:25:03.0032 0x1104  TrustedInstaller - ok
17:25:03.0069 0x1104  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:25:03.0085 0x1104  tssecsrv - ok
17:25:03.0120 0x1104  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:25:03.0152 0x1104  TsUsbFlt - ok
17:25:03.0181 0x1104  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:25:03.0230 0x1104  tunnel - ok
17:25:03.0246 0x1104  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:25:03.0261 0x1104  uagp35 - ok
17:25:03.0285 0x1104  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:25:03.0336 0x1104  udfs - ok
17:25:03.0356 0x1104  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect      C:\Windows\system32\UI0Detect.exe
17:25:03.0374 0x1104  UI0Detect - ok
17:25:03.0407 0x1104  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:25:03.0421 0x1104  uliagpkx - ok
17:25:03.0446 0x1104  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
17:25:03.0475 0x1104  umbus - ok
17:25:03.0504 0x1104  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:25:03.0531 0x1104  UmPass - ok
17:25:03.0636 0x1104  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:25:03.0681 0x1104  UMVPFSrv - ok
17:25:03.0797 0x1104  [ BAABAF4D2D42B3AB853B1FB5A089AA8C, 6C44C5E8235000BE5B972F66EF59E5EB675CB2285AF384A090BC9DD619F05E42 ] UniversalCommunicationServer C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe
17:25:03.0825 0x1104  UniversalCommunicationServer - ok
17:25:03.0841 0x1104  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
17:25:03.0880 0x1104  upnphost - ok
17:25:03.0920 0x1104  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:25:03.0969 0x1104  usbaudio - ok
17:25:04.0004 0x1104  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
17:25:04.0037 0x1104  usbccgp - ok
17:25:04.0047 0x1104  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:25:04.0063 0x1104  usbcir - ok
17:25:04.0087 0x1104  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci        C:\Windows\system32\drivers\usbehci.sys
17:25:04.0102 0x1104  usbehci - ok
17:25:04.0126 0x1104  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:25:04.0150 0x1104  usbhub - ok
17:25:04.0181 0x1104  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
17:25:04.0205 0x1104  usbohci - ok
17:25:04.0223 0x1104  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:25:04.0244 0x1104  usbprint - ok
17:25:04.0286 0x1104  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan        C:\Windows\system32\drivers\usbscan.sys
17:25:04.0343 0x1104  usbscan - ok
17:25:04.0393 0x1104  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:25:04.0445 0x1104  USBSTOR - ok
17:25:04.0464 0x1104  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
17:25:04.0496 0x1104  usbuhci - ok
17:25:04.0535 0x1104  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:25:04.0563 0x1104  usbvideo - ok
17:25:04.0585 0x1104  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms          C:\Windows\System32\uxsms.dll
17:25:04.0634 0x1104  UxSms - ok
17:25:04.0664 0x1104  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] VaultSvc        C:\Windows\system32\lsass.exe
17:25:04.0690 0x1104  VaultSvc - ok
17:25:04.0790 0x1104  [ 53D2D97E86482E0BF46462D9DCFEEC9D, 12328968129F3DEC989F4BEDE603DB0D574540B68CBF8537E070165600ABDBBA ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
17:25:04.0822 0x1104  VBoxAswDrv - ok
17:25:04.0853 0x1104  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:25:04.0869 0x1104  vdrvroot - ok
17:25:04.0903 0x1104  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds            C:\Windows\System32\vds.exe
17:25:04.0946 0x1104  vds - ok
17:25:04.0958 0x1104  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
17:25:04.0996 0x1104  vga - ok
17:25:05.0012 0x1104  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave        C:\Windows\System32\drivers\vga.sys
17:25:05.0042 0x1104  VgaSave - ok
17:25:05.0067 0x1104  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
17:25:05.0085 0x1104  vhdmp - ok
17:25:05.0100 0x1104  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:25:05.0113 0x1104  viaagp - ok
17:25:05.0124 0x1104  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7          C:\Windows\system32\DRIVERS\viac7.sys
17:25:05.0153 0x1104  ViaC7 - ok
17:25:05.0180 0x1104  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:25:05.0193 0x1104  viaide - ok
17:25:05.0213 0x1104  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:25:05.0227 0x1104  volmgr - ok
17:25:05.0247 0x1104  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
17:25:05.0267 0x1104  volmgrx - ok
17:25:05.0282 0x1104  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
17:25:05.0300 0x1104  volsnap - ok
17:25:05.0327 0x1104  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
17:25:05.0342 0x1104  vsmraid - ok
17:25:05.0382 0x1104  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS            C:\Windows\system32\vssvc.exe
17:25:05.0463 0x1104  VSS - ok
17:25:05.0501 0x1104  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:25:05.0544 0x1104  vwifibus - ok
17:25:05.0608 0x1104  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:25:05.0648 0x1104  vwififlt - ok
17:25:05.0657 0x1104  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
17:25:05.0679 0x1104  vwifimp - ok
17:25:05.0705 0x1104  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time        C:\Windows\system32\w32time.dll
17:25:05.0766 0x1104  W32Time - ok
17:25:05.0788 0x1104  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:25:05.0803 0x1104  WacomPen - ok
17:25:05.0827 0x1104  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:25:05.0862 0x1104  WANARP - ok
17:25:05.0866 0x1104  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:25:05.0893 0x1104  Wanarpv6 - ok
17:25:06.0019 0x1104  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
17:25:06.0092 0x1104  WatAdminSvc - ok
17:25:06.0139 0x1104  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
17:25:06.0225 0x1104  wbengine - ok
17:25:06.0250 0x1104  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:25:06.0275 0x1104  WbioSrvc - ok
17:25:06.0307 0x1104  [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
17:25:06.0327 0x1104  WcesComm - ok
17:25:06.0361 0x1104  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc        C:\Windows\System32\wcncsvc.dll
17:25:06.0401 0x1104  wcncsvc - ok
17:25:06.0415 0x1104  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:25:06.0504 0x1104  WcsPlugInService - ok
17:25:06.0512 0x1104  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:25:06.0533 0x1104  Wd - ok
17:25:06.0571 0x1104  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:25:06.0597 0x1104  Wdf01000 - ok
17:25:06.0655 0x1104  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:25:06.0694 0x1104  WdiServiceHost - ok
17:25:06.0698 0x1104  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost  C:\Windows\system32\wdi.dll
17:25:06.0714 0x1104  WdiSystemHost - ok
17:25:06.0750 0x1104  [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient      C:\Windows\System32\webclnt.dll
17:25:06.0786 0x1104  WebClient - ok
17:25:06.0794 0x1104  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:25:06.0827 0x1104  Wecsvc - ok
17:25:06.0842 0x1104  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
17:25:06.0884 0x1104  wercplsupport - ok
17:25:06.0921 0x1104  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
17:25:07.0017 0x1104  WerSvc - ok
17:25:07.0062 0x1104  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:25:07.0106 0x1104  WfpLwf - ok
17:25:07.0117 0x1104  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:25:07.0131 0x1104  WIMMount - ok
17:25:07.0215 0x1104  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend      C:\Program Files\Windows Defender\mpsvc.dll
17:25:07.0289 0x1104  WinDefend - ok
17:25:07.0314 0x1104  WinHttpAutoProxySvc - ok
17:25:07.0369 0x1104  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
17:25:07.0417 0x1104  Winmgmt - ok
17:25:07.0518 0x1104  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM          C:\Windows\system32\WsmSvc.dll
17:25:07.0618 0x1104  WinRM - ok
17:25:07.0667 0x1104  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.SYS
17:25:07.0708 0x1104  WinUsb - ok
17:25:07.0750 0x1104  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc        C:\Windows\System32\wlansvc.dll
17:25:07.0809 0x1104  Wlansvc - ok
17:25:07.0826 0x1104  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
17:25:07.0841 0x1104  WmiAcpi - ok
17:25:07.0861 0x1104  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:25:07.0892 0x1104  wmiApSrv - ok
17:25:07.0970 0x1104  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc  C:\Program Files\Windows Media Player\wmpnetwk.exe
17:25:08.0051 0x1104  WMPNetworkSvc - ok
17:25:08.0080 0x1104  wntpport - ok
17:25:08.0098 0x1104  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:25:08.0163 0x1104  WPCSvc - ok
17:25:08.0203 0x1104  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:25:08.0238 0x1104  WPDBusEnum - ok
17:25:08.0247 0x1104  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
17:25:08.0296 0x1104  ws2ifsl - ok
17:25:08.0313 0x1104  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
17:25:08.0348 0x1104  wscsvc - ok
17:25:08.0352 0x1104  WSearch - ok
17:25:08.0438 0x1104  [ 67AFFF96F5C6B072CE986D91212527C0, 8E7FACC7AB3405A28374F3140C0BA7089DFA21D855B2F4629DF4593832197041 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:25:08.0557 0x1104  wuauserv - ok
17:25:08.0576 0x1104  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:25:08.0643 0x1104  WudfPf - ok
17:25:08.0674 0x1104  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:25:08.0713 0x1104  WUDFRd - ok
17:25:08.0746 0x1104  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
17:25:08.0797 0x1104  wudfsvc - ok
17:25:08.0842 0x1104  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc        C:\Windows\System32\wwansvc.dll
17:25:08.0928 0x1104  WwanSvc - ok
17:25:08.0975 0x1104  [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B, 2F667F6170F120F038122A6567C59836D5EC0FC966244DECDF974E0D25509C72 ] XUIF            C:\Windows\system32\Drivers\x10ufx2.sys
17:25:09.0039 0x1104  XUIF - ok
17:25:09.0068 0x1104  ================ Scan global ===============================
17:25:09.0108 0x1104  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
17:25:09.0148 0x1104  [ C2E10DD5F72368909C516B24A02CFF12, 6D3E6ED8C6F8617A671737F913E41A292BEE1FD268458BA479B2213B33365D6C ] C:\Windows\system32\winsrv.dll
17:25:09.0179 0x1104  [ C2E10DD5F72368909C516B24A02CFF12, 6D3E6ED8C6F8617A671737F913E41A292BEE1FD268458BA479B2213B33365D6C ] C:\Windows\system32\winsrv.dll
17:25:09.0218 0x1104  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:25:09.0265 0x1104  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
17:25:09.0297 0x1104  [ Global ] - ok
17:25:09.0298 0x1104  ================ Scan MBR ==================================
17:25:09.0319 0x1104  [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
17:25:11.0206 0x1104  \Device\Harddisk0\DR0 - ok
17:25:11.0413 0x1104  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR6
17:25:13.0230 0x1104  \Device\Harddisk4\DR6 - ok
17:25:13.0230 0x1104  ================ Scan VBR ==================================
17:25:13.0240 0x1104  [ 8D3C2716141466C553F42AD25923E377 ] \Device\Harddisk0\DR0\Partition1
17:25:13.0298 0x1104  \Device\Harddisk0\DR0\Partition1 - ok
17:25:13.0302 0x1104  [ 6906C902F0E51AF117D14BDF3646A777 ] \Device\Harddisk0\DR0\Partition2
17:25:13.0368 0x1104  \Device\Harddisk0\DR0\Partition2 - ok
17:25:13.0372 0x1104  [ 4A6508FACEA94B9FCABE01BDC850863E ] \Device\Harddisk0\DR0\Partition3
17:25:13.0374 0x1104  \Device\Harddisk0\DR0\Partition3 - ok
17:25:13.0379 0x1104  [ DA3B5C7CC88B55177C4E51CEE8C0DA86 ] \Device\Harddisk4\DR6\Partition1
17:25:13.0381 0x1104  \Device\Harddisk4\DR6\Partition1 - ok
17:25:13.0382 0x1104  ================ Scan generic autorun ======================
17:25:13.0465 0x1104  [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
17:25:13.0970 0x1104  Adobe Reader Speed Launcher - ok
17:25:14.0060 0x1104  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:25:14.0110 0x1104  Adobe ARM - ok
17:25:14.0178 0x1104  [ 50B4BD30A102B5E7BFAEB87629C94466, A6AA1097A77F5AA84111F98C84E51B7219B893308E16D909D8915AB46C6E71EE ] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
17:25:14.0208 0x1104  LexwareInfoService - ok
17:25:14.0408 0x1104  [ 12DDF400E9E4441C0A9C144861D1EE01, 8B6702F149E044EC0CDA1291EE7AE64B9954E93E68F15DF8A925E396435254FF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:25:14.0599 0x1104  AvastUI.exe - ok
17:25:14.0696 0x1104  [ BBCCA29684E7C80B7AE4F5680EDF6FA8, 1101DCCB6CD0C45308F4A23DC4EEF6C6A7EE89C3A0A9FA74F5D2AFBACE6DCC98 ] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
17:25:14.0728 0x1104  DivXMediaServer - ok
17:25:14.0806 0x1104  [ 16AFB34618E1286FF856DC600AC49C79, 431EC110507685A0F4472EAE35383B4C1E3DC0B56E01CDECFB18F753181DC995 ] C:\Program Files\DivX\DivX Update\DivXUpdate.exe
17:25:14.0867 0x1104  DivXUpdate - ok
17:25:15.0003 0x1104  [ 629A67F63BEED0FB31D5EA2FDB545E8A, 99E4F7D1C1D8AA34DAA3B9121A86C82B0568B5E2D6FAF13BC811B4A3B0F3CF31 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe
17:25:15.0043 0x1104  StartCCC - ok
17:25:15.0141 0x1104  [ 20DE1CDD37A5D3D4177B8D9FEF907D81, F6CE80984852595A677C92B8C555F9B0D398BAE36768E0D6FC7F8C7211D962D2 ] c:\Program Files\Microsoft Security Client\msseces.exe
17:25:15.0202 0x1104  MSC - ok
17:25:15.0267 0x1104  [ 504AAB0AF82973329CAEF8FFC595C05D, C5E619624870E9866B9D6B03683E4A700B92CA4254DE03F562E8A64F7F100A58 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
17:25:15.0305 0x1104  SunJavaUpdateSched - ok
17:25:15.0346 0x1104  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
17:25:15.0572 0x1104  swg - ok
17:25:15.0664 0x1104  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
17:25:15.0689 0x1104  Dropbox Update - ok
17:25:15.0690 0x1104  Waiting for KSN requests completion. In queue: 11
17:25:16.0690 0x1104  Waiting for KSN requests completion. In queue: 11
17:25:17.0690 0x1104  Waiting for KSN requests completion. In queue: 11
17:25:18.0633 0x1254  Object required for P2P: [ 12DDF400E9E4441C0A9C144861D1EE01 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:25:18.0690 0x1104  Waiting for KSN requests completion. In queue: 8
17:25:19.0690 0x1104  Waiting for KSN requests completion. In queue: 8
17:25:20.0690 0x1104  Waiting for KSN requests completion. In queue: 8
17:25:21.0486 0x1254  Object send P2P result: true
17:25:21.0736 0x1104  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
17:25:21.0763 0x1104  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x41000 ( enabled : updated )
17:25:21.0813 0x1104  Win FW state via NFP2: enabled ( trusted )
17:25:24.0569 0x1104  ============================================================
17:25:24.0569 0x1104  Scan finished
17:25:24.0569 0x1104  ============================================================
17:25:24.0584 0x116c  Detected object count: 1
17:25:24.0584 0x116c  Actual detected object count: 1
17:28:27.0998 0x116c  SydexFDD ( UnsignedFile.Multi.Generic ) - skipped by user
17:28:27.0998 0x116c  SydexFDD ( UnsignedFile.Multi.Generic ) - User select action: Skip

burningice 23.02.2016 18:13
Schritt 1
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von AdwCleaner
  • Logfile von Malwarebytes
  • Frst.txt
  • Addition.txt

Lilian-Rose 23.02.2016 23:52
Hallo Rafael,

ich bin Deinen Anweisungen gefolgt und habe Malwarebytes installiert und laufen lassen.
Es wurden 40 Bedrohungen gefunden, die Option "Auswahl entfernen" steht nicht zur Verfügung. Soll ich auf Löschen klicken?

Ich danke Dir!

Gruß Lilian

Danke Rafael,

Schritt 1 und 2, poste ich Dir nun, FRST läßt sich momentan nicht starten, mein PC läuft sehr langsam und spinnt total
Code:
# AdwCleaner v5.036 - Bericht erstellt am 23/02/2016 um 23:12:13
# Aktualisiert am 22/02/2016 von Xplode
# Datenbank : 2016-02-22.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Conny - CONNY-PC
# Gestartet von : C:\Users\Conny\Desktop\AdwCleaner_5.036.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\B7E8588600015AD1000AA4B1B4EB23C1
[-] Ordner Gelöscht : C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[-] Ordner Gelöscht : C:\Users\Conny\AppData\Roaming\Yahoo!\Companion

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Conny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[-] Datei Gelöscht : C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\avira-safesearch.xml
[-] Datei Gelöscht : C:\Windows\system32\ComputerUpdaterLM.ocx
[-] Datei Gelöscht : C:\Windows\system32\CUUpdateComponent.ocx

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-] Schlüssel Gelöscht : HKCU\Software\APN
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\APN
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\W3I
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskToolbar
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\IM
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\ImInstaller
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF

***** [ Internetbrowser ] *****

[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("avira.safe_search.search_was_active", "false");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.APN_TB.first-previous-keyword-url", "");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 23534281);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.Visibility", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"147aa8ef1dd27a-02501569dbfe9b8-7f6f1635-0-147aa8ef1de2d6\"");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_expires_at", "1417463476");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"d9a19b88a03ae58da8155f6560233994b8b999e3\"");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_userid", "4227604842");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_utoken", "\"41e3be185ef56ab36bc1370e5b51421866ddbd9d\"");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.install", "1407315800547");
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.snap.do_
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : feed.snap.do
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.snap.do
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f96bdea8-0d1c-43b5-bfc4-62d7f6d6a2b0&searchtype=ds&q={searchTerms}&installDate=01/01/1970
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : bopakagnckmlgajfccecajhnimjiiedh

*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [11829 Bytes] - [23/02/2016 23:12:13]
C:\AdwCleaner\AdwCleaner[R0].txt - [45589 Bytes] - [08/03/2014 14:19:09]
C:\AdwCleaner\AdwCleaner[R1].txt - [1491 Bytes] - [12/03/2014 23:11:37]
C:\AdwCleaner\AdwCleaner[R2].txt - [1174 Bytes] - [12/03/2014 23:19:24]
C:\AdwCleaner\AdwCleaner[R3].txt - [1607 Bytes] - [14/03/2014 11:30:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [43275 Bytes] - [08/03/2014 14:28:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [13458 Bytes] - [12/03/2014 23:16:13]
C:\AdwCleaner\AdwCleaner[S2].txt - [1236 Bytes] - [12/03/2014 23:21:11]
C:\AdwCleaner\AdwCleaner[S3].txt - [1668 Bytes] - [14/03/2014 11:34:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12490 Bytes] ##########
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 23.02.2016
Suchlaufzeit: 21:48
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.02.23.05
Rootkit-Datenbank: v2016.02.17.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Conny

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 357193
Abgelaufene Zeit: 25 Min., 33 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 6
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BackgroundContainer Startup Task, Löschen bei Neustart, [f22f4321fc9d56e024efbc4a39ca916f],
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Scheduled Update for Ask Toolbar, Löschen bei Neustart, [120fda8a6d2c4fe7fac4342d7292ac54],
PUP.Optional.RegistryReviver, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Start Registry Reviver, Löschen bei Neustart, [8d943b295d3c9a9cc7af29dd699b24dc],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, In Quarantäne, [22ff89db7f1ace681854f61014efaf51],
PUP.Optional.SweetIM, HKU\S-1-5-18\SOFTWARE\SweetIM, In Quarantäne, [c45d94d08e0b2d09f98a70a017ed8d73],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\AskPartnerNetwork, In Quarantäne, [70b1194bcdcc0630c9a337cf2fd4a65a],

Registrierungswerte: 8
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D8CD9CAA-3253-4250-AE28-A3473F8B19B6}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, In Quarantäne, [cf52481cdebbdc5a1a1b2c3b25dffa06]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{01DFA9BD-033B-45E3-8995-A7F5E4645E4A}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, In Quarantäne, [a879a3c19bfe290dd95cff6853b1bb45]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F3306F5C-2F22-4574-B627-437CC875CB06}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Windows\System32\ARFC\wrtc.exe|Name=wrtc|, In Quarantäne, [33ee42229affaf87fe36085f6a9ab947]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{9ED28E55-2CA2-4F42-8E9D-B7F789F2B6CD}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Windows\System32\ARFC\wrtc.exe|Name=wrtc|, In Quarantäne, [c061095bbedb54e2f1432c3b32d27888]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1CEE4FDC-A750-422E-BF02-54313427F605}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, In Quarantäne, [170a362e45540c2a38fd4027db2960a0]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{071C0213-F2D1-4E87-8E3A-164870268B8D}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, In Quarantäne, [6ab7b1b3a7f2ba7cfc39e97ee024df21]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5BFFFE32-342A-4DBF-A20D-25DFB5BF308B}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\System32\ARFC\wrtc.exe|Name=wrtc|, In Quarantäne, [b869b8ac7821b18594a05e09709454ac]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{243400B4-CA6D-4A25-8CAA-42EDCB018C28}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\System32\ARFC\wrtc.exe|Name=wrtc|, In Quarantäne, [37eae77da4f543f3de56283f93718e72]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 13
PUP.Optional.SweetIM, C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}, In Quarantäne, [f829065efb9e6bcb0c70b45cb351ab55],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [ba67055f9504a39339e58a3fb34f9b65],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Response, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12],
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12],
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar\Updater, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12],
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork, In Quarantäne, [5ac702621f7a39fd5cc56069679ba45c],

Dateien: 13
PUP.Optional.RegistryReviver, C:\Windows\System32\Tasks\Start Registry Reviver, In Quarantäne, [c16013514455b87e2e46f80e57ad04fc],
PUP.Optional.SweetIM, C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx, In Quarantäne, [f829065efb9e6bcb0c70b45cb351ab55],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.10.1.0-3.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.10.2.0-3.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.10.3.0-4.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.12.0.0-4.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.9.3.0-3.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Response\Response.31.12.0.0-1.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Response\Response.31.12.0.0-2.xml, In Quarantäne, [2bf6d98b6831ee48d946d8f105fd27d9],
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12],
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12],
PUP.Optional.APNToolBar.Gen, C:\Users\Conny\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, In Quarantäne, [fc251450bbde082eb56bf0d922e0ee12],
PUP.Optional.ASK.Gen, C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\ask-search.xml, In Quarantäne, [71b0ec7835645bdba8a5110e9a6b44bc],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Lilian-Rose 24.02.2016 21:31
Hallo Rafael,

FRST lief jetzt durch, ich poste Dir die Ergebnisse... danke, dass Du mir hilfst.
Seit gestern abend kommt immer wenn ich ein Programm öffne, oder eine Internetseite aufrufe, auf der rechten Seite am Bildschirm ein roter Kreis mit Trackerangaben, wo kommt das jetzt auf einmal her?

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
durchgeführt von Conny (Administrator) auf CONNY-PC (24-02-2016 10:32:05)
Gestartet von C:\Users\Conny\Desktop
Geladene Profile: Conny (Verfügbare Profile: Conny)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow32.exe
(Dropbox, Inc.) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\Temp\92D2593C-0D45-4920-AE8A-5982CB54F954\DismHost.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officec2rclient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\ndp46-kb3122661-x86.exe
(Microsoft Corporation) C:\d219d7df2473c9cc7fb057\Setup.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-01-10] (Google Inc.)
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [Dropbox Update] => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {3B713BCF-458F-4A2A-BAD2-9784208C169D} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-09]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-09]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=00033BB0&OHP=about%3Ablank&OSP=https%3A%2F%2Fde.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-02-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-09] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default
FF DefaultSearchUrl:
FF Homepage: hxxp://www.jw.org/de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\computer-bild-suche.xml [2015-09-28]
FF Extension: CookieCuller - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2015-05-29]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-10-16] [ist nicht signiert]
FF Extension: Avira Browser Safety - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\abs@avira.com [2015-01-15] [ist nicht signiert]
FF Extension: ghostery - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\firefox@ghostery.com.xpi [2016-02-23]
FF Extension: Hilfe Assistent - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\{} [2014-11-03] [ist nicht signiert]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-15] <==== ACHTUNG

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Google-Suche) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-16]
CHR Extension: (Skype Click to Call) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Google Mail) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1904368 2016-01-20] (Microsoft Corporation)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S4 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2012-06-22] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S2 UniversalCommunicationServer; C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe [90496 2013-05-02] (BERNINA International AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
R0 DiskSec; C:\Windows\system32\Drivers\DiskSec.sys [14208 2008-04-04] (MAGIX) [Datei ist nicht signiert]
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-20] (AVAST Software)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 SydexFDD; C:\Windows\system32\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows (R) 2000 DDK provider) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-20] (Avast Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Conny\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Conny\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S2 tmcomm; system32\DRIVERS\tmcomm.sys [X]
S2 wntpport; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-24 10:26 - 2016-02-24 10:31 - 00000000 ____D C:\501ab612fcddf2a2cb
2016-02-23 23:31 - 2016-02-23 23:32 - 00000000 ____D C:\Users\Conny\Desktop\Rafael
2016-02-23 23:03 - 2016-02-23 23:03 - 01511936 _____ C:\Users\Conny\Desktop\AdwCleaner_5.036.exe
2016-02-23 22:59 - 2016-02-23 22:59 - 00008564 _____ C:\Protokoll Malwarebytes.txt
2016-02-23 21:45 - 2016-02-23 21:45 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-23 21:40 - 2016-02-23 21:41 - 22908888 _____ (Malwarebytes ) C:\Users\Conny\Desktop\mbam-setup-2.2.0.1024.exe
2016-02-23 17:21 - 2016-02-23 17:39 - 00216604 _____ C:\TDSSKiller.3.1.0.9_23.02.2016_17.21.27_log.txt
2016-02-23 17:19 - 2016-02-23 17:19 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Conny\Desktop\tdsskiller.exe
2016-02-23 13:57 - 2016-02-23 17:20 - 00215200 _____ C:\TDSSKiller.3.1.0.9_23.02.2016_13.57.11_log.txt
2016-02-23 10:14 - 2016-02-23 10:20 - 00057306 _____ C:\Users\Conny\Desktop\Addition.txt
2016-02-23 10:13 - 2016-02-24 10:33 - 00028191 _____ C:\Users\Conny\Desktop\FRST.txt
2016-02-23 10:08 - 2016-02-23 10:09 - 00000000 ____D C:\Users\Conny\Desktop\JW
2016-02-23 10:00 - 2016-02-23 10:00 - 01722368 _____ (Farbar) C:\Users\Conny\Desktop\FRST.exe
2016-02-22 23:43 - 2016-02-22 23:43 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-02-22 23:39 - 2016-02-22 23:39 - 00000162 ____H C:\Users\Conny\Desktop\~$Dok8.odt
2016-02-20 14:24 - 2016-02-20 14:24 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-14 16:02 - 2016-02-14 16:02 - 00001298 _____ C:\Users\Public\Desktop\Watchtower Library 2015 - Deutsch.lnk
2016-02-14 16:02 - 2016-02-14 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2015
2016-02-12 20:01 - 2016-02-13 10:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-10 11:36 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 11:36 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 11:36 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 11:36 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 11:36 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 11:36 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 11:36 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:36 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 11:36 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 11:35 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 11:35 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:35 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 11:35 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 11:34 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 11:34 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 11:34 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 11:34 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 11:34 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 11:34 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:34 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 11:34 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 11:34 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 11:34 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:34 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 11:33 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 11:33 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 11:33 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 11:33 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:33 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 11:33 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:33 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 11:33 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:33 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 11:33 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:33 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 11:33 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 11:33 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 11:33 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 11:33 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 11:33 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 11:33 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:33 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 11:33 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 11:31 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:31 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-04 16:35 - 2016-02-04 16:35 - 00025888 _____ C:\Users\Conny\Kolloidales Silber.odt
2016-01-30 00:40 - 2016-01-30 00:40 - 00038883 _____ C:\Users\Conny\Documents\Dok8.odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-24 10:32 - 2014-03-05 09:11 - 00000000 ____D C:\FRST
2016-02-24 10:32 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-24 10:32 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-24 10:31 - 2015-01-15 12:04 - 00001912 _____ C:\Windows\epplauncher.mif
2016-02-24 10:30 - 2015-01-15 12:03 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-24 10:29 - 2015-01-15 12:02 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-24 10:20 - 2013-03-10 10:53 - 00000000 ___RD C:\Users\Conny\Dropbox
2016-02-24 10:20 - 2013-03-10 10:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Dropbox
2016-02-24 10:18 - 2012-05-31 22:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-24 10:16 - 2011-01-10 22:01 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-24 10:15 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-23 23:37 - 2014-03-08 14:19 - 00000000 ____D C:\AdwCleaner
2016-02-23 23:31 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-23 23:12 - 2011-07-24 16:03 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Yahoo!
2016-02-23 22:49 - 2014-06-29 09:37 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-23 22:48 - 2015-06-12 19:37 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job
2016-02-23 22:42 - 2011-01-10 22:01 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-23 22:37 - 2014-06-29 09:37 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-23 22:37 - 2009-07-14 08:48 - 00000000 ____D C:\Windows\ShellNew
2016-02-23 21:45 - 2014-06-29 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-23 10:11 - 2015-09-16 20:20 - 00000000 ____D C:\Users\Conny\Desktop\Gute Vorträge
2016-02-23 10:10 - 2015-03-12 19:13 - 00000000 ____D C:\Users\Conny\Desktop\Handarbeit Stickdateien
2016-02-23 10:07 - 2011-01-10 22:04 - 00000000 ____D C:\Users\Conny
2016-02-23 09:54 - 2014-01-21 09:22 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 09:51 - 2014-01-21 09:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-23 09:25 - 2016-01-07 23:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-02-23 09:25 - 2012-10-17 16:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-23 00:26 - 2010-08-28 01:49 - 01595580 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-23 00:26 - 2010-05-12 14:13 - 00699884 _____ C:\Windows\system32\perfh007.dat
2016-02-23 00:26 - 2010-05-12 14:13 - 00149766 _____ C:\Windows\system32\perfc007.dat
2016-02-23 00:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-22 23:48 - 2015-06-12 19:37 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job
2016-02-22 23:43 - 2011-09-22 18:54 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-20 15:24 - 2012-09-17 16:48 - 00002154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-14 16:07 - 2011-01-11 14:21 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Watchtower
2016-02-14 16:02 - 2011-08-18 21:03 - 00000000 ____D C:\Program Files\Watchtower
2016-02-13 11:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-02-11 17:41 - 2009-07-14 05:33 - 00386896 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 17:38 - 2014-12-11 12:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 17:38 - 2014-05-06 22:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-11 17:38 - 2009-07-14 08:49 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 23:41 - 2013-08-15 09:15 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 23:34 - 2010-08-30 17:47 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-01 14:01 - 2011-01-10 22:36 - 00000000 ____D C:\Users\Conny\AppData\Roaming\SoftGrid Client

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2007-03-12 18:59 - 2007-03-12 18:59 - 0299008 _____ () C:\Program Files\navigram_register.exe
2013-03-16 09:27 - 2013-03-16 09:27 - 0000288 _____ () C:\Users\Conny\AppData\Roaming\.backup.dm
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\Bubble Noise
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\Bundle
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\Users\Conny\AppData\Roaming\CIOSupport
2014-09-30 11:46 - 2014-09-30 11:48 - 0000055 _____ () C:\Users\Conny\AppData\Roaming\My Profile.xml
2011-09-29 13:09 - 2011-10-04 14:29 - 0001188 _____ () C:\Users\Conny\AppData\Local\crc32list11.txt
2011-09-03 20:06 - 2015-11-08 15:39 - 0005120 _____ () C:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-03 11:37 - 2014-03-03 11:37 - 0001461 _____ () C:\Users\Conny\AppData\Local\recently-used.xbel
2011-03-17 17:55 - 2011-03-17 17:55 - 0000017 _____ () C:\Users\Conny\AppData\Local\resmon.resmoncfg
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Caches
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Calibrators
2011-10-11 10:00 - 2011-10-11 10:00 - 0000268 ___RH () C:\ProgramData\Carbon
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Colors
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Command Line Utility
2011-10-11 10:00 - 2011-10-11 10:00 - 0000012 ___RH () C:\ProgramData\Common
2011-01-11 22:23 - 2012-05-10 08:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-11-03 14:13 - 2014-10-06 19:06 - 36707080 _____ (Deutsche Telekom AG                                                                                                                                                                                                                                                                                        ) C:\ProgramData\Setup_OnlineManager.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Setup_OnlineManager.exe


Einige Dateien in TEMP:
====================
C:\Users\Conny\AppData\Local\Temp\63j22bqy.dll
C:\Users\Conny\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpodthhw.dll
C:\Users\Conny\AppData\Local\Temp\sqlite3.dll
C:\Users\Conny\AppData\Local\Temp\{485B3219-350D-4D43-B9B5-B5C3EF9AA775}-45.0.2454.85_44.0.2403.157_chrome_updater.exe
C:\Users\Conny\AppData\Local\Temp\{5BC58F71-DEAF-4250-BCBE-695EBC8C347D}-DropboxClient_3.12.5.exe
C:\Users\Conny\AppData\Local\Temp\{97B3D358-6576-46E3-9512-AFE48A643662}-DropboxClient_3.10.11.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-18 22:32

==================== Ende vom FRST.txt ============================Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
durchgeführt von Conny (2016-02-24 10:34:56)
Gestartet von C:\Users\Conny\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2011-01-10 21:04:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-185569535-4180466776-3876511590-500 - Administrator - Disabled)
Conny (S-1-5-21-185569535-4180466776-3876511590-1000 - Administrator - Enabled) => C:\Users\Conny
Gast (S-1-5-21-185569535-4180466776-3876511590-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-185569535-4180466776-3876511590-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
BERNINA ARTlink 7 (HKLM\...\{CA812D88-2139-4107-97B5-1B2D2A1DD04D}) (Version: 18.0.94.7011 - BERNINA)
BERNINA ARTlink 7 (Version: 18.0.94.7011 - Wilcom) Hidden
BERNINA Universal Communication Server (HKLM\...\{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}) (Version: 1.27.70 - BERNINA)
Blackboard Collaborate Launcher (HKLM\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon iP3600 series Benutzerregistrierung (HKLM\...\Canon iP3600 series Benutzerregistrierung) (Version:  - )
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version:  - )
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.5.0.7 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller51278dcd0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52b3284a0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52d266760) (Version: 1.0.0.0 - Conexant Systems)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815a - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dropbox (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
easyFly 3 Starter Edition (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}) (Version: 3.0.1.11 - IPACS)
e-Sword (HKLM\...\{8E436940-A944-4D67-A45B-1876E23BB9C0}) (Version: 9.08.0003 - Rick Meyers)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Lexware Info Service (HKLM\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
MAGIX Audio Cleaning Lab 16 deluxe (HKLM\...\mclab_16dlx) (Version: 16.0.0.0 - MAGIX AG)
MAGIX Audio Cleaning Lab 16 deluxe (Version: 16.0.0.0 - MAGIX AG) Hidden
MAGIX PC Check & Tuning 2010 5.0.22.687 (D) (HKLM\...\MAGIX PC Check & Tuning 2010 D) (Version: 5.0.22.687 - MAGIX AG)
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MEDION GoPal Assistant (HKLM\...\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}) (Version: 6.2.0.12196 - MEDION)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.5.1 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
my editor v5.00 (HKLM\...\{6B435248-5F4F-4CE9-A533-CB3D8D97A210}) (Version: 5.00.8505.2014 - Wings Systems Ltd.)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.2.1 - Nikon)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.3.0 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Profili 2 (HKLM\...\Profili 2) (Version:  - )
Quicken DELUXE 2014 (HKLM\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.32.00.0004 - Haufe-Lexware GmbH & Co.KG)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6136 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Schrankplaner (HKLM\...\{C92CE7AF-B104-4710-8F5C-9F833976D308}) (Version: 3.01.00 - schrankplaner.de)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sweet Home 3D version 3.1 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Video Grabber (HKLM\...\Uninstaller51278dcb0) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52b328480) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52d266740) (Version: 1.0.0.0 - Conexant Systems)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.2.1 - Nikon)
VoipStunt (HKLM\...\VoipStunt_is1) (Version: 4.09 build 661 - Finarea S.A. Switzerland)
Watchtower Library 2011 - Deutsch (HKLM\...\{8BE514E8-4486-4730-8B68-FA15EEDC942E}) (Version: 13.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - Deutsch (HKLM\...\{CFDF0961-77C7-4392-96EE-624DFE81C3C2}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - hrvatsko izdanje (HKLM\...\{56067BE8-31E8-4796-9EA2-164CDB5ACCF7}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2013 - Deutsch (HKLM\...\{61118DEB-78F1-4158-97ED-78A457550FE7}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2015 - Deutsch (HKLM\...\{AEB12380-3E2F-4A9F-B8DF-1BD7682DE663}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Wilcom TrueSizer e3.0 (HKLM\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Wilcom TrueSizer e3.0 (Version: 17.0.185.7427 - Wilcom) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2015 (HKLM\...\{F8738EA4-CE8F-4D4B-8478-6ADB18B165F4}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wuala (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Conny\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0694FA8A-71C8-4F5D-AACA-0D7E0EC23467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1146A79F-834C-4E3E-AE60-25376A2F0C32} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {508DFAA9-A4C7-43C0-B9EB-1CF6D6BF0159} - System32\Tasks\{AB34AA99-BADE-4F56-8BE7-B62F817BA872} => pcalua.exe -a "C:\Program Files\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {5962BB5D-E22C-48DF-8BFF-A58FEDFD8EDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {72660B4F-A773-4C60-8F36-EA5EBFD568E1} - \Start Registry Reviver -> Keine Datei <==== ACHTUNG
Task: {A56D78C3-8218-48CE-BCC6-F9BCD07BFEA9} - System32\Tasks\{D6C07A53-11F0-44F1-8FB2-A2B09B196048} => pcalua.exe -a C:\Users\Conny\Downloads\ADE_2.0_Installer.exe -d C:\Users\Conny\Downloads
Task: {BB1571C3-45D2-4BD6-AF06-4628247E13B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {C89EC6C7-F641-4831-AE2B-553A25EACD36} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {D00F2FB4-80F4-49C5-82E2-025ED397C0E7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {E5EE64D2-F42F-4C48-8D87-4AF66A1D44AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E9E1F514-54AB-4250-B4B6-4B5C81A5488B} - System32\Tasks\{1D3FF1F2-CC6B-4C77-A161-109C6F1A455A} => pcalua.exe -a C:\Users\Conny\AppData\Local\Temp\Temp1_profile_version_3206.zip\setup.exe
Task: {F92D8508-9933-4CF7-BB8F-6BECA4BE71AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software)
Task: {FC9A3894-3B7C-4BBF-B7D5-520290D33A13} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-20 20:00 - 2015-07-20 20:00 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-20 20:00 - 2015-07-20 20:00 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-23 21:30 - 2016-02-23 21:30 - 02836480 _____ () C:\Program Files\AVAST Software\Avast\defs\16022301\algo.dll
2014-03-19 10:54 - 2015-10-13 02:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2014-01-12 11:01 - 2012-06-22 09:29 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2015-07-20 20:00 - 2015-07-20 20:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00381752 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020816 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 01682760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021840 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00038696 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021832 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-20 14:23 - 2016-02-16 19:39 - 00026456 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00117056 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00024392 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsync.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00023376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00052024 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021824 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019776 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020280 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00022352 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00084792 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-02-20 14:24 - 2016-02-16 19:39 - 01826096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\sip.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 03928880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 01971504 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00531248 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00132912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00223544 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00207672 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00158008 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00042808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-20 14:24 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-20 14:24 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00024904 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00546096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00357680 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-02-20 14:24 - 2016-01-12 19:52 - 00697304 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-02-11 19:08 - 2016-02-11 19:08 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\7dca33cfefb99e28847d01e4665f2214\IsdiInterop.ni.dll
2010-08-30 19:04 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Conny\Desktop\AdwCleaner_5.036.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Conny\Desktop\FRST.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Conny\Desktop\mbam-setup-2.2.0.1024.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Conny\Desktop\tdsskiller.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2014-03-07 16:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B5BB3F09-3F28-4037-ADDF-ED0D9521AD3F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7E1E0E25-5811-48BA-8112-A999DE7DA7F1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5D17EE8E-2B60-4228-90AE-0DF6430EF885}] => (Allow) svchost.exe
FirewallRules: [{811CA0F5-D2BB-4A4D-BE17-4014C5E8BC67}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{1D853E59-2575-4067-9F21-DE76C38A37B7}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{30E69FC8-3BEF-4B3C-B402-933778084EAA}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{9E4248B8-B08B-4A20-9DBE-8BBD3F09CECC}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{4687042B-D555-4A1A-8039-1AD75E458545}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{961DDA7A-4319-4911-9776-A89874CE5335}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [{34DA1426-B63B-474F-8DEF-EB5235221BDD}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [TCP Query User{6B778748-C7B6-4A46-81D2-56ADEA63F1A7}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{FED1122E-4925-4558-BB06-142DCA1E502E}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{2605EEA3-C05C-459A-87D1-842F42681013}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{38E3F568-5839-4423-B7F7-825F441E9A3F}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{C1A531C8-1DCD-4DFA-82BE-CE5888CD32FD}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{7172C1E6-B85E-41BD-96A0-91C9CFA8119A}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{CE46AC23-B67F-4108-B551-AFF5D9782AD8}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{F877EC4A-9159-4A64-ABC7-2C95CD583B21}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{E73F7B8C-8D61-423F-92F6-41B4EE6DEAD8}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{3C609447-8057-4BCF-B11B-5FCA7ECC5A3C}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{39DCAE11-5CF4-4AC2-94EA-3595A667BBF9}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{B5B309C3-7463-4C30-AD15-7700AD51E9E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{796C015A-E095-4D97-8615-A51836C2BB2E}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{E533F68C-9F2E-4D27-B503-8603931A946A}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{69A98C7C-2D08-429A-BDD8-F97B185625D2}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FD8D8E36-1BB4-4BBB-AFB4-89635DFB6CE7}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{130F31E3-FF6C-4582-9B49-4194BAEB4B39}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{635854E1-9AB3-49FD-AD53-26ABE6288B52}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [TCP Query User{4957885E-9DC6-48AF-A709-0FD7610930C7}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{0CBAC78E-6FDF-485D-99DA-654A55EF276E}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [{692BDFF9-D89E-4F8D-95AE-221810CAE02F}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{2C43FFDD-B6BD-41A4-8BD6-AA2AB5E8ACAD}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{1C9A6C83-81BF-4563-BDCD-CC9BB4160B55}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{350386DF-4A82-427C-9962-B7EB9BD6D34E}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{91395ADC-2BDE-4B46-8494-9EB27A9F6BD5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C6E35A0B-6B7A-4247-B0D4-51F114611254}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D91B19E8-D1DB-4CCC-9FD6-8BDAFD9CF437}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{18E738B9-3F17-4BBA-9045-1E4375E39A6E}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{627658B7-DB21-4DE6-8548-530E847DBE8B}] => (Allow) C:\Users\Conny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{FA30B07B-7F14-4D50-92AF-EEFCA9D3D396}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FE75D3F4-E8D1-4CFB-933D-6209B76DFF6C}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{0A4EC1A1-3B46-45A0-9BF7-910C850A4A46}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [{A5BDF030-2E00-440F-8298-3EE9A52D72B3}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{0EA845AE-B769-468C-BC49-64CA7AF58BE5}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{C5E5ECF1-9DF5-4D24-8CD9-FB695F96D803}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{7134D83D-E8E8-4235-A798-2FE8D9DA33F4}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{7CB4C706-0C27-4B19-865D-815C72462270}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{E3B3F49D-318B-458B-9996-94602E7A3B4C}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{2CBE49FE-1280-4E63-84CD-6A6B240E6A94}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{8C617366-DC95-4B51-AC60-3619F4EE1DE5}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{8049D308-47AD-4656-B8E4-FF0389C5D98C}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{944C753C-8B4D-4193-8F20-0269D1175512}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{0E0A14D1-5FE6-4430-BCD0-DC3481E510DA}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{73FE0611-6B7C-44E0-A9F2-F78142FB7FC6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE19B7A7-4403-4BC4-8281-661A9265FB98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA0C48A7-A4EA-4EE4-9C93-1A05765AF979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8274CD7-8D0E-4CEB-A85D-7D2D260C6077}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{05DB99BC-CB68-457B-859C-9EC460476FA8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5E9E69BC-6EC8-4A84-BC79-6C6F7872BF2C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{EB4831F9-9BE1-44B9-AAEC-71C5B4077093}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B17B8E5F-4C83-4DD8-9665-A2B50F2029F2}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{200C6D82-A0ED-4E15-917B-F41277C0081E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8F33AE0D-E430-42CB-8C6B-71E0C3E0349F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DBDD8041-CAD2-4CBF-83FC-0D30AD8185AA}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{A32D8C8E-4BF5-4C68-8B07-959AE85FF082}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [{E4355044-8680-4492-A43A-904A15EEC2F5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{78AF9F1A-8246-4DC5-82AE-C4FC7F0EA340}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A6B220F1-D801-47D9-A621-2277B6B58787}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AF8BFD75-C3B3-4A57-A7EC-44C89A708810}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{67CF725E-AD3D-4CEE-9FA1-8BDD832B9CAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E6100A1A-0058-4987-8414-8D3338B3020D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

31-01-2016 10:41:12 Windows Update
31-01-2016 19:00:32 Windows-Sicherung
03-02-2016 16:10:23 Windows Update
07-02-2016 12:18:38 Windows Update
07-02-2016 19:01:31 Windows-Sicherung
10-02-2016 23:26:36 Windows Update
14-02-2016 16:08:24 Windows Update
14-02-2016 19:00:25 Windows-Sicherung
17-02-2016 23:30:38 Windows Update
21-02-2016 13:34:06 Windows Update
21-02-2016 19:00:44 Windows-Sicherung
23-02-2016 00:21:22 Windows Update
24-02-2016 10:22:25 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/24/2016 10:27:17 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/24/2016 10:18:17 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1294}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (02/24/2016 10:18:17 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1294}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (02/23/2016 11:34:32 PM) (Source: SecurityCenter) (EventID: 3) (User: )
Description: Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antiviren, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen.

Error: (02/23/2016 11:31:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_LanmanServer, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x500
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_LanmanServer0
Pfad der fehlerhaften Anwendung: svchost.exe_LanmanServer1
Pfad des fehlerhaften Moduls: svchost.exe_LanmanServer2
Berichtskennung: svchost.exe_LanmanServer3

Error: (02/23/2016 11:25:17 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/23/2016 10:48:54 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/23/2016 10:38:53 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=A40}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (02/23/2016 10:38:53 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=A40}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (02/23/2016 05:33:56 PM) (Source: UniversalCommunicationServer) (EventID: 0) (User: )
Description: Universal Communication Server Terminating: True
reason: System.UnhandledExceptionEventArgs
Stack: TraceEnvironment.XTrace+AssertionFailedException: unexpected message length 4
  at TraceEnvironment.XTrace.Assert(Boolean aCondition, String aFormat, Object[] aObjects)
  at UniversalCommunicationServer.ServerConnection.stateConnectedOnServerDataReceived(evServerDataReceived aEvent)
  at UniversalCommunicationServer.ServerConnection.stateConnected.onServerDataReceived(evServerDataReceived aEvent)
  at UniversalCommunicationServer.ServerConnection.Consume(Object aEvent)
  at MultiThreading.Reactive.MainLoop()
  at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
  at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
  at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
  at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
  at System.Threading.ThreadHelper.ThreadStart()


Systemfehler:
=============
Error: (02/24/2016 10:16:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Universal Communication Server" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/24/2016 10:16:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Universal Communication Server erreicht.

Error: (02/24/2016 10:16:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/24/2016 10:15:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/24/2016 10:15:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎02.‎2016 um 00:04:41 unerwartet heruntergefahren.

Error: (02/24/2016 12:04:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computerbrowser" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/24/2016 12:04:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Browser erreicht.

Error: (02/24/2016 12:03:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computerbrowser" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/24/2016 12:03:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Browser erreicht.

Error: (02/24/2016 12:03:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Winmgmt erreicht.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 72%
Installierter physikalischer RAM: 2039.11 MB
Verfügbarer physikalischer RAM: 552.93 MB
Summe virtueller Speicher: 4078.23 MB
Verfügbarer virtueller Speicher: 2385.39 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:1082.54 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:0.01 GB) NTFS
Drive e: (WTLIB15X) (CDROM) (Total:0.85 GB) (Free:0 GB) UDF
Drive f: (EX FESTPL 4) (Fixed) (Total:931.47 GB) (Free:855.98 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== Ende vom Addition.txt ============================
Hallo Rafael,

kannst Du mir schon sagen wie es bei mir aussieht?

Gruß Lilian

burningice 25.02.2016 03:14
Naja, ich sehe zumindest nichts offensichtliches, das solche Probleme verursachen könnte.

Bitte folge mal dieser Anleitung: Zustand der Festplatte herausfinden - so gehts - Anleitungen

Zitat:
Seit gestern abend kommt immer wenn ich ein Programm öffne, oder eine Internetseite aufrufe, auf der rechten Seite am Bildschirm ein roter Kreis mit Trackerangaben, wo kommt das jetzt auf einmal her?
Zeig mal einen Screenshot bitte :)

Lilian-Rose 25.02.2016 10:09
Rafael, wie kann ich Dir den Screenshot senden? Mit kopieren und einfügen geht es nicht... Sorry...

burningice 25.02.2016 10:34
haha - du kannst das "Snippingtool" auf deinem Computer starten, dann machst du den Screenshot, speicherst das ganze als Bild und hängst es hier an :)

Lilian-Rose 25.02.2016 10:38
Liste der Anhänge anzeigen (Anzahl: 1)
hier kommt der Screenshot, als jpg war es möglich...

Lilian-Rose 25.02.2016 12:44
Danke für das Tool zur Überprüfung der Festplatten, hier kommt das Ergebnis

Code:
----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
                                Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
  Date : 2016/02/25 12:41:33

-- Controller Map ----------------------------------------------------------
 + Intel(R) 5 Series/3400 Series SATA AHCI Controller [ATA]
  - WDC WD15EARS-00MVWB0
  - TSSTcorp CDDVDW SH-S223C

-- Disk List ---------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0 : 1500,3 GB [0/0/0, pd1] - wd
 (2) ST1000DM003-1ER162 : 1000,2 GB [4/X/X, sa1] (V=174C, P=55AA) - st

----------------------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0
----------------------------------------------------------------------------
          Model : WDC WD15EARS-00MVWB0
        Firmware : 51.0AB51
  Serial Number : WD-WMAZA0813822
      Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,3)
    Buffer Size : Unbekannt
    Queue Depth : 32
    # of Sectors : 2930277168
  Rotation Rate : Unbekannt
      Interface : Serial ATA
  Major Version : ATA8-ACS
  Minor Version : ----
  Transfer Mode : ---- | SATA/300
  Power On Hours : 20807 Std.
  Power On Count : 2314 mal
    Temperature : 30 C (86 F)
  Health Status : Gut
        Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
      APM Level : ----
      AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 153 _51 000000000015 Lesefehlerrate
03 167 163 _21 0000000019F1 Mittlere Anlaufzeit
04 _98 _98 __0 00000000090E Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 200 200 __0 000000000000 Suchfehler
09 _72 _72 __0 000000005147 Betriebsstunden
0A 100 100 __0 000000000000 Misslungene Spindelanläufe
0B 100 100 __0 000000000000 Nnotwendige Rekalibrierungen
0C _98 _98 __0 00000000090A Geräte-Einschaltvorgänge
C0 200 200 __0 000000000049 Ausschaltungsabbrüche
C1 _20 _20 __0 0000000843EC Laden/Entladen-Zyklen
C2 120 111 __0 00000000001E Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
C8 200 200 __0 000000000000 Schreibfehlerrate

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 415A 4130 3831 3338 3232
020: 0000 0000 0032 3531 2E30 4142 3531 5744 4320 5744
030: 3135 4541 5253 2D30 304D 5657 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 0044 0044
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 0083
090: 0083 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 7B30 AEA8 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 57C4 032D 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E7A5

-- SMART_READ_DATA ---------------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 99 15 00 00 00 00 00 00 03 27
010: 00 A7 A3 F1 19 00 00 00 00 00 04 32 00 62 62 0E
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 48 48 47 51 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 0A 09 00 00 00 00 00 C0 32
070: 00 C8 C8 49 00 00 00 00 00 00 C1 32 00 14 14 EC
080: 43 08 00 00 00 00 C2 22 00 78 6F 1E 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 C8 64 01 7B
170: 03 00 01 00 02 FA 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 05 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F4

-- SMART_READ_THRESHOLD ----------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 C8 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05

----------------------------------------------------------------------------
 (2) ST1000DM003-1ER162
----------------------------------------------------------------------------
      Enclosure : Laufwerk (V=174C, P=55AA, sa1) - st
          Model : ST1000DM003-1ER162
        Firmware : CC45
  Serial Number : W4Y0W6HE
      Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,1)
    Buffer Size : Unbekannt
    Queue Depth : 32
    # of Sectors : 1953525168
  Rotation Rate : 7200 RPM
      Interface : USB (Serial ATA)
  Major Version : ACS-2
  Minor Version : ACS-3 Revision 3b
  Transfer Mode : SATA/300 | SATA/600
  Power On Hours : 4063 Std.
  Power On Count : 460 mal
    Temperature : 30 C (86 F)
  Health Status : Gut
        Features : S.M.A.R.T., APM, 48bit LBA, NCQ
      APM Level : 8080h [ON]
      AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 115 _99 __6 000005C241E8 Lesefehlerrate
03 _98 _97 __0 000000000000 Mittlere Anlaufzeit
04 _98 _98 _20 000000000992 Start/Stopp-Zyklen der Spindel
05 100 100 _10 000000000000 Wiederzugewiesene Sektoren
07 100 253 _30 000000097084 Suchfehler
09 _96 _96 __0 000000000FDF Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C 100 100 _20 0000000001CC Geräte-Einschaltvorgänge
B7 100 100 __0 000000000000 Herstellerspezifisch
B8 100 100 _99 000000000000 Ende-zu-Ende-Fehler
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC _98 _96 __0 00000000021B Befehlszeitüberschreitung
BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge
BE _70 _56 _45 00001E13001E Luftstromtemperatur
BF 100 100 __0 000000000000 Beschleunigungssensor-Fehlerrate
C0 100 100 __0 00000000000B Ausschaltungsabbrüche
C1 _98 _98 __0 000000001208 Laden/Entladen-Zyklen
C2 _30 _44 __0 00100000001E Temperatur
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
F0 100 253 __0 2D4800000036 Kopfpositionierungszeit
F1 100 253 __0 0000176895F8 LBA geschrieben (gesamt)
F2 100 253 __0 00C528E9DC41 LBA gelesen (gesamt)

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5734 5930 5736 4845
020: 0000 0000 0004 4343 3435 2020 2020 5354 3130 3030
030: 444D 3030 332D 3145 5231 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 5010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 00CC 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 407F 0034
090: 0034 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 7C7E 3E2E 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0000 5800 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0007 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 09A5

-- SMART_READ_DATA ---------------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 73 63 E8 41 C2 05 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 62 62 92
020: 09 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 FD 84 70 09 00 00 00 00 09 32
040: 00 60 60 DF 0F 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 CC 01 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 62 60 1B 02 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 46 38 1E 00 13 1E 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 0B 00 00 00 00
0C0: 00 00 C1 32 00 62 62 08 12 00 00 00 00 00 C2 22
0D0: 00 1E 2C 1E 00 00 00 10 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 36 00 00 00 48 2D 15 F1 00 00 64 FD F8
110: 95 68 17 00 00 00 F2 00 00 64 FD 41 DC E9 28 C5
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 50 00 00 73
170: 03 00 01 00 01 6D 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 40 01 00 00 02 02 02 02 02 02 02 02
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 5D 62 9F 51 4E 0D 00 00
1B0: 00 00 00 00 01 00 31 02 F8 95 68 17 00 00 00 00
1C0: 41 DC E9 28 C5 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 51 01 01 00 01 00 00 00
1E0: 00 00 00 00 08 00 00 00 02 00 00 00 00 00 00 01
1F0: 00 00 00 00 00 00 00 00 00 00 14 18 00 00 00 D6

-- SMART_READ_THRESHOLD ----------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD
Code:
----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
                                Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
  Date : 2016/02/25 12:44:10

-- Controller Map ----------------------------------------------------------
 + Intel(R) 5 Series/3400 Series SATA AHCI Controller [ATA]
  - WDC WD15EARS-00MVWB0
  - TSSTcorp CDDVDW SH-S223C

-- Disk List ---------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0 : 1500,3 GB [0/0/0, pd1] - wd
 (2) ST1000DM003-1ER162 : 1000,2 GB [4/X/X, sa1] (V=174C, P=55AA) - st

----------------------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0
----------------------------------------------------------------------------
          Model : WDC WD15EARS-00MVWB0
        Firmware : 51.0AB51
  Serial Number : WD-WMAZA0813822
      Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,3)
    Buffer Size : Unbekannt
    Queue Depth : 32
    # of Sectors : 2930277168
  Rotation Rate : Unbekannt
      Interface : Serial ATA
  Major Version : ATA8-ACS
  Minor Version : ----
  Transfer Mode : ---- | SATA/300
  Power On Hours : 20807 Std.
  Power On Count : 2314 mal
    Temperature : 30 C (86 F)
  Health Status : Gut
        Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
      APM Level : ----
      AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 153 _51 000000000015 Lesefehlerrate
03 167 163 _21 0000000019F1 Mittlere Anlaufzeit
04 _98 _98 __0 00000000090E Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 200 200 __0 000000000000 Suchfehler
09 _72 _72 __0 000000005147 Betriebsstunden
0A 100 100 __0 000000000000 Misslungene Spindelanläufe
0B 100 100 __0 000000000000 Nnotwendige Rekalibrierungen
0C _98 _98 __0 00000000090A Geräte-Einschaltvorgänge
C0 200 200 __0 000000000049 Ausschaltungsabbrüche
C1 _20 _20 __0 0000000843EC Laden/Entladen-Zyklen
C2 120 111 __0 00000000001E Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
C8 200 200 __0 000000000000 Schreibfehlerrate

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 415A 4130 3831 3338 3232
020: 0000 0000 0032 3531 2E30 4142 3531 5744 4320 5744
030: 3135 4541 5253 2D30 304D 5657 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 0044 0044
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 0083
090: 0083 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 7B30 AEA8 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 57C4 032D 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E7A5

-- SMART_READ_DATA ---------------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 99 15 00 00 00 00 00 00 03 27
010: 00 A7 A3 F1 19 00 00 00 00 00 04 32 00 62 62 0E
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 48 48 47 51 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 0A 09 00 00 00 00 00 C0 32
070: 00 C8 C8 49 00 00 00 00 00 00 C1 32 00 14 14 EC
080: 43 08 00 00 00 00 C2 22 00 78 6F 1E 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 C8 64 01 7B
170: 03 00 01 00 02 FA 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 05 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F4

-- SMART_READ_THRESHOLD ----------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 C8 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05

----------------------------------------------------------------------------
 (2) ST1000DM003-1ER162
----------------------------------------------------------------------------
      Enclosure : Laufwerk (V=174C, P=55AA, sa1) - st
          Model : ST1000DM003-1ER162
        Firmware : CC45
  Serial Number : W4Y0W6HE
      Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,1)
    Buffer Size : Unbekannt
    Queue Depth : 32
    # of Sectors : 1953525168
  Rotation Rate : 7200 RPM
      Interface : USB (Serial ATA)
  Major Version : ACS-2
  Minor Version : ACS-3 Revision 3b
  Transfer Mode : SATA/300 | SATA/600
  Power On Hours : 4063 Std.
  Power On Count : 460 mal
    Temperature : 30 C (86 F)
  Health Status : Gut
        Features : S.M.A.R.T., APM, 48bit LBA, NCQ
      APM Level : 8080h [ON]
      AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 115 _99 __6 000005C241E8 Lesefehlerrate
03 _98 _97 __0 000000000000 Mittlere Anlaufzeit
04 _98 _98 _20 000000000992 Start/Stopp-Zyklen der Spindel
05 100 100 _10 000000000000 Wiederzugewiesene Sektoren
07 100 253 _30 000000097084 Suchfehler
09 _96 _96 __0 000000000FDF Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C 100 100 _20 0000000001CC Geräte-Einschaltvorgänge
B7 100 100 __0 000000000000 Herstellerspezifisch
B8 100 100 _99 000000000000 Ende-zu-Ende-Fehler
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC _98 _96 __0 00000000021B Befehlszeitüberschreitung
BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge
BE _70 _56 _45 00001E13001E Luftstromtemperatur
BF 100 100 __0 000000000000 Beschleunigungssensor-Fehlerrate
C0 100 100 __0 00000000000B Ausschaltungsabbrüche
C1 _98 _98 __0 000000001209 Laden/Entladen-Zyklen
C2 _30 _44 __0 00100000001E Temperatur
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
F0 100 253 __0 A3B600000036 Kopfpositionierungszeit
F1 100 253 __0 0000176895F8 LBA geschrieben (gesamt)
F2 100 253 __0 00C528E9DC61 LBA gelesen (gesamt)

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5734 5930 5736 4845
020: 0000 0000 0004 4343 3435 2020 2020 5354 3130 3030
030: 444D 3030 332D 3145 5231 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 5010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 00CC 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 407F 0034
090: 0034 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 7C7E 3E2E 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0000 5800 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0007 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 09A5

-- SMART_READ_DATA ---------------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 73 63 E8 41 C2 05 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 62 62 92
020: 09 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 FD 84 70 09 00 00 00 00 09 32
040: 00 60 60 DF 0F 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 CC 01 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 62 60 1B 02 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 46 38 1E 00 13 1E 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 0B 00 00 00 00
0C0: 00 00 C1 32 00 62 62 09 12 00 00 00 00 00 C2 22
0D0: 00 1E 2C 1E 00 00 00 10 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 36 00 00 00 B6 A3 15 F1 00 00 64 FD F8
110: 95 68 17 00 00 00 F2 00 00 64 FD 61 DC E9 28 C5
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 50 00 00 73
170: 03 00 01 00 01 6D 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 60 01 00 00 02 02 02 02 02 02 02 02
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 95 06 4B 5B 4E 0D 00 00
1B0: 00 00 00 00 01 00 31 02 F8 95 68 17 00 00 00 00
1C0: 61 DC E9 28 C5 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 54 01 01 00 01 00 00 00
1E0: 00 00 00 00 08 00 00 00 02 00 00 00 00 00 00 01
1F0: 00 00 00 00 00 00 00 00 00 00 14 18 00 00 00 FC

-- SMART_READ_THRESHOLD ----------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD

burningice 26.02.2016 09:47
Du hast mir zweimal die Daten von der selben Platte gepostet ;)

Schritt 1
Download von https://sites.google.com/site/canned...b27e2-Zoek.png ZOEK (by Smeenk)
  • Speichere die zoek.exe auf dem Desktop.
  • Bitte deaktiviere während der Verwendung von Zoek Deinen Virenscanner, da dieser Zoek stören könnte.
  • Starte die zoek.exe mit einem Doppelklick und warte bis die Programmoberfläche erscheint (ca. 30 Sekunden)
  • Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:
    Code:
    iedefaults;
    FFdefaults;
    CHRdefaults
    emptyclsid;
    autoclean;
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter C:\
  • Bitte poste mir das zoek-results.log.

Schritt 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von ZOEK
  • Zustand der zweiten Festplatte
  • Frst.txt
  • Addition.txt

Verzögert der Computer immer noch so stark?

Lilian-Rose 27.02.2016 14:16
Hallo Rafael,

sorry, dass ich Dir zweimal dieselben Daten gepostet habe, war ein Versehen.
Ich sende Dir nun die Auswertung der zweiten Festplatte.

Code:
----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
                                Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
  Date : 2016/02/27 14:11:55

-- Controller Map ----------------------------------------------------------
 + Intel(R) 5 Series/3400 Series SATA AHCI Controller [ATA]
  - WDC WD15EARS-00MVWB0
  - TSSTcorp CDDVDW SH-S223C

-- Disk List ---------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0 : 1500,3 GB [0/0/0, pd1] - wd
 (2) ST1000DM003-1ER162 : 1000,2 GB [4/X/X, sa1] (V=174C, P=55AA) - st

----------------------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0
----------------------------------------------------------------------------
          Model : WDC WD15EARS-00MVWB0
        Firmware : 51.0AB51
  Serial Number : WD-WMAZA0813822
      Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,3)
    Buffer Size : Unbekannt
    Queue Depth : 32
    # of Sectors : 2930277168
  Rotation Rate : Unbekannt
      Interface : Serial ATA
  Major Version : ATA8-ACS
  Minor Version : ----
  Transfer Mode : ---- | SATA/300
  Power On Hours : 20826 Std.
  Power On Count : 2316 mal
    Temperature : 31 C (87 F)
  Health Status : Gut
        Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
      APM Level : ----
      AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 153 _51 000000000015 Lesefehlerrate
03 167 163 _21 0000000019E1 Mittlere Anlaufzeit
04 _98 _98 __0 000000000910 Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 200 200 __0 000000000000 Suchfehler
09 _72 _72 __0 00000000515A Betriebsstunden
0A 100 100 __0 000000000000 Misslungene Spindelanläufe
0B 100 100 __0 000000000000 Nnotwendige Rekalibrierungen
0C _98 _98 __0 00000000090C Geräte-Einschaltvorgänge
C0 200 200 __0 000000000049 Ausschaltungsabbrüche
C1 _20 _20 __0 000000084402 Laden/Entladen-Zyklen
C2 119 111 __0 00000000001F Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
C8 200 200 __0 000000000000 Schreibfehlerrate

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 415A 4130 3831 3338 3232
020: 0000 0000 0032 3531 2E30 4142 3531 5744 4320 5744
030: 3135 4541 5253 2D30 304D 5657 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 0044 0044
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 0083
090: 0083 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 7B30 AEA8 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 57C4 032D 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E7A5

-- SMART_READ_DATA ---------------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 99 15 00 00 00 00 00 00 03 27
010: 00 A7 A3 E1 19 00 00 00 00 00 04 32 00 62 62 10
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 48 48 5A 51 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 0C 09 00 00 00 00 00 C0 32
070: 00 C8 C8 49 00 00 00 00 00 00 C1 32 00 14 14 02
080: 44 08 00 00 00 00 C2 22 00 77 6F 1F 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 C8 64 01 7B
170: 03 00 01 00 02 FA 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 05 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D6

-- SMART_READ_THRESHOLD ----------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 C8 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05

----------------------------------------------------------------------------
 (2) ST1000DM003-1ER162
----------------------------------------------------------------------------
      Enclosure : Laufwerk (V=174C, P=55AA, sa1) - st
          Model : ST1000DM003-1ER162
        Firmware : CC45
  Serial Number : W4Y0W6HE
      Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,1)
    Buffer Size : Unbekannt
    Queue Depth : 32
    # of Sectors : 1953525168
  Rotation Rate : 7200 RPM
      Interface : USB (Serial ATA)
  Major Version : ACS-2
  Minor Version : ACS-3 Revision 3b
  Transfer Mode : SATA/300 | SATA/600
  Power On Hours : 4082 Std.
  Power On Count : 463 mal
    Temperature : 33 C (91 F)
  Health Status : Gut
        Features : S.M.A.R.T., APM, 48bit LBA, NCQ
      APM Level : 8080h [ON]
      AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 115 _99 __6 000005F5B028 Lesefehlerrate
03 _98 _97 __0 000000000000 Mittlere Anlaufzeit
04 _98 _98 _20 0000000009A2 Start/Stopp-Zyklen der Spindel
05 100 100 _10 000000000000 Wiederzugewiesene Sektoren
07 100 253 _30 0000000974D7 Suchfehler
09 _96 _96 __0 000000000FF2 Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C 100 100 _20 0000000001CF Geräte-Einschaltvorgänge
B7 100 100 __0 000000000000 Herstellerspezifisch
B8 100 100 _99 000000000000 Ende-zu-Ende-Fehler
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC _99 _96 __0 00000000021F Befehlszeitüberschreitung
BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge
BE _67 _56 _45 0000211D0021 Luftstromtemperatur
BF 100 100 __0 000000000000 Beschleunigungssensor-Fehlerrate
C0 100 100 __0 00000000000B Ausschaltungsabbrüche
C1 _98 _98 __0 00000000122B Laden/Entladen-Zyklen
C2 _33 _44 __0 001000000021 Temperatur
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
F0 100 253 __0 47CD00000036 Kopfpositionierungszeit
F1 100 253 __0 000017689678 LBA geschrieben (gesamt)
F2 100 253 __0 00C528EC8ED9 LBA gelesen (gesamt)

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5734 5930 5736 4845
020: 0000 0000 0004 4343 3435 2020 2020 5354 3130 3030
030: 444D 3030 332D 3145 5231 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 5010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 00CC 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 407F 0034
090: 0034 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 7C7E 3E2E 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0000 5800 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0007 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 09A5

-- SMART_READ_DATA ---------------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 73 63 28 B0 F5 05 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 62 62 A2
020: 09 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 FD D7 74 09 00 00 00 00 09 32
040: 00 60 60 F2 0F 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 CF 01 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 63 60 1F 02 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 43 38 21 00 1D 21 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 0B 00 00 00 00
0C0: 00 00 C1 32 00 62 62 2B 12 00 00 00 00 00 C2 22
0D0: 00 21 2C 21 00 00 00 10 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 36 00 00 00 CD 47 26 F1 00 00 64 FD 78
110: 96 68 17 00 00 00 F2 00 00 64 FD D9 8E EC 28 C5
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 50 00 00 73
170: 03 00 01 00 01 6D 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 88 00 00 00 02 02 02 02 03 02 02 02
190: 02 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 B4 B1 84 BE 5D 0D 00 00
1B0: 00 00 00 00 01 00 34 02 78 96 68 17 00 00 00 00
1C0: D9 8E EC 28 C5 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 53 00 02 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 01
1F0: 00 00 00 00 00 00 00 00 00 00 14 18 00 00 00 A5

-- SMART_READ_THRESHOLD ----------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD
Mein PC braucht beim Start 20 Minuten bis das Windowsbild erscheint und weitere 10 Minuten bis ich mit ihm arbeiten kann.

Code:
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Conny on 27.02.2016 at 11:26:46,68.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Conny\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27.02.2016 11:37:06 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\Hilfe Assistent deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\VideoLAN deleted successfully
C:\Program Files\Yahoo! deleted successfully
C:\Program Files\Common Files\SWF Studio deleted successfully
C:\PROGRA~2\DriverGenius deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\PROGRA~2\Oracle deleted successfully
C:\PROGRA~2\WinZip deleted successfully
C:\PROGRA~2\ZoomBrowser deleted successfully
C:\Users\Conny\AppData\Roaming\6ED3EE deleted successfully
C:\Users\Conny\AppData\Roaming\Ifxaxo deleted successfully
C:\Users\Conny\AppData\Roaming\Ihid deleted successfully
C:\Users\Conny\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Conny\AppData\Roaming\Siivul deleted successfully
C:\Users\Conny\AppData\Roaming\TP deleted successfully
C:\Users\Conny\AppData\Roaming\Xeodde deleted successfully
C:\Users\Conny\AppData\Roaming\Yahoo! deleted successfully
C:\Users\Conny\AppData\Roaming\Ybbuug deleted successfully
C:\Users\Conny\AppData\Roaming\Ydyq deleted successfully
C:\Users\Conny\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Conny\AppData\Local\EmieSiteList deleted successfully
C:\Users\Conny\AppData\Local\EmieUserList deleted successfully
C:\Users\Conny\AppData\Local\FRITZ! deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_USERS\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SearchProtectionService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SearchProtectionService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LavasoftTcpService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LavasoftTcpService deleted successfully

==== Batch Command(s) Run By Tool======================


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


==== Deleting Files \ Folders ======================

C:\Program Files\Hilfe Assistent not found
C:\Program Files\VideoLAN not found
C:\Program Files\Yahoo! not found
C:\PROGRA~2\Malwarebytes' Anti-Malware (portable) not found
C:\Program Files\Windows Live SkyDrive deleted
C:\Program Files\Sweet Home 3D deleted
C:\Users\Conny\AppData\Roaming\Wuala deleted
C:\Users\Conny\AppData\Roaming\Lavasoft\Web Companion deleted
C:\Users\Conny\AppData\Roaming\ZoomBrowser EX deleted
C:\Users\Conny\AppData\Roaming\OpenCandy deleted
C:\PROGRA~2\Lavasoft\Web Companion deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Conny\AppData\Local\Lavasoft\WebCompanion.exe_Url_f5db2c2eotb405zbclgx4obr3tgwdj1t deleted
C:\Windows\system32\config\systemprofile\AppData\Local\LavasoftTcpService deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lavasoft\WebCompanion deleted
C:\Windows\System32\sho1846.tmp deleted
C:\Windows\System32\sho24CE.tmp deleted
C:\Windows\System32\sho24DD.tmp deleted
C:\Windows\System32\sho280.tmp deleted
C:\Windows\System32\sho40D5.tmp deleted
C:\Windows\System32\sho4914.tmp deleted
C:\Windows\System32\sho6979.tmp deleted
C:\Windows\System32\sho69E8.tmp deleted
C:\Windows\System32\sho7148.tmp deleted
C:\Windows\System32\sho7396.tmp deleted
C:\Windows\System32\sho849D.tmp deleted
C:\Windows\System32\sho9022.tmp deleted
C:\Windows\System32\sho9A9F.tmp deleted
C:\Windows\System32\sho9B26.tmp deleted
C:\Windows\System32\shoA41A.tmp deleted
C:\Windows\System32\shoA949.tmp deleted
C:\Windows\System32\shoAE8F.tmp deleted
C:\Windows\System32\shoB21F.tmp deleted
C:\Windows\system32\SafeAppRichList.ocx deleted
C:\Users\Conny\Documents\Add-in Express deleted
C:\PROGRA~2\Setup_OnlineManager.exe deleted
"C:\Windows\Installer\13d60aa.msi" deleted
"C:\Users\Conny\AppData\Roaming\Bubble Noise" deleted
"C:\Users\Conny\AppData\Roaming\Bundle" deleted
"C:\Users\Conny\AppData\Roaming\CIOSupport" deleted
"C:\ProgramData\Caches" deleted
"C:\ProgramData\Calibrators" deleted
"C:\ProgramData\Carbon" deleted
"C:\ProgramData\Colors" deleted
"C:\ProgramData\Command Line Utility" deleted
"C:\ProgramData\Common" deleted
"C:\Users\Conny\AppData\Roaming\Ovxou\suutb.hor" deleted
"C:\Users\Conny\AppData\Roaming\Teutm\humout.tmp" deleted
"C:\Users\Conny\AppData\Roaming\Teutm\humout.xyf" deleted
"C:\Users\Conny\AppData\Roaming\Iqkysi\onyb.feu" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.AvastWrapper.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Common.Platform.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.UpdateComponents.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\log4net.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\System.Data.SQLite.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\de-DE\WebCompanion.resources.dll" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\x86\SQLite.Interop.dll" deleted
"C:\Users\Conny\AppData\Roaming\Ovxou" deleted
"C:\Users\Conny\AppData\Roaming\Teutm" deleted
"C:\Users\Conny\AppData\Roaming\Iqkysi" deleted
"C:\Program Files\Lavasoft\Web Companion" deleted
"C:\Program Files\Lavasoft\Web Companion\Application" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\de-DE" deleted
"C:\Program Files\Lavasoft\Web Companion\Application\x86" deleted

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10.12.2015 16:34]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[20.07.2015 19:59]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[08.01.2016 10:47]

Google Voice Search Hotword (Beta) - Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Skype Click to Call - Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Chromium Fix ======================

C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully
C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully
C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.msn.com/?pc=MSSE"
"Search Page"="https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}"
"Search Bar"="https://de.yahoo.com/?fr=hp-avast&type=avastbcl"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}"
"Search Bar"="https://de.yahoo.com/?fr=hp-avast&type=avastbcl"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="hxxp://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="hxxp://www.google.com"
"Default_Search_URL"="hxxp://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://www.msn.com/?pc=MSSE"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{9CB96984-43C3-4D44-90EF-01466EFCF7BB}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} - hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
HKCU\SearchScopes "DefaultScope"="{9CB96984-43C3-4D44-90EF-01466EFCF7BB}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - hxxp://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} - hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC05100 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{705fd6c1-dca2-4646-b8fb-bea11e6c5bb7} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\58F068FA3A4582A478B9FBE9E6237567 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC05100 deleted successfully

==== Empty IE Cache ======================

C:\Users\Conny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Conny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Conny\AppData\Local\Mozilla\Firefox\Profiles\7eu8aj4x.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=793 folders=96 183744670 bytes)

==== Empty Temp Folders ======================

C:\Users\Conny\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Conny\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\a.affil.io"  not found
"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\api.medianac.com"  not found
"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\component.p7s1.com"  not found
"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\www.hse24.de"  not found
"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\www.n24.de"  not found
"C:\Users\Conny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AH3PZMQ5\www.norma-online.de"  not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 27.02.2016 at 12:36:38,67 ======================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
durchgeführt von Conny (Administrator) auf CONNY-PC (27-02-2016 13:51:33)
Gestartet von C:\Users\Conny\Desktop\Rafael
Geladene Profile: Conny (Verfügbare Profile: Conny)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(BERNINA International AG) C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow32.exe
(Dropbox, Inc.) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-01-10] (Google Inc.)
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [Dropbox Update] => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {3B713BCF-458F-4A2A-BAD2-9784208C169D} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-09]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-09]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=00033BB0&OHP=about%3Ablank&OSP=https%3A%2F%2Fde.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-02-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-09] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default
FF DefaultSearchUrl:
FF Homepage: hxxp://www.jw.org/de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\computer-bild-suche.xml [2015-09-28]
FF Extension: CookieCuller - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2015-05-29]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-10-16] [ist nicht signiert]
FF Extension: Avira Browser Safety - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\abs@avira.com [2016-02-25]
FF Extension: ghostery - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\firefox@ghostery.com.xpi [2016-02-23]
FF Extension: Hilfe Assistent - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\{} [2014-11-03] [ist nicht signiert]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-15] <==== ACHTUNG

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Google-Suche) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-16]
CHR Extension: (Skype Click to Call) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Google Mail) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1904368 2016-01-20] (Microsoft Corporation)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S4 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2012-06-22] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 UniversalCommunicationServer; C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe [90496 2013-05-02] (BERNINA International AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
R0 DiskSec; C:\Windows\system32\Drivers\DiskSec.sys [14208 2008-04-04] (MAGIX) [Datei ist nicht signiert]
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-20] (AVAST Software)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 SydexFDD; C:\Windows\system32\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows (R) 2000 DDK provider) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-20] (Avast Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Conny\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Conny\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S2 tmcomm; system32\DRIVERS\tmcomm.sys [X]
S2 wntpport; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-27 12:19 - 2016-02-27 11:25 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-02-27 11:25 - 2016-02-27 12:29 - 00000000 ____D C:\zoek_backup
2016-02-27 11:22 - 2016-02-27 11:22 - 01309184 _____ C:\Users\Conny\Desktop\zoek.exe
2016-02-26 22:58 - 2016-02-26 22:58 - 00000000 ____D C:\Users\Conny\Desktop\Joel
2016-02-25 12:37 - 2016-02-27 12:04 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Lavasoft
2016-02-25 12:37 - 2016-02-27 12:04 - 00000000 ____D C:\Users\Conny\AppData\Local\Lavasoft
2016-02-25 12:37 - 2016-02-27 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-02-25 12:37 - 2016-02-25 12:37 - 00002928 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2016-02-25 12:36 - 2016-02-27 12:05 - 00000000 ____D C:\ProgramData\Lavasoft
2016-02-25 12:36 - 2016-02-27 12:05 - 00000000 ____D C:\Program Files\Lavasoft
2016-02-25 12:36 - 2016-02-25 12:36 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2016-02-25 12:35 - 2016-02-25 12:36 - 00000000 ____D C:\Program Files\CrystalDiskInfo
2016-02-25 12:35 - 2016-02-25 12:35 - 00001930 _____ C:\Users\Conny\Desktop\CrystalDiskInfo.lnk
2016-02-23 23:31 - 2016-02-26 22:51 - 00000000 ____D C:\Users\Conny\Desktop\Rafael
2016-02-23 22:59 - 2016-02-23 22:59 - 00008564 _____ C:\Protokoll Malwarebytes.txt
2016-02-23 17:21 - 2016-02-23 17:39 - 00216604 _____ C:\TDSSKiller.3.1.0.9_23.02.2016_17.21.27_log.txt
2016-02-23 13:57 - 2016-02-23 17:20 - 00215200 _____ C:\TDSSKiller.3.1.0.9_23.02.2016_13.57.11_log.txt
2016-02-23 10:08 - 2016-02-23 10:09 - 00000000 ____D C:\Users\Conny\Desktop\JW
2016-02-22 23:43 - 2016-02-22 23:43 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-02-22 23:39 - 2016-02-22 23:39 - 00000162 ____H C:\Users\Conny\Desktop\~$Dok8.odt
2016-02-20 14:24 - 2016-02-20 14:24 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-14 16:02 - 2016-02-14 16:02 - 00001298 _____ C:\Users\Public\Desktop\Watchtower Library 2015 - Deutsch.lnk
2016-02-14 16:02 - 2016-02-14 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2015
2016-02-12 20:01 - 2016-02-13 10:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-10 11:36 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 11:36 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 11:36 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 11:36 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 11:36 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 11:36 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 11:36 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:36 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 11:36 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 11:35 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 11:35 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:35 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 11:35 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 11:34 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 11:34 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 11:34 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 11:34 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 11:34 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 11:34 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:34 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 11:34 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 11:34 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 11:34 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:34 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 11:33 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 11:33 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 11:33 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 11:33 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:33 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 11:33 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:33 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 11:33 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:33 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 11:33 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:33 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 11:33 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 11:33 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 11:33 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 11:33 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 11:33 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 11:33 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:33 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 11:33 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 11:31 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:31 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-04 16:35 - 2016-02-04 16:35 - 00025888 _____ C:\Users\Conny\Kolloidales Silber.odt
2016-01-30 00:40 - 2016-01-30 00:40 - 00038883 _____ C:\Users\Conny\Documents\Dok8.odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-27 13:51 - 2014-03-05 09:11 - 00000000 ____D C:\FRST
2016-02-27 13:48 - 2015-06-12 19:37 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job
2016-02-27 13:42 - 2011-01-10 22:01 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-27 13:18 - 2012-05-31 22:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-27 12:44 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-27 12:44 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-27 12:38 - 2013-03-10 10:53 - 00000000 ___RD C:\Users\Conny\Dropbox
2016-02-27 12:38 - 2013-03-10 10:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Dropbox
2016-02-27 12:29 - 2011-01-10 22:01 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-27 12:29 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-27 11:29 - 2015-10-03 01:49 - 01448141 _____ C:\Users\Conny\Desktop\zoek.scr
2016-02-27 11:29 - 2015-10-03 01:49 - 01448141 _____ C:\Users\Conny\Desktop\zoek.com
2016-02-27 09:27 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-27 00:13 - 2015-04-04 23:49 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-26 23:48 - 2015-06-12 19:37 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job
2016-02-24 10:31 - 2015-01-15 12:04 - 00001912 _____ C:\Windows\epplauncher.mif
2016-02-24 10:30 - 2015-01-15 12:03 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-24 10:29 - 2015-01-15 12:02 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-23 23:37 - 2014-03-08 14:19 - 00000000 ____D C:\AdwCleaner
2016-02-23 22:49 - 2014-06-29 09:37 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-23 22:37 - 2014-06-29 09:37 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-23 22:37 - 2009-07-14 08:48 - 00000000 ____D C:\Windows\ShellNew
2016-02-23 21:45 - 2014-06-29 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-23 10:11 - 2015-09-16 20:20 - 00000000 ____D C:\Users\Conny\Desktop\Gute Vorträge
2016-02-23 10:10 - 2015-03-12 19:13 - 00000000 ____D C:\Users\Conny\Desktop\Handarbeit Stickdateien
2016-02-23 10:07 - 2011-01-10 22:04 - 00000000 ____D C:\Users\Conny
2016-02-23 09:54 - 2014-01-21 09:22 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 09:51 - 2014-01-21 09:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-23 09:25 - 2016-01-07 23:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-02-23 09:25 - 2012-10-17 16:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-23 00:26 - 2010-08-28 01:49 - 01595580 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-23 00:26 - 2010-05-12 14:13 - 00699884 _____ C:\Windows\system32\perfh007.dat
2016-02-23 00:26 - 2010-05-12 14:13 - 00149766 _____ C:\Windows\system32\perfc007.dat
2016-02-23 00:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-22 23:43 - 2011-09-22 18:54 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-20 15:24 - 2012-09-17 16:48 - 00002154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-14 16:07 - 2011-01-11 14:21 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Watchtower
2016-02-14 16:02 - 2011-08-18 21:03 - 00000000 ____D C:\Program Files\Watchtower
2016-02-13 11:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-02-11 17:41 - 2009-07-14 05:33 - 00386896 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 17:38 - 2014-12-11 12:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 17:38 - 2014-05-06 22:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-11 17:38 - 2009-07-14 08:49 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 23:41 - 2013-08-15 09:15 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 23:34 - 2010-08-30 17:47 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-01 14:01 - 2011-01-10 22:36 - 00000000 ____D C:\Users\Conny\AppData\Roaming\SoftGrid Client

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2007-03-12 18:59 - 2007-03-12 18:59 - 0299008 _____ () C:\Program Files\navigram_register.exe
2013-03-16 09:27 - 2013-03-16 09:27 - 0000288 _____ () C:\Users\Conny\AppData\Roaming\.backup.dm
2014-09-30 11:46 - 2014-09-30 11:48 - 0000055 _____ () C:\Users\Conny\AppData\Roaming\My Profile.xml
2011-09-29 13:09 - 2011-10-04 14:29 - 0001188 _____ () C:\Users\Conny\AppData\Local\crc32list11.txt
2011-09-03 20:06 - 2015-11-08 15:39 - 0005120 _____ () C:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-03 11:37 - 2014-03-03 11:37 - 0001461 _____ () C:\Users\Conny\AppData\Local\recently-used.xbel
2011-03-17 17:55 - 2011-03-17 17:55 - 0000017 _____ () C:\Users\Conny\AppData\Local\resmon.resmoncfg
2011-01-11 22:23 - 2012-05-10 08:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-18 22:32

==================== Ende vom FRST.txt ============================

Lilian-Rose 27.02.2016 14:20
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
durchgeführt von Conny (2016-02-27 13:52:39)
Gestartet von C:\Users\Conny\Desktop\Rafael
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2011-01-10 21:04:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-185569535-4180466776-3876511590-500 - Administrator - Disabled)
Conny (S-1-5-21-185569535-4180466776-3876511590-1000 - Administrator - Enabled) => C:\Users\Conny
Gast (S-1-5-21-185569535-4180466776-3876511590-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-185569535-4180466776-3876511590-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
BERNINA ARTlink 7 (HKLM\...\{CA812D88-2139-4107-97B5-1B2D2A1DD04D}) (Version: 18.0.94.7011 - BERNINA)
BERNINA ARTlink 7 (Version: 18.0.94.7011 - Wilcom) Hidden
BERNINA Universal Communication Server (HKLM\...\{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}) (Version: 1.27.70 - BERNINA)
Blackboard Collaborate Launcher (HKLM\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon iP3600 series Benutzerregistrierung (HKLM\...\Canon iP3600 series Benutzerregistrierung) (Version:  - )
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version:  - )
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.5.0.7 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller51278dcd0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52b3284a0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52d266760) (Version: 1.0.0.0 - Conexant Systems)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CrystalDiskInfo 6.7.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.7.5 - Crystal Dew World)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815a - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dropbox (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
easyFly 3 Starter Edition (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}) (Version: 3.0.1.11 - IPACS)
e-Sword (HKLM\...\{8E436940-A944-4D67-A45B-1876E23BB9C0}) (Version: 9.08.0003 - Rick Meyers)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Lexware Info Service (HKLM\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
MAGIX Audio Cleaning Lab 16 deluxe (HKLM\...\mclab_16dlx) (Version: 16.0.0.0 - MAGIX AG)
MAGIX Audio Cleaning Lab 16 deluxe (Version: 16.0.0.0 - MAGIX AG) Hidden
MAGIX PC Check & Tuning 2010 5.0.22.687 (D) (HKLM\...\MAGIX PC Check & Tuning 2010 D) (Version: 5.0.22.687 - MAGIX AG)
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MEDION GoPal Assistant (HKLM\...\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}) (Version: 6.2.0.12196 - MEDION)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.5.1 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
my editor v5.00 (HKLM\...\{6B435248-5F4F-4CE9-A533-CB3D8D97A210}) (Version: 5.00.8505.2014 - Wings Systems Ltd.)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.2.1 - Nikon)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.3.0 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Profili 2 (HKLM\...\Profili 2) (Version:  - )
Quicken DELUXE 2014 (HKLM\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.32.00.0004 - Haufe-Lexware GmbH & Co.KG)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6136 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Schrankplaner (HKLM\...\{C92CE7AF-B104-4710-8F5C-9F833976D308}) (Version: 3.01.00 - schrankplaner.de)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sweet Home 3D version 3.1 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Video Grabber (HKLM\...\Uninstaller51278dcb0) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52b328480) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52d266740) (Version: 1.0.0.0 - Conexant Systems)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.2.1 - Nikon)
VoipStunt (HKLM\...\VoipStunt_is1) (Version: 4.09 build 661 - Finarea S.A. Switzerland)
Watchtower Library 2011 - Deutsch (HKLM\...\{8BE514E8-4486-4730-8B68-FA15EEDC942E}) (Version: 13.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - Deutsch (HKLM\...\{CFDF0961-77C7-4392-96EE-624DFE81C3C2}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - hrvatsko izdanje (HKLM\...\{56067BE8-31E8-4796-9EA2-164CDB5ACCF7}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2013 - Deutsch (HKLM\...\{61118DEB-78F1-4158-97ED-78A457550FE7}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2015 - Deutsch (HKLM\...\{AEB12380-3E2F-4A9F-B8DF-1BD7682DE663}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Wilcom TrueSizer e3.0 (HKLM\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Wilcom TrueSizer e3.0 (Version: 17.0.185.7427 - Wilcom) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2015 (HKLM\...\{F8738EA4-CE8F-4D4B-8478-6ADB18B165F4}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wuala (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Conny\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0694FA8A-71C8-4F5D-AACA-0D7E0EC23467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1146A79F-834C-4E3E-AE60-25376A2F0C32} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {508DFAA9-A4C7-43C0-B9EB-1CF6D6BF0159} - System32\Tasks\{AB34AA99-BADE-4F56-8BE7-B62F817BA872} => pcalua.exe -a "C:\Program Files\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {5962BB5D-E22C-48DF-8BFF-A58FEDFD8EDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {72660B4F-A773-4C60-8F36-EA5EBFD568E1} - \Start Registry Reviver -> Keine Datei <==== ACHTUNG
Task: {A56D78C3-8218-48CE-BCC6-F9BCD07BFEA9} - System32\Tasks\{D6C07A53-11F0-44F1-8FB2-A2B09B196048} => pcalua.exe -a C:\Users\Conny\Downloads\ADE_2.0_Installer.exe -d C:\Users\Conny\Downloads
Task: {BB1571C3-45D2-4BD6-AF06-4628247E13B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {C89EC6C7-F641-4831-AE2B-553A25EACD36} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {D00F2FB4-80F4-49C5-82E2-025ED397C0E7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {E5EE64D2-F42F-4C48-8D87-4AF66A1D44AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E9E1F514-54AB-4250-B4B6-4B5C81A5488B} - System32\Tasks\{1D3FF1F2-CC6B-4C77-A161-109C6F1A455A} => pcalua.exe -a C:\Users\Conny\AppData\Local\Temp\Temp1_profile_version_3206.zip\setup.exe
Task: {F92D8508-9933-4CF7-BB8F-6BECA4BE71AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software)
Task: {FC9A3894-3B7C-4BBF-B7D5-520290D33A13} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-20 20:00 - 2015-07-20 20:00 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-20 20:00 - 2015-07-20 20:00 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-26 22:47 - 2016-02-26 22:47 - 02835968 _____ () C:\Program Files\AVAST Software\Avast\defs\16022601\algo.dll
2016-02-27 12:30 - 2016-02-27 12:30 - 02835456 _____ () C:\Program Files\AVAST Software\Avast\defs\16022700\algo.dll
2014-03-19 10:54 - 2015-10-13 02:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2014-01-12 11:01 - 2012-06-22 09:29 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2016-02-11 19:08 - 2016-02-11 19:08 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\7dca33cfefb99e28847d01e4665f2214\IsdiInterop.ni.dll
2010-08-30 19:04 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-07-20 20:00 - 2015-07-20 20:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00381752 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020816 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 01682760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021840 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00038696 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021832 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-20 14:23 - 2016-02-16 19:39 - 00026456 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00117056 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00024392 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsync.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00023376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00052024 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021824 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019776 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020280 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00022352 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00084792 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-02-20 14:24 - 2016-02-16 19:39 - 01826096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\sip.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 03928880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 01971504 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00531248 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00132912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00223544 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00207672 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00158008 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00042808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-20 14:24 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-20 14:24 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00024904 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00546096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00357680 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-02-20 14:24 - 2016-01-12 19:52 - 00697304 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Conny\Desktop\zoek.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2014-03-07 16:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B5BB3F09-3F28-4037-ADDF-ED0D9521AD3F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7E1E0E25-5811-48BA-8112-A999DE7DA7F1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5D17EE8E-2B60-4228-90AE-0DF6430EF885}] => (Allow) svchost.exe
FirewallRules: [{811CA0F5-D2BB-4A4D-BE17-4014C5E8BC67}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{1D853E59-2575-4067-9F21-DE76C38A37B7}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{30E69FC8-3BEF-4B3C-B402-933778084EAA}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{9E4248B8-B08B-4A20-9DBE-8BBD3F09CECC}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{4687042B-D555-4A1A-8039-1AD75E458545}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{961DDA7A-4319-4911-9776-A89874CE5335}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [{34DA1426-B63B-474F-8DEF-EB5235221BDD}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [TCP Query User{6B778748-C7B6-4A46-81D2-56ADEA63F1A7}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{FED1122E-4925-4558-BB06-142DCA1E502E}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{2605EEA3-C05C-459A-87D1-842F42681013}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{38E3F568-5839-4423-B7F7-825F441E9A3F}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{C1A531C8-1DCD-4DFA-82BE-CE5888CD32FD}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{7172C1E6-B85E-41BD-96A0-91C9CFA8119A}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{CE46AC23-B67F-4108-B551-AFF5D9782AD8}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{F877EC4A-9159-4A64-ABC7-2C95CD583B21}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{E73F7B8C-8D61-423F-92F6-41B4EE6DEAD8}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{3C609447-8057-4BCF-B11B-5FCA7ECC5A3C}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{39DCAE11-5CF4-4AC2-94EA-3595A667BBF9}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{B5B309C3-7463-4C30-AD15-7700AD51E9E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{796C015A-E095-4D97-8615-A51836C2BB2E}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{E533F68C-9F2E-4D27-B503-8603931A946A}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{69A98C7C-2D08-429A-BDD8-F97B185625D2}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FD8D8E36-1BB4-4BBB-AFB4-89635DFB6CE7}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{130F31E3-FF6C-4582-9B49-4194BAEB4B39}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{635854E1-9AB3-49FD-AD53-26ABE6288B52}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [TCP Query User{4957885E-9DC6-48AF-A709-0FD7610930C7}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{0CBAC78E-6FDF-485D-99DA-654A55EF276E}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [{692BDFF9-D89E-4F8D-95AE-221810CAE02F}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{2C43FFDD-B6BD-41A4-8BD6-AA2AB5E8ACAD}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{1C9A6C83-81BF-4563-BDCD-CC9BB4160B55}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{350386DF-4A82-427C-9962-B7EB9BD6D34E}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{91395ADC-2BDE-4B46-8494-9EB27A9F6BD5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C6E35A0B-6B7A-4247-B0D4-51F114611254}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D91B19E8-D1DB-4CCC-9FD6-8BDAFD9CF437}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{18E738B9-3F17-4BBA-9045-1E4375E39A6E}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{627658B7-DB21-4DE6-8548-530E847DBE8B}] => (Allow) C:\Users\Conny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{FA30B07B-7F14-4D50-92AF-EEFCA9D3D396}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FE75D3F4-E8D1-4CFB-933D-6209B76DFF6C}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{0A4EC1A1-3B46-45A0-9BF7-910C850A4A46}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [{A5BDF030-2E00-440F-8298-3EE9A52D72B3}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{0EA845AE-B769-468C-BC49-64CA7AF58BE5}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{C5E5ECF1-9DF5-4D24-8CD9-FB695F96D803}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{7134D83D-E8E8-4235-A798-2FE8D9DA33F4}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{7CB4C706-0C27-4B19-865D-815C72462270}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{E3B3F49D-318B-458B-9996-94602E7A3B4C}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{2CBE49FE-1280-4E63-84CD-6A6B240E6A94}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{8C617366-DC95-4B51-AC60-3619F4EE1DE5}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{8049D308-47AD-4656-B8E4-FF0389C5D98C}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{944C753C-8B4D-4193-8F20-0269D1175512}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{0E0A14D1-5FE6-4430-BCD0-DC3481E510DA}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{73FE0611-6B7C-44E0-A9F2-F78142FB7FC6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE19B7A7-4403-4BC4-8281-661A9265FB98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA0C48A7-A4EA-4EE4-9C93-1A05765AF979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8274CD7-8D0E-4CEB-A85D-7D2D260C6077}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{05DB99BC-CB68-457B-859C-9EC460476FA8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5E9E69BC-6EC8-4A84-BC79-6C6F7872BF2C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{EB4831F9-9BE1-44B9-AAEC-71C5B4077093}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B17B8E5F-4C83-4DD8-9665-A2B50F2029F2}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{200C6D82-A0ED-4E15-917B-F41277C0081E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8F33AE0D-E430-42CB-8C6B-71E0C3E0349F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DBDD8041-CAD2-4CBF-83FC-0D30AD8185AA}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{A32D8C8E-4BF5-4C68-8B07-959AE85FF082}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [{E4355044-8680-4492-A43A-904A15EEC2F5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{78AF9F1A-8246-4DC5-82AE-C4FC7F0EA340}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A6B220F1-D801-47D9-A621-2277B6B58787}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AF8BFD75-C3B3-4A57-A7EC-44C89A708810}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{67CF725E-AD3D-4CEE-9FA1-8BDD832B9CAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E6100A1A-0058-4987-8414-8D3338B3020D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

31-01-2016 19:00:32 Windows-Sicherung
03-02-2016 16:10:23 Windows Update
07-02-2016 12:18:38 Windows Update
07-02-2016 19:01:31 Windows-Sicherung
10-02-2016 23:26:36 Windows Update
14-02-2016 16:08:24 Windows Update
14-02-2016 19:00:25 Windows-Sicherung
17-02-2016 23:30:38 Windows Update
21-02-2016 13:34:06 Windows Update
21-02-2016 19:00:44 Windows-Sicherung
23-02-2016 00:21:22 Windows Update
24-02-2016 10:22:25 Windows Update
27-02-2016 00:12:45 Windows Update
27-02-2016 11:36:39 zoek.exe restore point

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/27/2016 12:40:04 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/27/2016 12:34:15 PM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (4192) Windows: Die Shadowkopfzeile für Datei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk konnte nicht geschrieben werden. Fehler -1032.

Error: (02/27/2016 12:34:15 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (4192) Windows: Versuch, Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (02/27/2016 12:30:10 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1068}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (02/27/2016 12:30:09 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1068}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (02/27/2016 12:13:09 PM) (Source: UniversalCommunicationServer) (EventID: 0) (User: )
Description: Universal Communication Server Terminating: True
reason: System.UnhandledExceptionEventArgs
Stack: TraceEnvironment.XTrace+AssertionFailedException: unexpected message length 4
  at TraceEnvironment.XTrace.Assert(Boolean aCondition, String aFormat, Object[] aObjects)
  at UniversalCommunicationServer.ServerConnection.stateConnectedOnServerDataReceived(evServerDataReceived aEvent)
  at UniversalCommunicationServer.ServerConnection.stateConnected.onServerDataReceived(evServerDataReceived aEvent)
  at UniversalCommunicationServer.ServerConnection.Consume(Object aEvent)
  at MultiThreading.Reactive.MainLoop()
  at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
  at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
  at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
  at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
  at System.Threading.ThreadHelper.ThreadStart()

Error: (02/27/2016 09:37:17 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/27/2016 09:27:18 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1738}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (02/27/2016 09:27:18 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1738}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (02/27/2016 09:26:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_LanmanServer, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x50c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_LanmanServer0
Pfad der fehlerhaften Anwendung: svchost.exe_LanmanServer1
Pfad des fehlerhaften Moduls: svchost.exe_LanmanServer2
Berichtskennung: svchost.exe_LanmanServer3


Systemfehler:
=============
Error: (02/27/2016 12:37:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (02/27/2016 12:29:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/27/2016 12:29:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/27/2016 12:13:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Universal Communication Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/27/2016 12:04:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (02/27/2016 12:04:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (02/27/2016 12:04:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (02/27/2016 12:04:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (02/27/2016 12:04:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (02/27/2016 12:04:13 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 2039.11 MB
Verfügbarer physikalischer RAM: 828.58 MB
Summe virtueller Speicher: 4078.23 MB
Verfügbarer virtueller Speicher: 2044.65 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:1080.71 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:0.01 GB) NTFS
Drive e: (WTLIB15X) (CDROM) (Total:0.85 GB) (Free:0 GB) UDF
Drive f: (EX FESTPL 4) (Fixed) (Total:931.47 GB) (Free:855.98 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== Ende vom Addition.txt ============================
nochmal beide Festplatten

die interne:

Code:
----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
                                Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
  Date : 2016/02/27 14:18:47

-- Controller Map ----------------------------------------------------------
 + Intel(R) 5 Series/3400 Series SATA AHCI Controller [ATA]
  - WDC WD15EARS-00MVWB0
  - TSSTcorp CDDVDW SH-S223C

-- Disk List ---------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0 : 1500,3 GB [0/0/0, pd1] - wd
 (2) ST1000DM003-1ER162 : 1000,2 GB [4/X/X, sa1] (V=174C, P=55AA) - st

----------------------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0
----------------------------------------------------------------------------
          Model : WDC WD15EARS-00MVWB0
        Firmware : 51.0AB51
  Serial Number : WD-WMAZA0813822
      Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,3)
    Buffer Size : Unbekannt
    Queue Depth : 32
    # of Sectors : 2930277168
  Rotation Rate : Unbekannt
      Interface : Serial ATA
  Major Version : ATA8-ACS
  Minor Version : ----
  Transfer Mode : ---- | SATA/300
  Power On Hours : 20826 Std.
  Power On Count : 2316 mal
    Temperature : 31 C (87 F)
  Health Status : Gut
        Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
      APM Level : ----
      AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 153 _51 000000000015 Lesefehlerrate
03 167 163 _21 0000000019E1 Mittlere Anlaufzeit
04 _98 _98 __0 000000000910 Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 200 200 __0 000000000000 Suchfehler
09 _72 _72 __0 00000000515A Betriebsstunden
0A 100 100 __0 000000000000 Misslungene Spindelanläufe
0B 100 100 __0 000000000000 Nnotwendige Rekalibrierungen
0C _98 _98 __0 00000000090C Geräte-Einschaltvorgänge
C0 200 200 __0 000000000049 Ausschaltungsabbrüche
C1 _20 _20 __0 000000084402 Laden/Entladen-Zyklen
C2 119 111 __0 00000000001F Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
C8 200 200 __0 000000000000 Schreibfehlerrate

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 415A 4130 3831 3338 3232
020: 0000 0000 0032 3531 2E30 4142 3531 5744 4320 5744
030: 3135 4541 5253 2D30 304D 5657 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 0044 0044
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 0083
090: 0083 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 7B30 AEA8 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 57C4 032D 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E7A5

-- SMART_READ_DATA ---------------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 99 15 00 00 00 00 00 00 03 27
010: 00 A7 A3 E1 19 00 00 00 00 00 04 32 00 62 62 10
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 48 48 5A 51 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 0C 09 00 00 00 00 00 C0 32
070: 00 C8 C8 49 00 00 00 00 00 00 C1 32 00 14 14 02
080: 44 08 00 00 00 00 C2 22 00 77 6F 1F 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 C8 64 01 7B
170: 03 00 01 00 02 FA 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 05 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D6

-- SMART_READ_THRESHOLD ----------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 C8 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05

----------------------------------------------------------------------------
 (2) ST1000DM003-1ER162
----------------------------------------------------------------------------
      Enclosure : Laufwerk (V=174C, P=55AA, sa1) - st
          Model : ST1000DM003-1ER162
        Firmware : CC45
  Serial Number : W4Y0W6HE
      Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,1)
    Buffer Size : Unbekannt
    Queue Depth : 32
    # of Sectors : 1953525168
  Rotation Rate : 7200 RPM
      Interface : USB (Serial ATA)
  Major Version : ACS-2
  Minor Version : ACS-3 Revision 3b
  Transfer Mode : SATA/300 | SATA/600
  Power On Hours : 4082 Std.
  Power On Count : 463 mal
    Temperature : 35 C (95 F)
  Health Status : Gut
        Features : S.M.A.R.T., APM, 48bit LBA, NCQ
      APM Level : 8080h [ON]
      AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 115 _99 __6 000005F5C030 Lesefehlerrate
03 _98 _97 __0 000000000000 Mittlere Anlaufzeit
04 _98 _98 _20 0000000009A3 Start/Stopp-Zyklen der Spindel
05 100 100 _10 000000000000 Wiederzugewiesene Sektoren
07 100 253 _30 0000000974D8 Suchfehler
09 _96 _96 __0 000000000FF2 Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C 100 100 _20 0000000001CF Geräte-Einschaltvorgänge
B7 100 100 __0 000000000000 Herstellerspezifisch
B8 100 100 _99 000000000000 Ende-zu-Ende-Fehler
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC _99 _96 __0 00000000021F Befehlszeitüberschreitung
BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge
BE _65 _56 _45 0000231D0023 Luftstromtemperatur
BF 100 100 __0 000000000000 Beschleunigungssensor-Fehlerrate
C0 100 100 __0 00000000000B Ausschaltungsabbrüche
C1 _98 _98 __0 00000000122C Laden/Entladen-Zyklen
C2 _35 _44 __0 001000000023 Temperatur
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
F0 100 253 __0 D66200000036 Kopfpositionierungszeit
F1 100 253 __0 000017689678 LBA geschrieben (gesamt)
F2 100 253 __0 00C528EC8EE1 LBA gelesen (gesamt)

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5734 5930 5736 4845
020: 0000 0000 0004 4343 3435 2020 2020 5354 3130 3030
030: 444D 3030 332D 3145 5231 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 5010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 00CC 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 407F 0034
090: 0034 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 7C7E 3E2E 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0000 5800 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0007 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 09A5

-- SMART_READ_DATA ---------------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 73 63 30 C0 F5 05 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 62 62 A3
020: 09 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 FD D8 74 09 00 00 00 00 09 32
040: 00 60 60 F2 0F 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 CF 01 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 63 60 1F 02 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 41 38 23 00 1D 23 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 0B 00 00 00 00
0C0: 00 00 C1 32 00 62 62 2C 12 00 00 00 00 00 C2 22
0D0: 00 23 2C 23 00 00 00 10 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 36 00 00 00 62 D6 26 F1 00 00 64 FD 78
110: 96 68 17 00 00 00 F2 00 00 64 FD E1 8E EC 28 C5
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 50 00 00 73
170: 03 00 01 00 01 6D 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 90 00 00 00 03 02 02 02 03 02 02 02
190: 02 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 1E 4B 65 E4 5D 0D 00 00
1B0: 00 00 00 00 01 00 34 02 78 96 68 17 00 00 00 00
1C0: E1 8E EC 28 C5 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 5B 00 02 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 01
1F0: 00 00 00 00 00 00 00 00 00 00 14 18 00 00 00 34

-- SMART_READ_THRESHOLD ----------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD
die externe Festplatte:

Code:
----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
                                Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
  Date : 2016/02/27 14:19:41

-- Controller Map ----------------------------------------------------------
 + Intel(R) 5 Series/3400 Series SATA AHCI Controller [ATA]
  - WDC WD15EARS-00MVWB0
  - TSSTcorp CDDVDW SH-S223C

-- Disk List ---------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0 : 1500,3 GB [0/0/0, pd1] - wd
 (2) ST1000DM003-1ER162 : 1000,2 GB [4/X/X, sa1] (V=174C, P=55AA) - st

----------------------------------------------------------------------------
 (1) WDC WD15EARS-00MVWB0
----------------------------------------------------------------------------
          Model : WDC WD15EARS-00MVWB0
        Firmware : 51.0AB51
  Serial Number : WD-WMAZA0813822
      Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,3)
    Buffer Size : Unbekannt
    Queue Depth : 32
    # of Sectors : 2930277168
  Rotation Rate : Unbekannt
      Interface : Serial ATA
  Major Version : ATA8-ACS
  Minor Version : ----
  Transfer Mode : ---- | SATA/300
  Power On Hours : 20826 Std.
  Power On Count : 2316 mal
    Temperature : 31 C (87 F)
  Health Status : Gut
        Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
      APM Level : ----
      AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 153 _51 000000000015 Lesefehlerrate
03 167 163 _21 0000000019E1 Mittlere Anlaufzeit
04 _98 _98 __0 000000000910 Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 200 200 __0 000000000000 Suchfehler
09 _72 _72 __0 00000000515A Betriebsstunden
0A 100 100 __0 000000000000 Misslungene Spindelanläufe
0B 100 100 __0 000000000000 Nnotwendige Rekalibrierungen
0C _98 _98 __0 00000000090C Geräte-Einschaltvorgänge
C0 200 200 __0 000000000049 Ausschaltungsabbrüche
C1 _20 _20 __0 000000084402 Laden/Entladen-Zyklen
C2 119 111 __0 00000000001F Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
C8 200 200 __0 000000000000 Schreibfehlerrate

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 415A 4130 3831 3338 3232
020: 0000 0000 0032 3531 2E30 4142 3531 5744 4320 5744
030: 3135 4541 5253 2D30 304D 5657 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 0044 0044
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 0083
090: 0083 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 7B30 AEA8 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 57C4 032D 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E7A5

-- SMART_READ_DATA ---------------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 99 15 00 00 00 00 00 00 03 27
010: 00 A7 A3 E1 19 00 00 00 00 00 04 32 00 62 62 10
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 48 48 5A 51 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 0C 09 00 00 00 00 00 C0 32
070: 00 C8 C8 49 00 00 00 00 00 00 C1 32 00 14 14 02
080: 44 08 00 00 00 00 C2 22 00 77 6F 1F 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 C8 64 01 7B
170: 03 00 01 00 02 FA 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 05 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D6

-- SMART_READ_THRESHOLD ----------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 C8 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05

----------------------------------------------------------------------------
 (2) ST1000DM003-1ER162
----------------------------------------------------------------------------
      Enclosure : Laufwerk (V=174C, P=55AA, sa1) - st
          Model : ST1000DM003-1ER162
        Firmware : CC45
  Serial Number : W4Y0W6HE
      Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,1)
    Buffer Size : Unbekannt
    Queue Depth : 32
    # of Sectors : 1953525168
  Rotation Rate : 7200 RPM
      Interface : USB (Serial ATA)
  Major Version : ACS-2
  Minor Version : ACS-3 Revision 3b
  Transfer Mode : SATA/300 | SATA/600
  Power On Hours : 4082 Std.
  Power On Count : 463 mal
    Temperature : 35 C (95 F)
  Health Status : Gut
        Features : S.M.A.R.T., APM, 48bit LBA, NCQ
      APM Level : 8080h [ON]
      AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 115 _99 __6 000005F5C030 Lesefehlerrate
03 _98 _97 __0 000000000000 Mittlere Anlaufzeit
04 _98 _98 _20 0000000009A3 Start/Stopp-Zyklen der Spindel
05 100 100 _10 000000000000 Wiederzugewiesene Sektoren
07 100 253 _30 0000000974D8 Suchfehler
09 _96 _96 __0 000000000FF2 Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C 100 100 _20 0000000001CF Geräte-Einschaltvorgänge
B7 100 100 __0 000000000000 Herstellerspezifisch
B8 100 100 _99 000000000000 Ende-zu-Ende-Fehler
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC _99 _96 __0 00000000021F Befehlszeitüberschreitung
BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge
BE _65 _56 _45 0000231D0023 Luftstromtemperatur
BF 100 100 __0 000000000000 Beschleunigungssensor-Fehlerrate
C0 100 100 __0 00000000000B Ausschaltungsabbrüche
C1 _98 _98 __0 00000000122C Laden/Entladen-Zyklen
C2 _35 _44 __0 001000000023 Temperatur
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
F0 100 253 __0 D66200000036 Kopfpositionierungszeit
F1 100 253 __0 000017689678 LBA geschrieben (gesamt)
F2 100 253 __0 00C528EC8EE1 LBA gelesen (gesamt)

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5734 5930 5736 4845
020: 0000 0000 0004 4343 3435 2020 2020 5354 3130 3030
030: 444D 3030 332D 3145 5231 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 5010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 00CC 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 407F 0034
090: 0034 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 7C7E 3E2E 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0000 5800 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0007 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 09A5

-- SMART_READ_DATA ---------------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 73 63 30 C0 F5 05 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 62 62 A3
020: 09 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 FD D8 74 09 00 00 00 00 09 32
040: 00 60 60 F2 0F 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 CF 01 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 63 60 1F 02 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 41 38 23 00 1D 23 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 0B 00 00 00 00
0C0: 00 00 C1 32 00 62 62 2C 12 00 00 00 00 00 C2 22
0D0: 00 23 2C 23 00 00 00 10 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 36 00 00 00 62 D6 26 F1 00 00 64 FD 78
110: 96 68 17 00 00 00 F2 00 00 64 FD E1 8E EC 28 C5
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 50 00 00 73
170: 03 00 01 00 01 6D 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 90 00 00 00 03 02 02 02 03 02 02 02
190: 02 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 1E 4B 65 E4 5D 0D 00 00
1B0: 00 00 00 00 01 00 34 02 78 96 68 17 00 00 00 00
1C0: E1 8E EC 28 C5 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 5B 00 02 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 01
1F0: 00 00 00 00 00 00 00 00 00 00 14 18 00 00 00 34

-- SMART_READ_THRESHOLD ----------------------------------------------------
    +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD
Danke Rafael fürs Anschauen und fürs Überprüfen :bussi:

burningice 27.02.2016 19:31
:)

Was machen deine Probleme? Werbung im Browser? Noch langsam?


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...

Lilian-Rose 28.02.2016 18:40
Hallo Rafael,

ja, mein Computer braucht beim Start 20 Minuten bis das Windowslogo erscheint und weitere 10 Minuten, bis er auf eine Eingabe reagiert...

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=386416bbd43eab4198f1f110b84d219c
# end=init
# utc_time=2016-02-28 12:22:03
# local_time=2016-02-28 01:22:03 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28338
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=386416bbd43eab4198f1f110b84d219c
# end=updated
# utc_time=2016-02-28 12:38:02
# local_time=2016-02-28 01:38:02 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=386416bbd43eab4198f1f110b84d219c
# engine=28338
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-02-28 04:21:31
# local_time=2016-02-28 05:21:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=794 16777213 83 97 7510988 39426910 0 0
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 370298 79656885 0 0
# scanned=305293
# found=161
# cleaned=0
# scan_time=13407
sh=AC148E6F4C8C07F5F7B53C14B59B05139E5D388F ft=1 fh=6cee8f9f778ea970 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Ask.com\AviraBrowserSecurity.exe.vir"
sh=64CBDD10138CDAFA9867D9F800BD418FD6B3EBAB ft=1 fh=ef8be82e4895722e vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Ask.com\AviraCallingIDhelper.dll.vir"
sh=4304A90995D3F06CD70C12344E7BC69BC2A4B3D8 ft=1 fh=502cd4bccacff159 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Ask.com\GenericAskToolbar.dll.vir"
sh=66C0CBC185C63B9F9F4267249E8B6EAA93E373D3 ft=1 fh=e713c65257217712 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Ask.com\precache.exe.vir"
sh=B0B3E0EC6CFC65524F9E7128ED85AA1DEB8F00D3 ft=1 fh=5b777602cbdd695a vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Ask.com\SaUpdate.exe.vir"
sh=053F24DB88776A9F31D44814D637B7C2DF13C705 ft=1 fh=5a72db2fde1f6446 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Ask.com\UpdateTask.exe.vir"
sh=7EBDB7E15F3A9904E252BE098198AE5154726770 ft=1 fh=ebfb3d2049a01537 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Ask.com\Updater\Updater.exe.vir"
sh=D4818F5F178FBA8B0DD98CCDF07516B606551C87 ft=1 fh=c71c00110f8ea7cc vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert0.dll.vir"
sh=BFD72C046A3341D9273AF47B05EEB50A66725FF7 ft=1 fh=00f7a1e350b89a9e vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\ConduitEngine\ConduitEngine.dll.vir"
sh=4CBEA1ADF328E3DAF17DE451C4DEDB9FF17DEA43 ft=1 fh=0527b0215a5e6faa vn="Variante von Win32/Toolbar.Conduit.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\ConduitEngine\ConduitEngineUninstall.exe.vir"
sh=CA2A44C549DE8DDCE928710201B538F6F84DBCFB ft=1 fh=b912ae28e1dd5b7b vn="Variante von Win32/Toolbar.Conduit.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\ConduitEngine\prxConduitEngine.dll.vir"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\MyAshampoo\ldrtbMyA0.dll.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\MyAshampoo\MyAshampooToolbarHelper1.exe.vir"
sh=A2D929A9864513C0E8ED84AAD622EF6ADCC9B950 ft=1 fh=22c06217fc444ec5 vn="Win32/Toolbar.Conduit.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\MyAshampoo\prxtbMyA0.dll.vir"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\MyAshampoo\tbMyA0.dll.vir"
sh=B4267CC9FBAA1133921BBF40835E07DAA481E025 ft=1 fh=39d86043333a1074 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\MyAshampoo\tbMyA1.dll.vir"
sh=535083D61D58BC4975012BC060A7D06DC6012DDE ft=1 fh=0d7c9d1074a9eb70 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\MyAshampoo\tbMyAs.dll.vir"
sh=28AA609FEAC1520EEDC7FF84332CD4F4C56585E5 ft=1 fh=409ffdbbb100bddc vn="Variante von Win32/Toolbar.Conduit.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\MyAshampoo\uninstall.exe.vir"
sh=CA2A44C549DE8DDCE928710201B538F6F84DBCFB ft=1 fh=b912ae28e1dd5b7b vn="Variante von Win32/Toolbar.Conduit.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic_Deutsch\prxtbSoft.dll.vir"
sh=BFD72C046A3341D9273AF47B05EEB50A66725FF7 ft=1 fh=00f7a1e350b89a9e vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic_Deutsch\tbSoft.dll.vir"
sh=0ED4C25E4292E37E4177C5C6AAAA36F481414315 ft=1 fh=982f6f4f1bc4bde3 vn="Variante von Win32/Toolbar.Conduit.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic_Deutsch\uninstall.exe.vir"
sh=23B3E5F508EB6FC76D67A873A5AAC2D34C3CE5E1 ft=1 fh=b86fe1495473b541 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\mgcommon.dll.vir"
sh=7DB65607A18C67C0C8C0310E0FF23A202AB3F070 ft=1 fh=9f565fd3b0ad3b83 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\mgcommunication.dll.vir"
sh=3176C30E3A30990C42C968951B6BB2ADFD0B1C00 ft=1 fh=12a0591694d39321 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\mgsimcommon.dll.vir"
sh=08647AB20AED7B8385931FDF5B4A48165131A061 ft=1 fh=b4c21070436958b0 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\mgxml_wrapper.dll.vir"
sh=C6A9FB024D614702667E0768E0B673BA3A31F504 ft=1 fh=aa62bac49704426f vn="Variante von Win32/SweetIM.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe.vir"
sh=C8F1E3F28152C6C010B7AE8FA4D167E3C388FF0C ft=1 fh=84ff0b58ed098a1d vn="Win32/SweetIM.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll.vir"
sh=D09F832544B921CD7C61A7DB193F29EF6638AD88 ft=1 fh=58a116a27a6d5dbb vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\ContentPackagesActivationHandler.exe.vir"
sh=C6E3F8034D197C34D61701AC146694B6DBEC36CD ft=1 fh=7f9fa2fc68c7b7f4 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll.vir"
sh=FC883B83DA2A9ED93AC2A4CEC9936268A6B264C2 ft=1 fh=80a06d85550fdea2 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgArchive.dll.vir"
sh=F3001B5F58A6C6AB8DD7E6E63CB89D20F74EF228 ft=1 fh=f50ea5fcbc656251 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgcommon.dll.vir"
sh=2CF3C9FBCBEBAA6D75DE43CCC487D62954538F81 ft=1 fh=446d6a4df1e456fa vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgcommunication.dll.vir"
sh=60FCD298549E0383DFACBE66420DC922D6BAAF84 ft=1 fh=73f28a50980afe65 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgconfig.dll.vir"
sh=531A5D492B39076AA7990DD76F41B762258B86A7 ft=1 fh=a45064434f491236 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgFlashPlayer.dll.vir"
sh=AE57E26160449200540B1FD8E839F1BD5A30327A ft=1 fh=c29c62a52f555ace vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mghooking.dll.vir"
sh=B6E78443D25AF8B978DC24D515DF7B2F673629CC ft=1 fh=ece232c764d65d89 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgICQAuto.dll.vir"
sh=42B14A7D72C6EDAF5140A2C7B95149B92473853C ft=1 fh=6f2c94e91302d1a2 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgICQMessengerAdapter.dll.vir"
sh=B28C9BCA89A124EBD2EAAF5073370E7E0E87DB4E ft=1 fh=c56c5ff3b0e7703d vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mglogger.dll.vir"
sh=87FF2D9A36B50B5A7DF4D08F87B92BEA86D7DAB7 ft=1 fh=71dc135578fffed6 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgMediaPlayer.dll.vir"
sh=C86CF9524D11A2392A491EA15ED12D2CA890F249 ft=1 fh=ae21d71fff630a17 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgMsnAuto.dll.vir"
sh=055E7A147AB9DCB141FDF58A0D3CCD825AE8B361 ft=1 fh=ac8cec2f7886b930 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgMsnMessengerAdapter.dll.vir"
sh=73987118D6F1799B0B29DB00BF7248B20347BB46 ft=1 fh=d25a2527398bc729 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgsimcommon.dll.vir"
sh=C786E62AB09C10B6277F3E9CFC34207FE56E1FFA ft=1 fh=6c27d70c5686a2b1 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgSweetIM.dll.vir"
sh=07695C8842935A01310F52C83BAB364950419841 ft=1 fh=e250219d9f9cd5af vn="Variante von Win32/SweetIM.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgUpdateSupport.dll.vir"
sh=093FB06E67DB8C5562A823E389853340405B8724 ft=1 fh=1b5e6676818f2ad9 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgxml_wrapper.dll.vir"
sh=A679EB39BB32DD88C09E150B0E5F7BAED12467A6 ft=1 fh=0ba701bbd4ac4b73 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgYahooAuto.dll.vir"
sh=9B45902B8B791A84EC6F7D1AD2E8099410D1A467 ft=1 fh=3191d44e293b78d5 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\mgYahooMessengerAdapter.dll.vir"
sh=AE3254BDF03A347110068EF29CB15C7B554491F0 ft=1 fh=30381f993c8268c2 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\SweetIM.exe.vir"
sh=C8F1E3F28152C6C010B7AE8FA4D167E3C388FF0C ft=1 fh=84ff0b58ed098a1d vn="Win32/SweetIM.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll.vir"
sh=254E6AFDCAAB3164AFF14E8DE8B3AC1BCC39F854 ft=1 fh=1fc4ebc1d7daefee vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe.vir"
sh=F7F9FB0566FD5213BF5513AA054739E2065B6D79 ft=1 fh=94c8b7ca90c36996 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll.vir"
sh=F584788A9263B72F54478BA1B85936D04253E924 ft=1 fh=9c00240e418663a3 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll.vir"
sh=F939555A426C1BD14E59E2711C450CD15ECFD549 ft=1 fh=36df6d446a148e9c vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll.vir"
sh=34D258C22359F7DBAB977926003EF0BF814D0E74 ft=1 fh=b406e9dec54a62a6 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe.vir"
sh=A3AF758EC386F6199DC2C921E956D7522D7897CF ft=1 fh=58e5b6d5c9901c7e vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mghooking.dll.vir"
sh=25FBFD0F512900220DBEB49AEA33692D201BC174 ft=1 fh=165a60b3a0b2304f vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll.vir"
sh=648FF80C1116BCC33A8E68098C77E5F6B8B32504 ft=1 fh=6ddfa765a635ace9 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll.vir"
sh=36941F235EA5B4761F765AA51AF47D098829E640 ft=1 fh=84f81ded0ab12f97 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll.vir"
sh=41299B4F6903804D30431AF4CF7F6C13F5F933AA ft=1 fh=415b95679a2801b3 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll.vir"
sh=FAA66F853E6E81745F195A8939DD5280720DF466 ft=1 fh=aff78666cd18d1e3 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll.vir"
sh=0C0C76A8916F5627C19C5D533530F3A931C2F6C3 ft=1 fh=0a5c55155fb40706 vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\uniblue\RegistryBooster\Launcher.exe.vir"
sh=5B539390F2E02EADB01AEFF6C9807AD75C24143D ft=1 fh=41d9465ee19ea3f6 vn="Variante von Win32/RegistryBooster.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\uniblue\RegistryBooster\registrybooster.exe.vir"
sh=141F9676AE92B811A63099D11D8F303BE9258282 ft=1 fh=06d74145ec124e21 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\AskToolbar\Downloaded Program Files\AviraWebSecurity.dll.vir"
sh=D86451022DDD8348105C1D52FBFD2ADB1E2DCC30 ft=1 fh=d3e706a6307522ba vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll.vir"
sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll.vir"
sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll.vir"
sh=3EFCE8E60D9AEA8666F5A04990DB0451DBB8CCA1 ft=1 fh=9fcd97622c9e2cff vn="Variante von Win32/Toolbar.Conduit.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Conduit\CT2475029\MyAshampooAutoUpdaterHelper.exe.vir"
sh=23BCA4D6CC914DC3A7E0E458122CA50D9C7DCCED ft=1 fh=d416938800afb31e vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.28.54987_0\background\setup.exe.vir"
sh=529E13DA870767975DAD690D43AD8B7F35D63046 ft=1 fh=3724dde45c0861d2 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\mgHelperGC.dll.vir"
sh=78AA5265F8B75474E1BFB9FFC93708F2538949D7 ft=1 fh=c70437d1ef60bdad vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir"
sh=BA4D5B0A6E11E30BED9E8B4247BA9BD002EA64F3 ft=1 fh=22aaeb37437fe2d4 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Smartbar\Application\NDde.dll.vir"
sh=48C826EF00938F035C91C9F6B3E167CB21D96633 ft=1 fh=59fac0a23423ab50 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_16.dll.vir"
sh=45F4ABE93E1FB333545719948B418FB1207A5085 ft=1 fh=3a58b09db4698b9d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_17.dll.vir"
sh=FED76CBD8D5660DEC60B3F16547372DEE7F87FA6 ft=1 fh=9705b06916654cd4 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_18.dll.vir"
sh=C8F23EFE19C6A36D8921AE5C96F95808EBEFBE05 ft=1 fh=8064b8d931435e04 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_19.dll.vir"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll.vir"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll.vir"
sh=462FBA4B54A46F9338FDD1DEC3A7C33E6862D4BA ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\AskToolbar\avr-4.cab.vir"
sh=23BCA4D6CC914DC3A7E0E458122CA50D9C7DCCED ft=1 fh=d416938800afb31e vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\AskToolbar\setup.exe.vir"
sh=BFD72C046A3341D9273AF47B05EEB50A66725FF7 ft=1 fh=00f7a1e350b89a9e vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\ConduitEngine\ConduitEngine.dll.vir"
sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\MyAshampoo\hk64tbMyA0.dll.vir"
sh=639EC700B0AE3E4022B0E2194154C35804C1495D ft=1 fh=cea679b0d15a81f3 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\MyAshampoo\hk64tbMyA2.dll.vir"
sh=CC6AF3A384A61C1C621BA5AB43583E82FF281530 ft=1 fh=bbbd034bf7d0bf76 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\MyAshampoo\hktbMyA0.dll.vir"
sh=E81DDA2EB87C2B9FC5567266DCB0F473CA8879DD ft=1 fh=ce9365354cde4d2d vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\MyAshampoo\hktbMyA2.dll.vir"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\MyAshampoo\ldrtbMyA0.dll.vir"
sh=BB64EAB4A8D339B38E2C84ECCDC1EB9BCB508661 ft=1 fh=b9050071cbb9d4b1 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\MyAshampoo\ldrtbMyA2.dll.vir"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\MyAshampoo\tbMyA0.dll.vir"
sh=81AF7CFB10091601ED1B82B92BDA2A254AA2B82F ft=1 fh=b76578e523b80dbc vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\MyAshampoo\tbMyA1.dll.vir"
sh=41565A5C7C5DE65C949CC2C3566265E05A0BA782 ft=1 fh=95024ab9b65b3320 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\MyAshampoo\tbMyA2.dll.vir"
sh=B5C93DA0C608B26C9487ABC49CCB643C9A15ED33 ft=1 fh=75f1c65aa8a331ed vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\MyAshampoo\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir"
sh=BFD72C046A3341D9273AF47B05EEB50A66725FF7 ft=1 fh=00f7a1e350b89a9e vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\Softonic_Deutsch\tbSoft.dll.vir"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\LocalLow\Softonic_Deutsch\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll.vir"
sh=07822AE712129D9417AD657E309745C354E2F6B1 ft=1 fh=2d4cb189633ce2f3 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\toolbar@ask.com\chrome\temp\askToolbar.exe.vir"
sh=FF887931FCCAD404322D539F14A9354876EBB88F ft=1 fh=31c3b9d427ec830c vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\toolbar@ask.com\plugins\npAviraCallingID.dll.vir"
sh=D0D3CAE6214AD84B6A258D241EFB8449D4D0E949 ft=1 fh=ee53831ec61570e0 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Roaming\OpenCandy\OpenCandy_4D45B878B4164108854DCA008BCA4046\DLMgr_3_1.6.44.exe.vir"
sh=8C2BEEC62CFAF756CFA109A5F09F35D1A1B85D71 ft=1 fh=a5f037fcb7109094 vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Roaming\OpenCandy\OpenCandy_4D45B878B4164108854DCA008BCA4046\registrybooster21.exe.vir"
sh=C6A7411B381E99990570FDF52B9C75C0071513CB ft=1 fh=63870004f0ee89bb vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Conny\AppData\Roaming\OpenCandy\OpenCandy_4D45B878B4164108854DCA008BCA4046\registrybooster21Wrapped.exe.vir"
sh=27E476FFE5BCC7FB2727A2217274091495ACBA5E ft=1 fh=68e1f4fad698def6 vn="Variante von Win32/Toolbar.Perion.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\system32\ARFC\wrtc.exe.vir"
sh=9CB043C9C34EA2F59E658E11FE25B583EF46D110 ft=1 fh=c71c0011254d1939 vn="Variante von Win32/Toolbar.Perion.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\system32\jmdp\lmrn.dll.vir"
sh=3D519BEB3958195EF78040D2B89A1B6E00BBDCA6 ft=1 fh=e48b51253153cf0e vn="Variante von Win32/Toolbar.Perion.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\system32\jmdp\stij.exe.vir"
sh=3FCDDDFFA523FD30995BD7F1EE90AD1DAFF05C22 ft=1 fh=eb68e71596000e50 vn="Variante von Win32/Toolbar.Perion.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\system32\WNLT\Installation\SKSetup.exe.vir"
sh=6B97D6844255D47302665BE4EB504893477EFA9C ft=1 fh=edd6a7ebcaa5d0c2 vn="Variante von Win64/Toolbar.Perion.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\system32\WNLT\Installation\WSSetup.exe.vir"
sh=EE2D8A0C16CB4F60E07AD30BC8F4AF2D25E4FF62 ft=1 fh=c2a60ef126908cf5 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe"
sh=24A108C48173FDD9962F7CC3D4DB4B852D864838 ft=1 fh=0501d0dc4c9a869f vn="Variante von Win32/Systweak.N evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll"
sh=915239C2678EFCE5C2E45012595BEA0C050864B4 ft=1 fh=9ca6c4d86ffea4d8 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe"
sh=67A75BAA7A5BBB2EEEBB99D490F00F82D0BB1E09 ft=1 fh=5d5a0ac2ab2c0a85 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe"
sh=2C09414F7BCF16F3C9A358B5CCD4492EF7EEF08E ft=1 fh=5545a1a02bc092d6 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe"
sh=322DCE4CCA5EB266FFEDD900C6D628769AD18300 ft=1 fh=b3d66e50f9e4f6b1 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe"
sh=23506D9A78AAD99C8289AC6A3F51F4354846FAE3 ft=1 fh=229e5f05b2c8c290 vn="Variante von Win32/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Windows\System32\roboot.exe.vir"
sh=B2195B5E7774C70AB682684132C1C664AD121DCF ft=1 fh=b5b975d83371cec9 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Conny\Desktop\Rafael\CrystalDiskInfo6_7_5-en.exe"
sh=B2195B5E7774C70AB682684132C1C664AD121DCF ft=1 fh=b5b975d83371cec9 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\CrystalDiskInfo6_7_5-en(1).exe"
sh=F0D4898394767E57166830DA98A3DF2C90B95E2A ft=1 fh=7bf37f797be3189a vn="Variante von Win32/DownloadGuide.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Notfall_DVD_5.0_Free_CB-DL-Manager(2).exe"
sh=1B3744CD81093C36B80DDC4E776790D00A5CCB4F ft=1 fh=565d48390f0543a8 vn="Variante von Win32/DownloadGuide.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Notfall_DVD_5.0_Free_CB-DL-Manager.exe"
sh=19C762C2494045E015D199899692C562D54BADA2 ft=1 fh=360ff1698ff92e85 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\SystemRescueCd - CHIP-Installer.exe"
sh=7D7C7305298E11EE810078A7FA0640B484A1EA10 ft=1 fh=6ce22f5640248296 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Verschiedenes\avira_free_antivirus_de(1).exe"
sh=9ED22B17AF956934B73F176C0AEB87AFA2F2B5B3 ft=1 fh=f57fa58ae860c262 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Verschiedenes\avira_free_antivirus_de(2).exe"
sh=7D7C7305298E11EE810078A7FA0640B484A1EA10 ft=1 fh=6ce22f5640248296 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Verschiedenes\avira_free_antivirus_de(3).exe"
sh=9ED22B17AF956934B73F176C0AEB87AFA2F2B5B3 ft=1 fh=f57fa58ae860c262 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Verschiedenes\avira_free_antivirus_de.exe"
sh=0078F57B9B78D11CE0BC235F344C0ECC85D0B313 ft=1 fh=aa82b79cf2daaa47 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Verschiedenes\cdbxp_setup_4.3.8.2474.exe"
sh=BEB04F076892C9B4A8DAE147330D5DAFC5EA47B0 ft=1 fh=f4f6b3432889b861 vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Verschiedenes\iMeshV10de.exe"
sh=AEE0B5F1AE8564D7E4CCD032EDF7AD88339BFF4E ft=1 fh=88c3bdc65b0afccf vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Verschiedenes\Microsoft_LifeChat_LX-6000_Treiber_Update_06-2014(1).exe"
sh=AEE0B5F1AE8564D7E4CCD032EDF7AD88339BFF4E ft=1 fh=88c3bdc65b0afccf vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Verschiedenes\Microsoft_LifeChat_LX-6000_Treiber_Update_06-2014.exe"
sh=6850D309E46D96C70E4AD21534DAD090FF5350C2 ft=1 fh=cdd66505779ebf40 vn="Win32/RegistryReviver evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Verschiedenes\reviversoft-registry-reviver-trial.exe"
sh=A0867E6C018019D4E76B0DA3E067413C1E9193D5 ft=1 fh=25de646db16c1e53 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Conny\Dropbox\Downloads\Vorträge\ashampoo_burning_studio_6_free_6.83_4312.exe"
sh=88DBE5F113DF37C1780ED9B0D8FC144CA20600D8 ft=1 fh=ae439cb8cb701357 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Conny\Neuer Ordner\ashampoo_burning_studio_2012_cbe_11.0.4_sd.exe"
sh=60BAD538AD00EBFF1F25F5C37F161FF827D89513 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Conny\Neuer Ordner\Neuer Ordner (2)\Winzip.msi"
sh=4C4CCD49B065E1CE9DE145D045B1FC12F923A84D ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\118893b.msi"
sh=0B29096C3417271AEC985798AB38EC97753758E0 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\13b1d4b.msi"
sh=EBEDCB56A58830C81CE1C4EF97D5B5DBAE532E78 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.M potenziell unsichere Anwendung" ac=I fn="D:\CONNY-PC\Backup Set 2015-11-08 160137\Backup Files 2015-11-08 160137\Backup files 24.zip"
sh=19E1672BF608BFBAEBA08F218C8E11046BE2FC80 ft=0 fh=0000000000000000 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="D:\CONNY-PC\Backup Set 2015-11-08 160137\Backup Files 2015-11-08 160137\Backup files 25.zip"
sh=BAF9086BEB7F9FB0A14BEFA0B47F0A60952A96DB ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadGuide.K evtl. unerwünschte Anwendung" ac=I fn="D:\CONNY-PC\Backup Set 2015-11-08 160137\Backup Files 2015-11-08 160137\Backup files 41.zip"
sh=54193645CCB723255BE15AE426D0A1BDFB653C5C ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\CONNY-PC\Backup Set 2015-11-08 160137\Backup Files 2015-11-08 160137\Backup files 42.zip"
sh=1BBA8C133B38052A924CCCB93338D5E0F66BFEB8 ft=0 fh=0000000000000000 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="D:\CONNY-PC\Backup Set 2015-11-08 160137\Backup Files 2015-11-08 160137\Backup files 49.zip"
sh=8F3DAD0599658477879A935F2B3B1353C19765B6 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="D:\CONNY-PC\Backup Set 2015-11-08 160137\Backup Files 2015-11-08 160137\Backup files 50.zip"
sh=4FD52313A6BCCF2A2D812073357A69DDD53B22F0 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="D:\CONNY-PC\Backup Set 2015-11-08 160137\Backup Files 2015-11-08 160137\Backup files 51.zip"
sh=44D8B198424C7066747D5E93E0C48FF3530EEA4A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="D:\CONNY-PC\Backup Set 2015-11-08 160137\Backup Files 2015-11-08 160137\Backup files 52.zip"
sh=738A61C385CBC403B815DD72E605B992E86EC0FA ft=0 fh=0000000000000000 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="F:\$RECYCLE.BIN\$RFK48LJ.zip"
sh=409BA34DACFCFFD2B4F92F5AB42DE4A7F3A205B9 ft=1 fh=04e334da59169d84 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="F:\$RECYCLE.BIN\$RJA9EFJ.exe"
sh=7A0508C8D3490ABEB377A51D9FCC99623CA7950E ft=1 fh=60fe321e2a0cebf6 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\$RECYCLE.BIN\$RRG22Q3.exe"
sh=17CCE77EA8BDCD4BCF41EF622378B168BAAD3562 ft=1 fh=aafe6f8588136801 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\$RECYCLE.BIN\$RUZMZ4Q.exe"
sh=057C95466AAD91380F7CA08599FEDDAEF90677A0 ft=1 fh=5e3edb1b062ef6d5 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="F:\$RECYCLE.BIN\$REEUOJK.exe"
sh=5B9C8E740A928E795171EF512289608A1A22F7DA ft=1 fh=b50d1e9cdff9d98f vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="F:\$RECYCLE.BIN\$RLSZE81.exe"
sh=2B4904A968F82395F502D82860C9918E0D4417C5 ft=1 fh=63d122a8f9a4f82d vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="F:\$RECYCLE.BIN\$ROQRNED.exe"
sh=4EF4029B6E52B743855F21DAE2AE0446829B6FD3 ft=1 fh=8160d79d7f917e8d vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="F:\$RECYCLE.BIN\$R3M6898.exe"
sh=B30849457AF2ECE8D24307CF3A332F12F4545224 ft=1 fh=8b84f08746b7f899 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="F:\$RECYCLE.BIN\$RRXO7NH.exe"
sh=ADAE5FC29B81E3C7FDD6E2241D162FC25361A325 ft=1 fh=03d13bad10501cdd vn="Variante von Win32/InstallCore.AFF.gen evtl. unerwünschte Anwendung" ac=I fn="F:\$RECYCLE.BIN\$RBUT0JH.exe"
sh=19C762C2494045E015D199899692C562D54BADA2 ft=1 fh=360ff1698ff92e85 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\$RECYCLE.BIN\$RK8T43T.exe"
sh=1D570FE34A0188FF61A50203610256F623E2E617 ft=0 fh=0000000000000000 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="F:\$RECYCLE.BIN\$RYKNOKX\Notfall-CD-2.2\Notfall-CD-2.2.iso"
sh=29E42A61A6BE387A24C035693D509D873C02D916 ft=1 fh=b326822ef8b4edbf vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="F:\$RECYCLE.BIN\$R4MUF8Y\D10D21382C3B4CBCB721E393C53846F4\speedupmypcDE.exe"
sh=3B511FCED9EF3C67C6660CB4E6A2DC78D851E87F ft=1 fh=769024600d6b2366 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="F:\$RECYCLE.BIN\$R4MUF8Y\D10D21382C3B4CBCB721E393C53846F4\speedupmypcDE_p3v1.exe"
sh=7D7C7305298E11EE810078A7FA0640B484A1EA10 ft=1 fh=6ce22f5640248296 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="F:\Verschiedenes\avira_free_antivirus_de(1).exe"
sh=9ED22B17AF956934B73F176C0AEB87AFA2F2B5B3 ft=1 fh=f57fa58ae860c262 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="F:\Verschiedenes\avira_free_antivirus_de(2).exe"
sh=7D7C7305298E11EE810078A7FA0640B484A1EA10 ft=1 fh=6ce22f5640248296 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="F:\Verschiedenes\avira_free_antivirus_de(3).exe"
sh=9ED22B17AF956934B73F176C0AEB87AFA2F2B5B3 ft=1 fh=f57fa58ae860c262 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="F:\Verschiedenes\avira_free_antivirus_de.exe"
sh=0078F57B9B78D11CE0BC235F344C0ECC85D0B313 ft=1 fh=aa82b79cf2daaa47 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="F:\Verschiedenes\cdbxp_setup_4.3.8.2474.exe"
sh=BEB04F076892C9B4A8DAE147330D5DAFC5EA47B0 ft=1 fh=f4f6b3432889b861 vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="F:\Verschiedenes\iMeshV10de.exe"
sh=AEE0B5F1AE8564D7E4CCD032EDF7AD88339BFF4E ft=1 fh=88c3bdc65b0afccf vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="F:\Verschiedenes\Microsoft_LifeChat_LX-6000_Treiber_Update_06-2014(1).exe"
sh=AEE0B5F1AE8564D7E4CCD032EDF7AD88339BFF4E ft=1 fh=88c3bdc65b0afccf vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="F:\Verschiedenes\Microsoft_LifeChat_LX-6000_Treiber_Update_06-2014.exe"
sh=6850D309E46D96C70E4AD21534DAD090FF5350C2 ft=1 fh=cdd66505779ebf40 vn="Win32/RegistryReviver evtl. unerwünschte Anwendung" ac=I fn="F:\Verschiedenes\reviversoft-registry-reviver-trial.exe"
sh=A0867E6C018019D4E76B0DA3E067413C1E9193D5 ft=1 fh=25de646db16c1e53 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="F:\Vorträge\ashampoo_burning_studio_6_free_6.83_4312.exe"

burningice 01.03.2016 18:40
Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

C:\Windows\Installer\118893b.msi

C:\Windows\Installer\13b1d4b.msi

F:\$RECYCLE.BIN\*.exe

F:\$RECYCLE.BIN\$RYKNOKX

F:\$RECYCLE.BIN\$R4MUF8Y
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Lilian-Rose 02.03.2016 12:05
Danke Rafael,

hier kommt die Datei

Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
durchgeführt von Conny (2016-03-02 11:44:15) Run:2
Gestartet von C:\Users\Conny\Desktop\Rafael
Geladene Profile: Conny (Verfügbare Profile: Conny)
Start-Modus: Normal

==============================================

fixlist Inhalt:
*****************
C:\Windows\Installer\118893b.msi

C:\Windows\Installer\13b1d4b.msi

F:\$RECYCLE.BIN\*.exe

F:\$RECYCLE.BIN\$RYKNOKX

F:\$RECYCLE.BIN\$R4MUF8Y
emptytemp:
       
*****************

C:\Windows\Installer\118893b.msi => erfolgreich verschoben
C:\Windows\Installer\13b1d4b.msi => erfolgreich verschoben

=========== "F:\$RECYCLE.BIN\*.exe" ==========

F:\$RECYCLE.BIN\$I5DCZPG.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$R5DCZPG.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$ID2W9QJ.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RD2W9QJ.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IC57OLS.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RC57OLS.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IJA9EFJ.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RJA9EFJ.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IQ36FWH.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RQ36FWH.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IFAY8KS.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RFAY8KS.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IRG22Q3.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RRG22Q3.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IUZMZ4Q.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RUZMZ4Q.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$I5KHRUD.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$R5KHRUD.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IEEUOJK.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$REEUOJK.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$ILSZE81.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RLSZE81.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IOQRNED.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$ROQRNED.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$I3M6898.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$R3M6898.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IRXO7NH.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RRXO7NH.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IOU5GCD.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$ROU5GCD.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$INNUI86.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RNNUI86.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$I94RQK3.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$R94RQK3.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IBUT0JH.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RBUT0JH.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$I46LNBH.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$R46LNBH.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IJBXKHU.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RJBXKHU.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$ISBK7KY.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RSBK7KY.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$ILJ1SJO.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RLJ1SJO.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$INGD4A5.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IVHYGOO.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$IK8T43T.exe => erfolgreich verschoben
F:\$RECYCLE.BIN\$RK8T43T.exe => erfolgreich verschoben

========= Ende -> "F:\$RECYCLE.BIN\*.exe" ========

F:\$RECYCLE.BIN\$RYKNOKX => erfolgreich verschoben
F:\$RECYCLE.BIN\$R4MUF8Y => erfolgreich verschoben
EmptyTemp: => 452.7 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende vom Fixlog 11:54:07 ====

burningice 02.03.2016 16:19
Also ehrlich gesagt denke ich nicht, dass wir hier noch groß was finden werden, das deinen PC so verlangsamt.

Schritt 1
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Schritt 2
Bitte folge mal dieser Anleitung: Clean Boot - Probleme beim Systemstart diagnostizieren
Wie verhält sich dein Problem jetzt?

Lilian-Rose 02.03.2016 20:33
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
durchgeführt von Conny (Administrator) auf CONNY-PC (02-03-2016 19:58:02)
Gestartet von C:\Users\Conny\Desktop\Rafael
Geladene Profile: Conny (Verfügbare Profile: Conny)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow32.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Dropbox, Inc.) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(BERNINA International AG) C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-01-10] (Google Inc.)
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [Dropbox Update] => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {3B713BCF-458F-4A2A-BAD2-9784208C169D} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-09]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-09]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=00033BB0&OHP=about%3Ablank&OSP=https%3A%2F%2Fde.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-02-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-09] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default
FF DefaultSearchUrl:
FF Homepage: hxxp://www.jw.org/de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\computer-bild-suche.xml [2015-09-28]
FF Extension: CookieCuller - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2015-05-29]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-10-16] [ist nicht signiert]
FF Extension: Avira Browser Safety - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\abs@avira.com [2016-02-25]
FF Extension: ghostery - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\firefox@ghostery.com.xpi [2016-02-23]
FF Extension: Hilfe Assistent - C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\Extensions\{} [2014-11-03] [ist nicht signiert]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-15] <==== ACHTUNG

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Google-Suche) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-16]
CHR Extension: (Skype Click to Call) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Google Mail) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1904368 2016-01-20] (Microsoft Corporation)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S4 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2012-06-22] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 UniversalCommunicationServer; C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe [90496 2013-05-02] (BERNINA International AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
R0 DiskSec; C:\Windows\system32\Drivers\DiskSec.sys [14208 2008-04-04] (MAGIX) [Datei ist nicht signiert]
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-20] (AVAST Software)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 SydexFDD; C:\Windows\system32\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows (R) 2000 DDK provider) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-20] (Avast Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Conny\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Conny\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S3 eapihdrv; \??\C:\Users\Conny\AppData\Local\Temp\ehdrv.sys [X]
S2 tmcomm; system32\DRIVERS\tmcomm.sys [X]
S2 wntpport; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-29 11:41 - 2016-02-29 11:41 - 00000000 ____D C:\Users\Conny\Documents\Add-in Express
2016-02-28 13:21 - 2016-02-28 13:21 - 00000000 ____D C:\Program Files\ESET
2016-02-27 12:19 - 2016-02-27 11:25 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-02-27 11:25 - 2016-02-27 12:29 - 00000000 ____D C:\zoek_backup
2016-02-26 22:58 - 2016-02-26 22:58 - 00000000 ____D C:\Users\Conny\Desktop\Joel
2016-02-25 12:37 - 2016-02-27 12:04 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Lavasoft
2016-02-25 12:37 - 2016-02-27 12:04 - 00000000 ____D C:\Users\Conny\AppData\Local\Lavasoft
2016-02-25 12:37 - 2016-02-27 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-02-25 12:37 - 2016-02-25 12:37 - 00002928 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2016-02-25 12:36 - 2016-02-27 12:05 - 00000000 ____D C:\ProgramData\Lavasoft
2016-02-25 12:36 - 2016-02-27 12:05 - 00000000 ____D C:\Program Files\Lavasoft
2016-02-25 12:36 - 2016-02-25 12:36 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2016-02-25 12:35 - 2016-02-25 12:36 - 00000000 ____D C:\Program Files\CrystalDiskInfo
2016-02-23 23:31 - 2016-03-02 11:54 - 00000000 ____D C:\Users\Conny\Desktop\Rafael
2016-02-23 22:59 - 2016-02-23 22:59 - 00008564 _____ C:\Protokoll Malwarebytes.txt
2016-02-23 17:21 - 2016-02-23 17:39 - 00216604 _____ C:\TDSSKiller.3.1.0.9_23.02.2016_17.21.27_log.txt
2016-02-23 13:57 - 2016-02-23 17:20 - 00215200 _____ C:\TDSSKiller.3.1.0.9_23.02.2016_13.57.11_log.txt
2016-02-23 10:08 - 2016-02-29 11:56 - 00000000 ____D C:\Users\Conny\Desktop\JW
2016-02-22 23:43 - 2016-02-22 23:43 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-02-22 23:39 - 2016-02-22 23:39 - 00000162 ____H C:\Users\Conny\Desktop\~$Dok8.odt
2016-02-20 14:24 - 2016-02-20 14:24 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-14 16:02 - 2016-02-14 16:02 - 00001298 _____ C:\Users\Public\Desktop\Watchtower Library 2015 - Deutsch.lnk
2016-02-14 16:02 - 2016-02-14 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2015
2016-02-12 20:01 - 2016-02-13 10:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-10 11:36 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 11:36 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 11:36 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 11:36 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 11:36 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 11:36 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 11:36 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:36 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 11:36 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 11:36 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 11:35 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 11:35 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:35 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 11:35 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:34 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 11:34 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 11:34 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 11:34 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 11:34 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 11:34 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 11:34 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 11:34 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 11:34 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 11:34 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 11:34 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 11:34 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 11:34 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:34 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:34 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 11:34 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 11:34 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 11:34 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 11:34 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:34 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 11:33 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 11:33 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 11:33 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 11:33 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 11:33 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:33 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 11:33 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 11:33 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:33 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 11:33 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 11:33 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:33 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 11:33 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:33 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 11:33 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 11:33 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 11:33 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 11:33 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 11:33 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 11:33 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 11:33 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 11:33 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:33 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 11:33 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 11:31 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 11:31 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:31 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 11:31 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 11:31 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-04 16:35 - 2016-02-04 16:35 - 00025888 _____ C:\Users\Conny\Kolloidales Silber.odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-02 19:58 - 2014-03-05 09:11 - 00000000 ____D C:\FRST
2016-03-02 19:48 - 2015-06-12 19:37 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job
2016-03-02 19:42 - 2011-01-10 22:01 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-02 19:18 - 2012-05-31 22:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-02 18:51 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-02 18:51 - 2009-07-14 05:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-02 12:00 - 2013-03-10 10:53 - 00000000 ___RD C:\Users\Conny\Dropbox
2016-03-02 12:00 - 2013-03-10 10:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Dropbox
2016-03-02 11:58 - 2011-01-10 22:01 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-02 11:58 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-02 11:46 - 2011-03-23 00:08 - 00000000 ____D C:\Users\Conny\AppData\LocalLow\Temp
2016-03-01 23:48 - 2015-06-12 19:37 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job
2016-02-27 09:27 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-27 00:13 - 2015-04-04 23:49 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-24 10:31 - 2015-01-15 12:04 - 00001912 _____ C:\Windows\epplauncher.mif
2016-02-24 10:30 - 2015-01-15 12:03 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-24 10:29 - 2015-01-15 12:02 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-23 23:37 - 2014-03-08 14:19 - 00000000 ____D C:\AdwCleaner
2016-02-23 22:49 - 2014-06-29 09:37 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-23 22:37 - 2014-06-29 09:37 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-23 22:37 - 2009-07-14 08:48 - 00000000 ____D C:\Windows\ShellNew
2016-02-23 21:45 - 2014-06-29 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-23 10:11 - 2015-09-16 20:20 - 00000000 ____D C:\Users\Conny\Desktop\Gute Vorträge
2016-02-23 10:10 - 2015-03-12 19:13 - 00000000 ____D C:\Users\Conny\Desktop\Handarbeit Stickdateien
2016-02-23 10:07 - 2011-01-10 22:04 - 00000000 ____D C:\Users\Conny
2016-02-23 09:54 - 2014-01-21 09:22 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 09:51 - 2014-01-21 09:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-23 09:25 - 2016-01-07 23:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-02-23 09:25 - 2012-10-17 16:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-23 00:26 - 2010-08-28 01:49 - 01595580 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-23 00:26 - 2010-05-12 14:13 - 00699884 _____ C:\Windows\system32\perfh007.dat
2016-02-23 00:26 - 2010-05-12 14:13 - 00149766 _____ C:\Windows\system32\perfc007.dat
2016-02-23 00:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-22 23:43 - 2011-09-22 18:54 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-20 15:24 - 2012-09-17 16:48 - 00002154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-14 16:07 - 2011-01-11 14:21 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Watchtower
2016-02-14 16:02 - 2011-08-18 21:03 - 00000000 ____D C:\Program Files\Watchtower
2016-02-13 11:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-02-11 17:41 - 2009-07-14 05:33 - 00386896 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 17:38 - 2014-12-11 12:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 17:38 - 2014-05-06 22:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-11 17:38 - 2009-07-14 08:49 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 23:41 - 2013-08-15 09:15 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 23:34 - 2010-08-30 17:47 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 18:18 - 2012-05-31 22:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-01 14:01 - 2011-01-10 22:36 - 00000000 ____D C:\Users\Conny\AppData\Roaming\SoftGrid Client

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2007-03-12 18:59 - 2007-03-12 18:59 - 0299008 _____ () C:\Program Files\navigram_register.exe
2013-03-16 09:27 - 2013-03-16 09:27 - 0000288 _____ () C:\Users\Conny\AppData\Roaming\.backup.dm
2014-09-30 11:46 - 2014-09-30 11:48 - 0000055 _____ () C:\Users\Conny\AppData\Roaming\My Profile.xml
2011-09-29 13:09 - 2011-10-04 14:29 - 0001188 _____ () C:\Users\Conny\AppData\Local\crc32list11.txt
2011-09-03 20:06 - 2015-11-08 15:39 - 0005120 _____ () C:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-03 11:37 - 2014-03-03 11:37 - 0001461 _____ () C:\Users\Conny\AppData\Local\recently-used.xbel
2011-03-17 17:55 - 2011-03-17 17:55 - 0000017 _____ () C:\Users\Conny\AppData\Local\resmon.resmoncfg
2011-01-11 22:23 - 2012-05-10 08:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-28 12:10

==================== Ende vom FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
durchgeführt von Conny (2016-03-02 19:59:14)
Gestartet von C:\Users\Conny\Desktop\Rafael
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2011-01-10 21:04:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-185569535-4180466776-3876511590-500 - Administrator - Disabled)
Conny (S-1-5-21-185569535-4180466776-3876511590-1000 - Administrator - Enabled) => C:\Users\Conny
Gast (S-1-5-21-185569535-4180466776-3876511590-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-185569535-4180466776-3876511590-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
BERNINA ARTlink 7 (HKLM\...\{CA812D88-2139-4107-97B5-1B2D2A1DD04D}) (Version: 18.0.94.7011 - BERNINA)
BERNINA ARTlink 7 (Version: 18.0.94.7011 - Wilcom) Hidden
BERNINA Universal Communication Server (HKLM\...\{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}) (Version: 1.27.70 - BERNINA)
Blackboard Collaborate Launcher (HKLM\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon iP3600 series Benutzerregistrierung (HKLM\...\Canon iP3600 series Benutzerregistrierung) (Version:  - )
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version:  - )
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.5.0.7 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller51278dcd0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52b3284a0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52d266760) (Version: 1.0.0.0 - Conexant Systems)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CrystalDiskInfo 6.7.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.7.5 - Crystal Dew World)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815a - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dropbox (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
easyFly 3 Starter Edition (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}) (Version: 3.0.1.11 - IPACS)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
e-Sword (HKLM\...\{8E436940-A944-4D67-A45B-1876E23BB9C0}) (Version: 9.08.0003 - Rick Meyers)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Lexware Info Service (HKLM\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
MAGIX Audio Cleaning Lab 16 deluxe (HKLM\...\mclab_16dlx) (Version: 16.0.0.0 - MAGIX AG)
MAGIX Audio Cleaning Lab 16 deluxe (Version: 16.0.0.0 - MAGIX AG) Hidden
MAGIX PC Check & Tuning 2010 5.0.22.687 (D) (HKLM\...\MAGIX PC Check & Tuning 2010 D) (Version: 5.0.22.687 - MAGIX AG)
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MEDION GoPal Assistant (HKLM\...\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}) (Version: 6.2.0.12196 - MEDION)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.5.1 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
my editor v5.00 (HKLM\...\{6B435248-5F4F-4CE9-A533-CB3D8D97A210}) (Version: 5.00.8505.2014 - Wings Systems Ltd.)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.2.1 - Nikon)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.3.0 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Profili 2 (HKLM\...\Profili 2) (Version:  - )
Quicken DELUXE 2014 (HKLM\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.32.00.0004 - Haufe-Lexware GmbH & Co.KG)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6136 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Schrankplaner (HKLM\...\{C92CE7AF-B104-4710-8F5C-9F833976D308}) (Version: 3.01.00 - schrankplaner.de)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sweet Home 3D version 3.1 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Video Grabber (HKLM\...\Uninstaller51278dcb0) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52b328480) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52d266740) (Version: 1.0.0.0 - Conexant Systems)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.2.1 - Nikon)
VoipStunt (HKLM\...\VoipStunt_is1) (Version: 4.09 build 661 - Finarea S.A. Switzerland)
Watchtower Library 2011 - Deutsch (HKLM\...\{8BE514E8-4486-4730-8B68-FA15EEDC942E}) (Version: 13.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - Deutsch (HKLM\...\{CFDF0961-77C7-4392-96EE-624DFE81C3C2}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - hrvatsko izdanje (HKLM\...\{56067BE8-31E8-4796-9EA2-164CDB5ACCF7}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2013 - Deutsch (HKLM\...\{61118DEB-78F1-4158-97ED-78A457550FE7}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2015 - Deutsch (HKLM\...\{AEB12380-3E2F-4A9F-B8DF-1BD7682DE663}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Wilcom TrueSizer e3.0 (HKLM\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Wilcom TrueSizer e3.0 (Version: 17.0.185.7427 - Wilcom) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2015 (HKLM\...\{F8738EA4-CE8F-4D4B-8478-6ADB18B165F4}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wuala (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Conny\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0694FA8A-71C8-4F5D-AACA-0D7E0EC23467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1146A79F-834C-4E3E-AE60-25376A2F0C32} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {508DFAA9-A4C7-43C0-B9EB-1CF6D6BF0159} - System32\Tasks\{AB34AA99-BADE-4F56-8BE7-B62F817BA872} => pcalua.exe -a "C:\Program Files\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {5962BB5D-E22C-48DF-8BFF-A58FEDFD8EDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {72660B4F-A773-4C60-8F36-EA5EBFD568E1} - \Start Registry Reviver -> Keine Datei <==== ACHTUNG
Task: {A56D78C3-8218-48CE-BCC6-F9BCD07BFEA9} - System32\Tasks\{D6C07A53-11F0-44F1-8FB2-A2B09B196048} => pcalua.exe -a C:\Users\Conny\Downloads\ADE_2.0_Installer.exe -d C:\Users\Conny\Downloads
Task: {BB1571C3-45D2-4BD6-AF06-4628247E13B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {C89EC6C7-F641-4831-AE2B-553A25EACD36} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {D00F2FB4-80F4-49C5-82E2-025ED397C0E7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {E5EE64D2-F42F-4C48-8D87-4AF66A1D44AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E9E1F514-54AB-4250-B4B6-4B5C81A5488B} - System32\Tasks\{1D3FF1F2-CC6B-4C77-A161-109C6F1A455A} => pcalua.exe -a C:\Users\Conny\AppData\Local\Temp\Temp1_profile_version_3206.zip\setup.exe
Task: {F92D8508-9933-4CF7-BB8F-6BECA4BE71AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software)
Task: {FC9A3894-3B7C-4BBF-B7D5-520290D33A13} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-20 20:00 - 2015-07-20 20:00 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-20 20:00 - 2015-07-20 20:00 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-01 20:29 - 2016-03-01 20:29 - 02836480 _____ () C:\Program Files\AVAST Software\Avast\defs\16030102\algo.dll
2016-03-02 11:59 - 2016-03-02 11:59 - 02836992 _____ () C:\Program Files\AVAST Software\Avast\defs\16030200\algo.dll
2014-03-19 10:54 - 2015-10-13 02:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2014-01-12 11:01 - 2012-06-22 09:29 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2015-07-20 20:00 - 2015-07-20 20:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-20 14:24 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00381752 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020816 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 01682760 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021840 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00038696 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021832 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-20 14:23 - 2016-02-16 19:39 - 00026456 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-20 14:24 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00117056 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00024392 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\librsync.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00023376 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-02-20 14:24 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00052024 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00021824 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00019776 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-20 14:23 - 2016-02-16 19:38 - 00020280 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-20 14:24 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00022352 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00084792 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-02-20 14:24 - 2016-02-16 19:39 - 01826096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-20 14:24 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\sip.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 03928880 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 01971504 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00531248 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00132912 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00223544 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00207672 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00158008 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00042808 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-20 14:24 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-20 14:24 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-02-20 14:24 - 2016-02-16 19:39 - 00024904 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00546096 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-02-20 14:24 - 2016-02-16 19:39 - 00357680 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-02-20 14:24 - 2016-01-12 19:52 - 00697304 _____ () C:\Users\Conny\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-02-11 19:08 - 2016-02-11 19:08 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\7dca33cfefb99e28847d01e4665f2214\IsdiInterop.ni.dll
2010-08-30 19:04 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2014-03-07 16:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B5BB3F09-3F28-4037-ADDF-ED0D9521AD3F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7E1E0E25-5811-48BA-8112-A999DE7DA7F1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5D17EE8E-2B60-4228-90AE-0DF6430EF885}] => (Allow) svchost.exe
FirewallRules: [{811CA0F5-D2BB-4A4D-BE17-4014C5E8BC67}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{1D853E59-2575-4067-9F21-DE76C38A37B7}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{30E69FC8-3BEF-4B3C-B402-933778084EAA}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{9E4248B8-B08B-4A20-9DBE-8BBD3F09CECC}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{4687042B-D555-4A1A-8039-1AD75E458545}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{961DDA7A-4319-4911-9776-A89874CE5335}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [{34DA1426-B63B-474F-8DEF-EB5235221BDD}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [TCP Query User{6B778748-C7B6-4A46-81D2-56ADEA63F1A7}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{FED1122E-4925-4558-BB06-142DCA1E502E}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{2605EEA3-C05C-459A-87D1-842F42681013}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{38E3F568-5839-4423-B7F7-825F441E9A3F}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{C1A531C8-1DCD-4DFA-82BE-CE5888CD32FD}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{7172C1E6-B85E-41BD-96A0-91C9CFA8119A}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{CE46AC23-B67F-4108-B551-AFF5D9782AD8}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{F877EC4A-9159-4A64-ABC7-2C95CD583B21}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{E73F7B8C-8D61-423F-92F6-41B4EE6DEAD8}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{3C609447-8057-4BCF-B11B-5FCA7ECC5A3C}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{39DCAE11-5CF4-4AC2-94EA-3595A667BBF9}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{B5B309C3-7463-4C30-AD15-7700AD51E9E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{796C015A-E095-4D97-8615-A51836C2BB2E}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{E533F68C-9F2E-4D27-B503-8603931A946A}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{69A98C7C-2D08-429A-BDD8-F97B185625D2}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FD8D8E36-1BB4-4BBB-AFB4-89635DFB6CE7}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{130F31E3-FF6C-4582-9B49-4194BAEB4B39}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{635854E1-9AB3-49FD-AD53-26ABE6288B52}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [TCP Query User{4957885E-9DC6-48AF-A709-0FD7610930C7}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{0CBAC78E-6FDF-485D-99DA-654A55EF276E}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [{692BDFF9-D89E-4F8D-95AE-221810CAE02F}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{2C43FFDD-B6BD-41A4-8BD6-AA2AB5E8ACAD}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{1C9A6C83-81BF-4563-BDCD-CC9BB4160B55}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{350386DF-4A82-427C-9962-B7EB9BD6D34E}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{91395ADC-2BDE-4B46-8494-9EB27A9F6BD5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C6E35A0B-6B7A-4247-B0D4-51F114611254}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D91B19E8-D1DB-4CCC-9FD6-8BDAFD9CF437}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{18E738B9-3F17-4BBA-9045-1E4375E39A6E}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{627658B7-DB21-4DE6-8548-530E847DBE8B}] => (Allow) C:\Users\Conny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{FA30B07B-7F14-4D50-92AF-EEFCA9D3D396}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FE75D3F4-E8D1-4CFB-933D-6209B76DFF6C}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{0A4EC1A1-3B46-45A0-9BF7-910C850A4A46}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [{A5BDF030-2E00-440F-8298-3EE9A52D72B3}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{0EA845AE-B769-468C-BC49-64CA7AF58BE5}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{C5E5ECF1-9DF5-4D24-8CD9-FB695F96D803}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{7134D83D-E8E8-4235-A798-2FE8D9DA33F4}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{7CB4C706-0C27-4B19-865D-815C72462270}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{E3B3F49D-318B-458B-9996-94602E7A3B4C}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{2CBE49FE-1280-4E63-84CD-6A6B240E6A94}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{8C617366-DC95-4B51-AC60-3619F4EE1DE5}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{8049D308-47AD-4656-B8E4-FF0389C5D98C}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{944C753C-8B4D-4193-8F20-0269D1175512}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{0E0A14D1-5FE6-4430-BCD0-DC3481E510DA}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{73FE0611-6B7C-44E0-A9F2-F78142FB7FC6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE19B7A7-4403-4BC4-8281-661A9265FB98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA0C48A7-A4EA-4EE4-9C93-1A05765AF979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8274CD7-8D0E-4CEB-A85D-7D2D260C6077}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{05DB99BC-CB68-457B-859C-9EC460476FA8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5E9E69BC-6EC8-4A84-BC79-6C6F7872BF2C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{EB4831F9-9BE1-44B9-AAEC-71C5B4077093}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B17B8E5F-4C83-4DD8-9665-A2B50F2029F2}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{200C6D82-A0ED-4E15-917B-F41277C0081E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8F33AE0D-E430-42CB-8C6B-71E0C3E0349F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DBDD8041-CAD2-4CBF-83FC-0D30AD8185AA}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{A32D8C8E-4BF5-4C68-8B07-959AE85FF082}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [{E4355044-8680-4492-A43A-904A15EEC2F5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{78AF9F1A-8246-4DC5-82AE-C4FC7F0EA340}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A6B220F1-D801-47D9-A621-2277B6B58787}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AF8BFD75-C3B3-4A57-A7EC-44C89A708810}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{67CF725E-AD3D-4CEE-9FA1-8BDD832B9CAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E6100A1A-0058-4987-8414-8D3338B3020D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

07-02-2016 12:18:38 Windows Update
07-02-2016 19:01:31 Windows-Sicherung
10-02-2016 23:26:36 Windows Update
14-02-2016 16:08:24 Windows Update
14-02-2016 19:00:25 Windows-Sicherung
17-02-2016 23:30:38 Windows Update
21-02-2016 13:34:06 Windows Update
21-02-2016 19:00:44 Windows-Sicherung
23-02-2016 00:21:22 Windows Update
24-02-2016 10:22:25 Windows Update
27-02-2016 00:12:45 Windows Update
27-02-2016 11:36:39 zoek.exe restore point
28-02-2016 19:01:12 Windows-Sicherung
01-03-2016 12:58:47 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/02/2016 02:58:26 PM) (Source: UniversalCommunicationServer) (EventID: 0) (User: )
Description: Universal Communication Server Terminating: True
reason: System.UnhandledExceptionEventArgs
Stack: TraceEnvironment.XTrace+AssertionFailedException: unexpected message length 4
  at TraceEnvironment.XTrace.Assert(Boolean aCondition, String aFormat, Object[] aObjects)
  at UniversalCommunicationServer.ServerConnection.stateConnectedOnServerDataReceived(evServerDataReceived aEvent)
  at UniversalCommunicationServer.ServerConnection.stateConnected.onServerDataReceived(evServerDataReceived aEvent)
  at UniversalCommunicationServer.ServerConnection.Consume(Object aEvent)
  at MultiThreading.Reactive.MainLoop()
  at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
  at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
  at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
  at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
  at System.Threading.ThreadHelper.ThreadStart()

Error: (03/02/2016 12:08:27 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (03/02/2016 11:58:27 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=F64}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 2460420A-40002EE2).

Error: (03/02/2016 11:58:27 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=F64}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 2460420A-40002EE2, ursprünglicher Rückgabecode 2460420A-40002EE2).

Error: (03/02/2016 11:20:16 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (03/02/2016 11:10:13 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=DF4}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (03/02/2016 11:10:13 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=DF4}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (03/01/2016 12:34:36 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (03/01/2016 12:24:39 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1280}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (03/01/2016 12:24:39 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1280}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).


Systemfehler:
=============
Error: (03/02/2016 02:58:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Universal Communication Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/02/2016 11:58:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/02/2016 11:58:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/02/2016 11:10:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/02/2016 11:10:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/01/2016 12:23:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Universal Communication Server" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/01/2016 12:23:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Universal Communication Server erreicht.

Error: (03/01/2016 12:23:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/01/2016 12:23:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/29/2016 10:28:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 2039.11 MB
Verfügbarer physikalischer RAM: 1034.65 MB
Summe virtueller Speicher: 4078.23 MB
Verfügbarer virtueller Speicher: 2265.47 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:1084.68 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:0.01 GB) NTFS
Drive e: (WTLIB15X) (CDROM) (Total:0.85 GB) (Free:0 GB) UDF
Drive f: (EX FESTPL 4) (Fixed) (Total:931.47 GB) (Free:857.48 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== Ende vom Addition.txt ============================

burningice 05.03.2016 15:01
Hat der Clean Boot eine Verbesserung gebracht?

Lilian-Rose 05.03.2016 20:16
Hallo Rafael,

ja, der Clean Boot hat eine Verbesserung gebracht, mein PC startet jetzt schneller.
Vielen Dank!

Was kann ich noch tun?

burningice 07.03.2016 00:05
Schritt: 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Conny\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
Task: {72660B4F-A773-4C60-8F36-EA5EBFD568E1} - \Start Registry Reviver -> Keine Datei <==== ACHTUNG
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=00033BB0&OHP=about%3Ablank&OSP=https%3A%2F%2Fde.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-15] <==== ACHTUNG
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll => Keine Datei
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Ich sehe bei dir keine wirkliche Malware mehr. Hast du eine "signifikante" Verbesserung zum Anfang bemerkt?

Außerdem würde ich WinZip deinstallieren.

Lilian-Rose 09.03.2016 21:34
Hallo Rafael,

danke für Dein Feedback!
Entschuldige, leider bin ich krank geworden,
darum verzögert sich meine Antwort.
Ich melde mich heute nochmal.

Hallo Rafael,

hab den Text in notepad kopiert, aber leider speichert es mir die Datei nicht ab...
woran kann das liegen? Liegt es daran, dass ich schon mal eine Fixlist und Fixlog.txt erstellt habe? Die hab ich immer noch gespeichert.

winzip kann ich auch nicht löschen... ich denke, ich kümmere mich morgen nochmal darum... bin heute irgendwie noch nicht fit...

Danke für Dein Verständnis :crazy:

burningice 11.03.2016 00:02
okay.

Lilian-Rose 16.04.2016 10:00
Hallo Rafael,

erstmal vielen herzlichen Dank für Deine Geduld und für Deine Hilfe!
Ich hab mich lange nicht mehr gemeldet, habs immer wieder geschoben...
Erst war ich krank und dann hatte ich so viel zu tun, dass mir die Zeit
gefehlt hat, mich intensiver mit meinem Problem auseinanderzusetzen...
Aktuell ist es so, dass sich alles wieder verschlechtert hat.
Ich bekomme jetzt Werbeeinblendungen und der Start dauert wieder so
lange, wie vorher. Können wir da weitermachen, wo wir aufgehört haben?

Ich grüße Dich,

Lilian

burningice 17.04.2016 04:31
hallo Lilian-Rose, schön dass du wieder gesund bist :)

Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Lilian-Rose 18.04.2016 11:40
Ich danke Dir! :dankeschoen:
:abklatsch: das ist wirklich sehr nett :knuddel:

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
durchgeführt von Conny (Administrator) auf CONNY-PC (18-04-2016 12:20:33)
Gestartet von C:\Users\Conny\Desktop\Rafael
Geladene Profile: Conny (Verfügbare Profile: Conny)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {3B713BCF-458F-4A2A-BAD2-9784208C169D} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=00033BB0&OHP=about%3Ablank&OSP=https%3A%2F%2Fde.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-03-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-09] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\gdrdarb7.default-1458668194718
FF Homepage: hxxp://www.jw.org/de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-04-12] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-15] <==== ACHTUNG

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Google-Suche) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-16]
CHR Extension: (Skype Click to Call) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Google Mail) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1916656 2016-02-09] (Microsoft Corporation)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S4 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
S4 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2012-06-22] ()
S4 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S4 UniversalCommunicationServer; C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe [90496 2013-05-02] (BERNINA International AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
R0 DiskSec; C:\Windows\system32\Drivers\DiskSec.sys [14208 2008-04-04] (MAGIX) [Datei ist nicht signiert]
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-20] (AVAST Software)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 SydexFDD; C:\Windows\system32\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows (R) 2000 DDK provider) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-20] (Avast Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Conny\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Conny\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S3 eapihdrv; \??\C:\Users\Conny\AppData\Local\Temp\ehdrv.sys [X]
S2 tmcomm; system32\DRIVERS\tmcomm.sys [X]
S2 wntpport; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-16 14:04 - 2016-04-16 14:04 - 00015262 _____ C:\Users\Conny\Documents\Nestchen.odt
2016-04-15 12:45 - 2016-04-15 12:45 - 00004838 _____ C:\Users\Conny\Desktop\Pfauenschwanzmuster.odt
2016-04-13 21:29 - 2016-04-04 19:54 - 00034024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 21:29 - 2016-04-04 19:42 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 21:29 - 2016-04-02 15:07 - 01218048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 21:29 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 21:29 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 21:29 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 21:29 - 2016-03-31 02:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 21:29 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 21:29 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 21:29 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-13 21:29 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-13 21:29 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-13 21:29 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 21:29 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 21:29 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-13 21:29 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 21:29 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 21:29 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-13 21:29 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 21:29 - 2016-03-31 01:45 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-13 21:29 - 2016-03-31 01:41 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 21:29 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 21:29 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 21:29 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-13 21:29 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-13 21:29 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 21:29 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 21:29 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 21:29 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-13 21:29 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 21:29 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 21:29 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 21:29 - 2016-03-31 01:23 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 21:29 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-13 21:29 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 21:29 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 21:29 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 21:29 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 21:29 - 2016-03-23 16:02 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 21:29 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-04-13 21:29 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 21:29 - 2016-03-18 00:36 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 21:29 - 2016-03-18 00:36 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 21:29 - 2016-03-18 00:33 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 21:29 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 21:29 - 2016-03-18 00:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 21:29 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 21:29 - 2016-03-17 23:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 21:29 - 2016-03-17 23:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 21:29 - 2016-03-17 23:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 21:29 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 21:29 - 2016-03-17 23:36 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 21:29 - 2016-03-17 23:35 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 21:29 - 2016-03-17 23:30 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 21:29 - 2016-03-17 23:30 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 21:29 - 2016-03-17 23:30 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 21:29 - 2016-03-17 23:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 21:29 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 21:29 - 2016-03-17 23:29 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 21:29 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-04-13 21:29 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 21:29 - 2016-02-02 20:48 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-13 21:27 - 2016-03-29 19:35 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 21:27 - 2016-03-16 01:53 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 21:27 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 21:27 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 21:27 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 21:27 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 21:27 - 2016-02-05 20:44 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-13 21:27 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-04-13 21:27 - 2016-01-21 02:51 - 00057280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 21:27 - 2015-06-03 22:22 - 00355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-04-13 20:55 - 2016-04-13 20:55 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-12 22:43 - 2016-04-12 22:43 - 00005307 _____ C:\Users\Conny\Desktop\Mein Liebes.odt
2016-04-05 18:02 - 2016-04-05 18:04 - 00009280 _____ C:\Users\Conny\Documents\Weight Watchers Formel.odt
2016-03-30 11:39 - 2016-03-30 12:03 - 00005112 _____ C:\Users\Conny\Desktop\Mütze für Aaron stricken.odt
2016-03-29 23:45 - 2016-03-29 23:45 - 00000000 _____ C:\Windows\system32\sho57CF.tmp
2016-03-29 00:14 - 2016-03-29 00:14 - 00008595 _____ C:\Users\Conny\Documents\50 g hellblaues Microfasergarn Lauflänge 133m.odt
2016-03-28 20:07 - 2016-03-28 20:09 - 00009634 _____ C:\Users\Conny\Desktop\Kuriertasche Fridolin.odt
2016-03-25 21:48 - 2016-03-25 21:48 - 00006297 _____ C:\Users\Conny\Desktop\Ulrike.odt
2016-03-25 21:20 - 2016-03-25 21:46 - 00006192 _____ C:\Users\Conny\Desktop\Trauernde trösten.odt
2016-03-22 19:36 - 2016-03-22 19:36 - 00000000 ____D C:\Users\Conny\Desktop\Alte Firefox-Daten
2016-03-21 13:00 - 2016-03-21 14:57 - 00189924 _____ C:\Users\Conny\Desktop\Ansprache eines bethelbruders.HMP
2016-03-21 13:00 - 2016-03-21 13:35 - 00830304 _____ C:\Users\Conny\Desktop\Ansprache eines bethelbruders.HM0

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-18 12:20 - 2014-03-05 10:11 - 00000000 ____D C:\FRST
2016-04-18 12:18 - 2012-05-31 23:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-18 11:48 - 2015-06-12 20:37 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job
2016-04-18 11:42 - 2011-01-10 23:01 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-18 11:19 - 2009-07-14 06:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-18 11:19 - 2009-07-14 06:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-18 11:08 - 2010-08-28 02:49 - 01622236 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-18 11:08 - 2010-05-12 15:13 - 00699884 _____ C:\Windows\system32\perfh007.dat
2016-04-18 11:08 - 2010-05-12 15:13 - 00149766 _____ C:\Windows\system32\perfc007.dat
2016-04-18 11:08 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-04-18 11:04 - 2011-01-10 23:01 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-18 11:04 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-17 23:48 - 2015-06-12 20:37 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job
2016-04-15 20:02 - 2016-02-24 00:31 - 00000000 ____D C:\Users\Conny\Desktop\Rafael
2016-04-15 14:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2016-04-14 17:45 - 2011-01-10 23:04 - 00000000 ____D C:\Users\Conny
2016-04-14 17:11 - 2013-12-16 16:35 - 00269824 ___SH C:\Users\Conny\Thumbs.db
2016-04-14 14:10 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-14 14:10 - 2009-07-14 06:33 - 00386896 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-14 14:05 - 2014-12-11 13:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-14 01:45 - 2010-08-30 18:46 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-14 00:45 - 2013-08-15 10:15 - 00000000 ____D C:\Windows\system32\MRT
2016-04-14 00:41 - 2010-08-30 18:47 - 132539272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-13 20:54 - 2013-03-10 11:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Dropbox
2016-04-13 19:55 - 2012-10-17 17:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-12 13:39 - 2016-02-12 21:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-11 21:44 - 2012-09-17 17:48 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-07 14:20 - 2016-01-08 00:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-04-05 13:34 - 2013-02-23 12:15 - 00000000 ____D C:\Users\Conny\Desktop\Handarbeit
2016-03-25 00:35 - 2015-04-05 00:49 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-24 23:49 - 2011-01-16 23:14 - 00000000 ____D C:\Users\Conny\Documents\MAGIX_Audio_Cleaning_Lab_16_deluxe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2007-03-12 19:59 - 2007-03-12 19:59 - 0299008 _____ () C:\Program Files\navigram_register.exe
2013-03-16 10:27 - 2013-03-16 10:27 - 0000288 _____ () C:\Users\Conny\AppData\Roaming\.backup.dm
2014-09-30 12:46 - 2014-09-30 12:48 - 0000055 _____ () C:\Users\Conny\AppData\Roaming\My Profile.xml
2011-09-29 14:09 - 2011-10-04 15:29 - 0001188 _____ () C:\Users\Conny\AppData\Local\crc32list11.txt
2011-09-03 21:06 - 2015-11-08 16:39 - 0005120 _____ () C:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-03 12:37 - 2014-03-03 12:37 - 0001461 _____ () C:\Users\Conny\AppData\Local\recently-used.xbel
2011-03-17 18:55 - 2011-03-17 18:55 - 0000017 _____ () C:\Users\Conny\AppData\Local\resmon.resmoncfg
2011-01-11 23:23 - 2012-05-10 09:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Einige Dateien in TEMP:
====================
C:\Users\Conny\AppData\Local\Temp\sqlite3.dll
C:\Users\Conny\AppData\Local\Temp\{B33FA7FF-FE49-446E-85DB-7F964DC21DCF}-DropboxClient_3.18.1.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-09 12:15

==================== Ende vom FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
durchgeführt von Conny (2016-04-18 12:22:07)
Gestartet von C:\Users\Conny\Desktop\Rafael
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2011-01-10 21:04:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-185569535-4180466776-3876511590-500 - Administrator - Disabled)
Conny (S-1-5-21-185569535-4180466776-3876511590-1000 - Administrator - Enabled) => C:\Users\Conny
Gast (S-1-5-21-185569535-4180466776-3876511590-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-185569535-4180466776-3876511590-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
BERNINA ARTlink 7 (HKLM\...\{CA812D88-2139-4107-97B5-1B2D2A1DD04D}) (Version: 18.0.94.7011 - BERNINA)
BERNINA ARTlink 7 (Version: 18.0.94.7011 - Wilcom) Hidden
BERNINA Universal Communication Server (HKLM\...\{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}) (Version: 1.27.70 - BERNINA)
Blackboard Collaborate Launcher (HKLM\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon iP3600 series Benutzerregistrierung (HKLM\...\Canon iP3600 series Benutzerregistrierung) (Version:  - )
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version:  - )
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.5.0.7 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller51278dcd0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52b3284a0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52d266760) (Version: 1.0.0.0 - Conexant Systems)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CrystalDiskInfo 6.7.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.7.5 - Crystal Dew World)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815a - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dropbox (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
easyFly 3 Starter Edition (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}) (Version: 3.0.1.11 - IPACS)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
e-Sword (HKLM\...\{8E436940-A944-4D67-A45B-1876E23BB9C0}) (Version: 9.08.0003 - Rick Meyers)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Lexware Info Service (HKLM\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
MAGIX Audio Cleaning Lab 16 deluxe (HKLM\...\mclab_16dlx) (Version: 16.0.0.0 - MAGIX AG)
MAGIX Audio Cleaning Lab 16 deluxe (Version: 16.0.0.0 - MAGIX AG) Hidden
MAGIX PC Check & Tuning 2010 5.0.22.687 (D) (HKLM\...\MAGIX PC Check & Tuning 2010 D) (Version: 5.0.22.687 - MAGIX AG)
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MEDION GoPal Assistant (HKLM\...\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}) (Version: 6.2.0.12196 - MEDION)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
my editor v5.00 (HKLM\...\{6B435248-5F4F-4CE9-A533-CB3D8D97A210}) (Version: 5.00.8505.2014 - Wings Systems Ltd.)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.2.1 - Nikon)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.3.0 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Profili 2 (HKLM\...\Profili 2) (Version:  - )
Quicken DELUXE 2014 (HKLM\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.32.00.0004 - Haufe-Lexware GmbH & Co.KG)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6136 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Schrankplaner (HKLM\...\{C92CE7AF-B104-4710-8F5C-9F833976D308}) (Version: 3.01.00 - schrankplaner.de)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sweet Home 3D version 3.1 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Video Grabber (HKLM\...\Uninstaller51278dcb0) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52b328480) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52d266740) (Version: 1.0.0.0 - Conexant Systems)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.2.1 - Nikon)
VoipStunt (HKLM\...\VoipStunt_is1) (Version: 4.09 build 661 - Finarea S.A. Switzerland)
Watchtower Library 2011 - Deutsch (HKLM\...\{8BE514E8-4486-4730-8B68-FA15EEDC942E}) (Version: 13.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - Deutsch (HKLM\...\{CFDF0961-77C7-4392-96EE-624DFE81C3C2}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - hrvatsko izdanje (HKLM\...\{56067BE8-31E8-4796-9EA2-164CDB5ACCF7}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2013 - Deutsch (HKLM\...\{61118DEB-78F1-4158-97ED-78A457550FE7}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2015 - Deutsch (HKLM\...\{AEB12380-3E2F-4A9F-B8DF-1BD7682DE663}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Wilcom TrueSizer e3.0 (HKLM\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Wilcom TrueSizer e3.0 (Version: 17.0.185.7427 - Wilcom) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2015 (HKLM\...\{F8738EA4-CE8F-4D4B-8478-6ADB18B165F4}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wuala (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Conny\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0694FA8A-71C8-4F5D-AACA-0D7E0EC23467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1146A79F-834C-4E3E-AE60-25376A2F0C32} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {21DB3636-75BC-410C-AA03-D1FE969F1E0C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {508DFAA9-A4C7-43C0-B9EB-1CF6D6BF0159} - System32\Tasks\{AB34AA99-BADE-4F56-8BE7-B62F817BA872} => pcalua.exe -a "C:\Program Files\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {5962BB5D-E22C-48DF-8BFF-A58FEDFD8EDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {72660B4F-A773-4C60-8F36-EA5EBFD568E1} - \Start Registry Reviver -> Keine Datei <==== ACHTUNG
Task: {A56D78C3-8218-48CE-BCC6-F9BCD07BFEA9} - System32\Tasks\{D6C07A53-11F0-44F1-8FB2-A2B09B196048} => pcalua.exe -a C:\Users\Conny\Downloads\ADE_2.0_Installer.exe -d C:\Users\Conny\Downloads
Task: {BB1571C3-45D2-4BD6-AF06-4628247E13B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {D00F2FB4-80F4-49C5-82E2-025ED397C0E7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {DB4FA09A-FBC5-4A27-864B-F1025B2B555C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {E5EE64D2-F42F-4C48-8D87-4AF66A1D44AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E9E1F514-54AB-4250-B4B6-4B5C81A5488B} - System32\Tasks\{1D3FF1F2-CC6B-4C77-A161-109C6F1A455A} => pcalua.exe -a C:\Users\Conny\AppData\Local\Temp\Temp1_profile_version_3206.zip\setup.exe
Task: {F92D8508-9933-4CF7-BB8F-6BECA4BE71AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-20 21:00 - 2015-07-20 21:00 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-20 21:00 - 2015-07-20 21:00 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-17 23:52 - 2016-04-17 23:52 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041701\algo.dll
2016-04-18 11:05 - 2016-04-18 11:05 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041800\algo.dll
2013-05-08 15:51 - 2013-05-08 15:51 - 00019056 _____ () C:\Program Files\Adobe\Reader 9.0\Reader\viewerps.dll
2014-03-19 11:54 - 2015-10-13 03:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2015-07-20 21:00 - 2015-07-20 21:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-01-04 08:52 - 2012-01-04 08:52 - 07581696 _____ () c:\program files\adobe\reader 9.0\reader\rdlang32.deu
2009-02-27 21:52 - 2009-02-27 21:52 - 00258048 _____ () C:\Program Files\Adobe\Reader 9.0\Reader\sqlite.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2014-03-07 17:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\Services: UniversalCommunicationServer => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Conny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Web Companion => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B5BB3F09-3F28-4037-ADDF-ED0D9521AD3F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7E1E0E25-5811-48BA-8112-A999DE7DA7F1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5D17EE8E-2B60-4228-90AE-0DF6430EF885}] => (Allow) svchost.exe
FirewallRules: [{811CA0F5-D2BB-4A4D-BE17-4014C5E8BC67}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{1D853E59-2575-4067-9F21-DE76C38A37B7}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{30E69FC8-3BEF-4B3C-B402-933778084EAA}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{9E4248B8-B08B-4A20-9DBE-8BBD3F09CECC}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{4687042B-D555-4A1A-8039-1AD75E458545}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{961DDA7A-4319-4911-9776-A89874CE5335}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [{34DA1426-B63B-474F-8DEF-EB5235221BDD}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [TCP Query User{6B778748-C7B6-4A46-81D2-56ADEA63F1A7}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{FED1122E-4925-4558-BB06-142DCA1E502E}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{2605EEA3-C05C-459A-87D1-842F42681013}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{38E3F568-5839-4423-B7F7-825F441E9A3F}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{C1A531C8-1DCD-4DFA-82BE-CE5888CD32FD}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{7172C1E6-B85E-41BD-96A0-91C9CFA8119A}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{CE46AC23-B67F-4108-B551-AFF5D9782AD8}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{F877EC4A-9159-4A64-ABC7-2C95CD583B21}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{E73F7B8C-8D61-423F-92F6-41B4EE6DEAD8}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{3C609447-8057-4BCF-B11B-5FCA7ECC5A3C}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{39DCAE11-5CF4-4AC2-94EA-3595A667BBF9}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{B5B309C3-7463-4C30-AD15-7700AD51E9E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{796C015A-E095-4D97-8615-A51836C2BB2E}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{E533F68C-9F2E-4D27-B503-8603931A946A}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{69A98C7C-2D08-429A-BDD8-F97B185625D2}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FD8D8E36-1BB4-4BBB-AFB4-89635DFB6CE7}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{130F31E3-FF6C-4582-9B49-4194BAEB4B39}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{635854E1-9AB3-49FD-AD53-26ABE6288B52}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [TCP Query User{4957885E-9DC6-48AF-A709-0FD7610930C7}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{0CBAC78E-6FDF-485D-99DA-654A55EF276E}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [{692BDFF9-D89E-4F8D-95AE-221810CAE02F}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{2C43FFDD-B6BD-41A4-8BD6-AA2AB5E8ACAD}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{1C9A6C83-81BF-4563-BDCD-CC9BB4160B55}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{350386DF-4A82-427C-9962-B7EB9BD6D34E}] => (Allow) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{91395ADC-2BDE-4B46-8494-9EB27A9F6BD5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C6E35A0B-6B7A-4247-B0D4-51F114611254}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D91B19E8-D1DB-4CCC-9FD6-8BDAFD9CF437}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{18E738B9-3F17-4BBA-9045-1E4375E39A6E}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{627658B7-DB21-4DE6-8548-530E847DBE8B}] => (Allow) C:\Users\Conny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{FA30B07B-7F14-4D50-92AF-EEFCA9D3D396}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FE75D3F4-E8D1-4CFB-933D-6209B76DFF6C}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{0A4EC1A1-3B46-45A0-9BF7-910C850A4A46}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [{A5BDF030-2E00-440F-8298-3EE9A52D72B3}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{0EA845AE-B769-468C-BC49-64CA7AF58BE5}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{C5E5ECF1-9DF5-4D24-8CD9-FB695F96D803}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{7134D83D-E8E8-4235-A798-2FE8D9DA33F4}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{7CB4C706-0C27-4B19-865D-815C72462270}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{E3B3F49D-318B-458B-9996-94602E7A3B4C}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{2CBE49FE-1280-4E63-84CD-6A6B240E6A94}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{8C617366-DC95-4B51-AC60-3619F4EE1DE5}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{8049D308-47AD-4656-B8E4-FF0389C5D98C}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{944C753C-8B4D-4193-8F20-0269D1175512}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{0E0A14D1-5FE6-4430-BCD0-DC3481E510DA}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{73FE0611-6B7C-44E0-A9F2-F78142FB7FC6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE19B7A7-4403-4BC4-8281-661A9265FB98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA0C48A7-A4EA-4EE4-9C93-1A05765AF979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8274CD7-8D0E-4CEB-A85D-7D2D260C6077}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{05DB99BC-CB68-457B-859C-9EC460476FA8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5E9E69BC-6EC8-4A84-BC79-6C6F7872BF2C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{EB4831F9-9BE1-44B9-AAEC-71C5B4077093}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B17B8E5F-4C83-4DD8-9665-A2B50F2029F2}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{200C6D82-A0ED-4E15-917B-F41277C0081E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8F33AE0D-E430-42CB-8C6B-71E0C3E0349F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DBDD8041-CAD2-4CBF-83FC-0D30AD8185AA}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{A32D8C8E-4BF5-4C68-8B07-959AE85FF082}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [{E4355044-8680-4492-A43A-904A15EEC2F5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{78AF9F1A-8246-4DC5-82AE-C4FC7F0EA340}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A6B220F1-D801-47D9-A621-2277B6B58787}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AF8BFD75-C3B3-4A57-A7EC-44C89A708810}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{67CF725E-AD3D-4CEE-9FA1-8BDD832B9CAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8F61C0B2-0B6D-42E3-9CBD-CE7132C7B29E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

09-03-2016 01:51:41 Windows Update
12-03-2016 10:38:38 Windows Update
13-03-2016 20:01:02 Windows-Sicherung
16-03-2016 19:30:51 Windows Update
20-03-2016 18:21:28 Windows Update
20-03-2016 20:02:56 Windows-Sicherung
25-03-2016 00:33:47 Windows Update
27-03-2016 19:01:13 Windows-Sicherung
28-03-2016 16:04:44 Windows Update
31-03-2016 17:03:40 Windows Update
03-04-2016 22:45:42 Windows Update
04-04-2016 21:44:47 Windows-Sicherung
07-04-2016 14:32:25 Windows Update
11-04-2016 20:55:56 Windows Update
12-04-2016 12:22:26 Windows-Sicherung
14-04-2016 00:37:07 Windows Update
17-04-2016 20:00:28 Windows Update
17-04-2016 20:03:24 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/18/2016 11:14:12 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (04/18/2016 11:04:12 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=E14}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (04/18/2016 11:04:12 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=E14}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (04/17/2016 08:11:14 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"

Error: (04/17/2016 07:59:23 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (04/17/2016 07:49:41 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=ED8}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (04/17/2016 07:49:41 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=ED8}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (04/16/2016 10:59:23 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (04/16/2016 10:49:27 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=F4C}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (04/16/2016 10:49:27 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=F4C}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).


Systemfehler:
=============
Error: (04/18/2016 11:04:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/18/2016 11:04:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/17/2016 07:49:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/17/2016 07:49:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/16/2016 10:49:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/16/2016 10:49:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/15/2016 08:50:28 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (04/15/2016 07:50:55 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (04/15/2016 11:24:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/15/2016 11:24:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 2039.11 MB
Verfügbarer physikalischer RAM: 866.64 MB
Summe virtueller Speicher: 4078.23 MB
Verfügbarer virtueller Speicher: 2462.24 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:1077.23 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:0.01 GB) NTFS
Drive f: (EX FESTPL 4) (Fixed) (Total:931.47 GB) (Free:850.99 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== Ende vom Addition.txt ============================

burningice 19.04.2016 00:16
Mehrere Anti-Virus-Programme

Code:
Avast
Microsoft Security Essentials
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über die Systemsteuerung => Software.

Zitat:
Speedy hat letztens eine einleuchtende Erklärung dazu geliefert: "Man stelle sich einen Torwart vor, der das Tor hüten soll (Anti-Virus-Programm), der Ball kommt angeflogen (Virus), der Torhüter konzentriert sich auf den Ball und fängt ihn. Jetzt stelle Dir zwei Torhüter im Tor vor ...., die knallen aneinander und der Ball kann ungehindert ins Tor wandern."
Meine Empfehlung ist, Avast zu deinstallieren.

Schritt 1
Lade dir folgendes Programm herunter und installiere es: http://filepony.de/icon/tiny/malware...ti_malware.png Malwarebytes Anti-Malware Hier findest du dazu eine bebilderte Anleitung
  • Klicke auf die Einstellungen / Erkennung und Schutz und setze dabei den Haken bei "Nach Rootkits suchen"
  • Klicke im Anschluss auf Durchsuchen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlaufprotokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von AdwCleaner
  • Logfile von Malwarebytes
  • Frst.txt
  • Addition.txt

Lilian-Rose 20.04.2016 19:48
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 20.04.2016
Suchlaufzeit: 19:04
Protokolldatei: Suchlaufprotokoll.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.04.20.05
Rootkit-Datenbank: v2016.04.17.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Conny

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 344729
Abgelaufene Zeit: 27 Min., 18 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
AdwCleaner Logfile:
Code:
# AdwCleaner v5.036 - Bericht erstellt am 23/02/2016 um 23:12:13
# Aktualisiert am 22/02/2016 von Xplode
# Datenbank : 2016-02-22.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Conny - CONNY-PC
# Gestartet von : C:\Users\Conny\Desktop\AdwCleaner_5.036.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\B7E8588600015AD1000AA4B1B4EB23C1
[-] Ordner Gelöscht : C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[-] Ordner Gelöscht : C:\Users\Conny\AppData\Roaming\Yahoo!\Companion

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Conny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[-] Datei Gelöscht : C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\searchplugins\avira-safesearch.xml
[-] Datei Gelöscht : C:\Windows\system32\ComputerUpdaterLM.ocx
[-] Datei Gelöscht : C:\Windows\system32\CUUpdateComponent.ocx

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-] Schlüssel Gelöscht : HKCU\Software\APN
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\APN
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\W3I
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskToolbar
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\IM
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\ImInstaller
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF

***** [ Internetbrowser ] *****

[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("avira.safe_search.search_was_active", "false");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.APN_TB.first-previous-keyword-url", "");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 23534281);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.Visibility", false);
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"147aa8ef1dd27a-02501569dbfe9b8-7f6f1635-0-147aa8ef1de2d6\"");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_expires_at", "1417463476");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"d9a19b88a03ae58da8155f6560233994b8b999e3\"");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_userid", "4227604842");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.SAUTH_utoken", "\"41e3be185ef56ab36bc1370e5b51421866ddbd9d\"");
[-] [C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\7eu8aj4x.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.install", "1407315800547");
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.snap.do_
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : feed.snap.do
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.snap.do
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=f96bdea8-0d1c-43b5-bfc4-62d7f6d6a2b0&searchtype=ds&q={searchTerms}&installDate=01/01/1970
[-] [C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : bopakagnckmlgajfccecajhnimjiiedh

*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [11829 Bytes] - [23/02/2016 23:12:13]
C:\AdwCleaner\AdwCleaner[R0].txt - [45589 Bytes] - [08/03/2014 14:19:09]
C:\AdwCleaner\AdwCleaner[R1].txt - [1491 Bytes] - [12/03/2014 23:11:37]
C:\AdwCleaner\AdwCleaner[R2].txt - [1174 Bytes] - [12/03/2014 23:19:24]
C:\AdwCleaner\AdwCleaner[R3].txt - [1607 Bytes] - [14/03/2014 11:30:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [43275 Bytes] - [08/03/2014 14:28:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [13458 Bytes] - [12/03/2014 23:16:13]
C:\AdwCleaner\AdwCleaner[S2].txt - [1236 Bytes] - [12/03/2014 23:21:11]
C:\AdwCleaner\AdwCleaner[S3].txt - [1668 Bytes] - [14/03/2014 11:34:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12490 Bytes] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v5.112 - Bericht erstellt am 20/04/2016 um 20:24:38
# Aktualisiert am 17/04/2016 von Xplode
# Datenbank : 2016-04-19.5 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X86)
# Benutzername : Conny - CONNY-PC
# Gestartet von : C:\Users\Conny\Desktop\AdwCleaner_5.112.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\lavasoft\web companion
[#] Ordner gelöscht : C:\ProgramData\Application Data\lavasoft\web companion
[-] Ordner gelöscht : C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\gdrdarb7.default-1458668194718\PConverter_dz
[-] Ordner gelöscht : C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\gdrdarb7.default-1458668194718\extensions\_dzMembers_@www.pconverter.com

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Windows\system32\lavasofttcpservice.dll
[-] Datei gelöscht : C:\Windows\system32\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Schlüssel gelöscht : HKCU\Software\Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-185569535-4180466776-3876511590-1000\Software\IM
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-185569535-4180466776-3876511590-1000\Software\MyAshampoo\toolbar
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-185569535-4180466776-3876511590-1000\Software\WNLT
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1C9A6C83-81BF-4563-BDCD-CC9BB4160B55}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{350386DF-4A82-427C-9962-B7EB9BD6D34E}]
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Web Companion

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [16815 Bytes] - [24/02/2016 00:12:13]
C:\AdwCleaner\AdwCleaner[C2].txt - [1706 Bytes] - [24/02/2016 00:29:00]
C:\AdwCleaner\AdwCleaner[C2]zweiter Lauf.txt - [1709 Bytes] - [24/02/2016 00:37:00]
C:\AdwCleaner\AdwCleaner[R0].txt - [45589 Bytes] - [08/03/2014 15:19:09]
C:\AdwCleaner\AdwCleaner[R1].txt - [1491 Bytes] - [13/03/2014 00:11:37]
C:\AdwCleaner\AdwCleaner[R2].txt - [1174 Bytes] - [13/03/2014 00:19:24]
C:\AdwCleaner\AdwCleaner[R3].txt - [1607 Bytes] - [14/03/2014 12:30:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [43275 Bytes] - [08/03/2014 15:28:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [17888 Bytes] - [13/03/2014 00:16:13]
C:\AdwCleaner\AdwCleaner[S2].txt - [7371 Bytes] - [13/03/2014 00:21:11]
C:\AdwCleaner\AdwCleaner[S3].txt - [6395 Bytes] - [14/03/2014 12:34:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [17634 Bytes] ##########
--- --- ---

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
durchgeführt von Conny (Administrator) auf CONNY-PC (20-04-2016 20:34:59)
Gestartet von C:\Users\Conny\Desktop\Rafael
Geladene Profile: Conny (Verfügbare Profile: Conny)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390608 2016-04-19] (AVAST Software)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-04-19] (AVAST Software)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {3B713BCF-458F-4A2A-BAD2-9784208C169D} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=00033BB0&OHP=about%3Ablank&OSP=https%3A%2F%2Fde.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-19] (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-03-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-09] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\gdrdarb7.default-1458668194718
FF Homepage: hxxp://www.jw.org/de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-04-12] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-19]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-19]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-15] <==== ACHTUNG

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Google-Suche) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-16]
CHR Extension: (Skype Click to Call) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Google Mail) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-19]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-19] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4422704 2016-04-19] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1917680 2016-03-08] (Microsoft Corporation)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S4 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
S4 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2012-06-22] ()
S4 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S4 UniversalCommunicationServer; C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe [90496 2013-05-02] (BERNINA International AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-04-19] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-04-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-04-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-04-19] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-04-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [815792 2016-04-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449640 2016-04-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [124808 2016-04-19] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221368 2016-04-19] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
R0 DiskSec; C:\Windows\system32\Drivers\DiskSec.sys [14208 2008-04-04] (MAGIX) [Datei ist nicht signiert]
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [136432 2016-04-19] (AVAST Software)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 SydexFDD; C:\Windows\system32\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows (R) 2000 DDK provider) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [262984 2016-04-19] (Avast Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Conny\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Conny\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S3 eapihdrv; \??\C:\Users\Conny\AppData\Local\Temp\ehdrv.sys [X]
S2 tmcomm; system32\DRIVERS\tmcomm.sys [X]
S2 wntpport; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-20 20:14 - 2016-04-20 20:14 - 03683904 _____ C:\Users\Conny\Desktop\AdwCleaner_5.112.exe
2016-04-20 20:07 - 2016-04-20 20:07 - 00001218 _____ C:\Users\Conny\Desktop\mbam.txt
2016-04-20 19:22 - 2016-04-20 19:23 - 00000000 ____D C:\Windows\system32\vbox
2016-04-20 19:01 - 2016-04-20 19:01 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-20 18:56 - 2016-04-20 18:57 - 22851472 _____ (Malwarebytes ) C:\Users\Conny\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-19 19:01 - 2016-04-19 19:01 - 00001122 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-04-19 19:01 - 2016-04-19 19:01 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-19 18:57 - 2016-04-19 18:55 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-04-19 18:56 - 2016-04-19 18:56 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-04-19 18:56 - 2016-04-19 18:56 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-04-16 14:04 - 2016-04-16 14:04 - 00015262 _____ C:\Users\Conny\Documents\Nestchen.odt
2016-04-15 12:45 - 2016-04-15 12:45 - 00004838 _____ C:\Users\Conny\Desktop\Pfauenschwanzmuster.odt
2016-04-13 21:29 - 2016-04-04 19:54 - 00034024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 21:29 - 2016-04-04 19:42 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 21:29 - 2016-04-02 15:07 - 01218048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 21:29 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 21:29 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 21:29 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 21:29 - 2016-03-31 02:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 21:29 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 21:29 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 21:29 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-13 21:29 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-13 21:29 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-13 21:29 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 21:29 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 21:29 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-13 21:29 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 21:29 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 21:29 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-13 21:29 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 21:29 - 2016-03-31 01:45 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-13 21:29 - 2016-03-31 01:41 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 21:29 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 21:29 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 21:29 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-13 21:29 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-13 21:29 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 21:29 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 21:29 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 21:29 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-13 21:29 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 21:29 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 21:29 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 21:29 - 2016-03-31 01:23 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 21:29 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-13 21:29 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 21:29 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 21:29 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 21:29 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 21:29 - 2016-03-23 16:02 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 21:29 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-04-13 21:29 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 21:29 - 2016-03-18 00:36 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 21:29 - 2016-03-18 00:36 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 21:29 - 2016-03-18 00:33 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 21:29 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 21:29 - 2016-03-18 00:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 21:29 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 21:29 - 2016-03-17 23:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 21:29 - 2016-03-17 23:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 21:29 - 2016-03-17 23:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 21:29 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 21:29 - 2016-03-17 23:36 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 21:29 - 2016-03-17 23:35 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 21:29 - 2016-03-17 23:30 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 21:29 - 2016-03-17 23:30 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 21:29 - 2016-03-17 23:30 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 21:29 - 2016-03-17 23:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 21:29 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 21:29 - 2016-03-17 23:29 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 21:29 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-04-13 21:29 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 21:29 - 2016-02-02 20:48 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-13 21:27 - 2016-03-29 19:35 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 21:27 - 2016-03-16 01:53 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 21:27 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 21:27 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 21:27 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 21:27 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 21:27 - 2016-02-05 20:44 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-13 21:27 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-04-13 21:27 - 2016-01-21 02:51 - 00057280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 21:27 - 2015-06-03 22:22 - 00355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-04-13 20:55 - 2016-04-13 20:55 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-12 22:43 - 2016-04-12 22:43 - 00005307 _____ C:\Users\Conny\Desktop\Mein Liebes.odt
2016-04-05 18:02 - 2016-04-05 18:04 - 00009280 _____ C:\Users\Conny\Documents\Weight Watchers Formel.odt
2016-03-30 11:39 - 2016-03-30 12:03 - 00005112 _____ C:\Users\Conny\Desktop\Mütze für Aaron stricken.odt
2016-03-29 23:45 - 2016-03-29 23:45 - 00000000 _____ C:\Windows\system32\sho57CF.tmp
2016-03-29 00:14 - 2016-03-29 00:14 - 00008595 _____ C:\Users\Conny\Documents\50 g hellblaues Microfasergarn Lauflänge 133m.odt
2016-03-28 20:07 - 2016-03-28 20:09 - 00009634 _____ C:\Users\Conny\Desktop\Kuriertasche Fridolin.odt
2016-03-25 21:48 - 2016-03-25 21:48 - 00006297 _____ C:\Users\Conny\Desktop\Ulrike.odt
2016-03-25 21:20 - 2016-03-25 21:46 - 00006192 _____ C:\Users\Conny\Desktop\Trauernde trösten.odt
2016-03-22 19:36 - 2016-03-22 19:36 - 00000000 ____D C:\Users\Conny\Desktop\Alte Firefox-Daten
2016-03-21 13:00 - 2016-03-21 14:57 - 00189924 _____ C:\Users\Conny\Desktop\Ansprache eines bethelbruders.HMP
2016-03-21 13:00 - 2016-03-21 13:35 - 00830304 _____ C:\Users\Conny\Desktop\Ansprache eines bethelbruders.HM0

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-20 20:34 - 2014-03-05 10:11 - 00000000 ____D C:\FRST
2016-04-20 20:27 - 2011-01-10 23:01 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-20 20:26 - 2014-06-29 10:37 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-04-20 20:26 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-20 20:24 - 2016-02-25 13:36 - 00000000 ____D C:\ProgramData\Lavasoft
2016-04-20 20:18 - 2014-03-08 15:19 - 00000000 ____D C:\AdwCleaner
2016-04-20 20:18 - 2012-05-31 23:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-20 19:48 - 2015-06-12 20:37 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job
2016-04-20 19:42 - 2011-01-10 23:01 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-20 19:04 - 2014-06-29 10:37 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-20 19:01 - 2014-06-29 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-20 18:02 - 2009-07-14 06:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-20 18:02 - 2009-07-14 06:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-20 17:46 - 2010-08-28 02:49 - 01622236 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-20 17:46 - 2010-05-12 15:13 - 00699884 _____ C:\Windows\system32\perfh007.dat
2016-04-20 17:46 - 2010-05-12 15:13 - 00149766 _____ C:\Windows\system32\perfc007.dat
2016-04-20 17:46 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-04-19 18:57 - 2014-11-29 11:26 - 00221368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-04-19 18:56 - 2014-11-29 12:38 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-04-19 18:56 - 2014-11-29 11:26 - 00449640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-04-19 18:56 - 2014-11-29 11:26 - 00124808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-04-19 18:56 - 2014-11-29 11:26 - 00091232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-04-19 18:56 - 2014-11-29 11:26 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-04-19 18:56 - 2014-11-29 11:26 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-04-19 18:56 - 2014-11-29 11:25 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-19 18:55 - 2015-07-20 21:02 - 00136432 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2016-04-19 18:55 - 2014-11-29 11:26 - 00815792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-04-19 18:55 - 2014-11-29 11:25 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-19 17:11 - 2014-01-21 10:22 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-19 17:09 - 2014-01-21 10:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-18 23:48 - 2015-06-12 20:37 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job
2016-04-18 14:28 - 2013-02-23 12:15 - 00000000 ____D C:\Users\Conny\Desktop\Handarbeit
2016-04-15 20:02 - 2016-02-24 00:31 - 00000000 ____D C:\Users\Conny\Desktop\Rafael
2016-04-15 14:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2016-04-14 17:45 - 2011-01-10 23:04 - 00000000 ____D C:\Users\Conny
2016-04-14 17:11 - 2013-12-16 16:35 - 00269824 ___SH C:\Users\Conny\Thumbs.db
2016-04-14 14:10 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-14 14:10 - 2009-07-14 06:33 - 00386896 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-14 14:05 - 2014-12-11 13:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-14 01:45 - 2010-08-30 18:46 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-14 00:45 - 2013-08-15 10:15 - 00000000 ____D C:\Windows\system32\MRT
2016-04-14 00:41 - 2010-08-30 18:47 - 132539272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-13 20:54 - 2013-03-10 11:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Dropbox
2016-04-13 19:55 - 2012-10-17 17:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-12 13:39 - 2016-02-12 21:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-11 21:44 - 2012-09-17 17:48 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-07 14:20 - 2016-01-08 00:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-03-25 00:35 - 2015-04-05 00:49 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-24 23:49 - 2011-01-16 23:14 - 00000000 ____D C:\Users\Conny\Documents\MAGIX_Audio_Cleaning_Lab_16_deluxe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2007-03-12 19:59 - 2007-03-12 19:59 - 0299008 _____ () C:\Program Files\navigram_register.exe
2013-03-16 10:27 - 2013-03-16 10:27 - 0000288 _____ () C:\Users\Conny\AppData\Roaming\.backup.dm
2014-09-30 12:46 - 2014-09-30 12:48 - 0000055 _____ () C:\Users\Conny\AppData\Roaming\My Profile.xml
2011-09-29 14:09 - 2011-10-04 15:29 - 0001188 _____ () C:\Users\Conny\AppData\Local\crc32list11.txt
2011-09-03 21:06 - 2015-11-08 16:39 - 0005120 _____ () C:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-03 12:37 - 2014-03-03 12:37 - 0001461 _____ () C:\Users\Conny\AppData\Local\recently-used.xbel
2011-03-17 18:55 - 2011-03-17 18:55 - 0000017 _____ () C:\Users\Conny\AppData\Local\resmon.resmoncfg
2011-01-11 23:23 - 2012-05-10 09:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Einige Dateien in TEMP:
====================
C:\Users\Conny\AppData\Local\Temp\{B33FA7FF-FE49-446E-85DB-7F964DC21DCF}-DropboxClient_3.18.1.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-18 13:00

==================== Ende vom FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
durchgeführt von Conny (2016-04-20 20:36:59)
Gestartet von C:\Users\Conny\Desktop\Rafael
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2011-01-10 21:04:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-185569535-4180466776-3876511590-500 - Administrator - Disabled)
Conny (S-1-5-21-185569535-4180466776-3876511590-1000 - Administrator - Enabled) => C:\Users\Conny
Gast (S-1-5-21-185569535-4180466776-3876511590-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-185569535-4180466776-3876511590-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 11.2.2261 - AVAST Software)
BERNINA ARTlink 7 (HKLM\...\{CA812D88-2139-4107-97B5-1B2D2A1DD04D}) (Version: 18.0.94.7011 - BERNINA)
BERNINA ARTlink 7 (Version: 18.0.94.7011 - Wilcom) Hidden
BERNINA Universal Communication Server (HKLM\...\{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}) (Version: 1.27.70 - BERNINA)
Blackboard Collaborate Launcher (HKLM\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon iP3600 series Benutzerregistrierung (HKLM\...\Canon iP3600 series Benutzerregistrierung) (Version:  - )
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version:  - )
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.5.0.7 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller51278dcd0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52b3284a0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52d266760) (Version: 1.0.0.0 - Conexant Systems)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CrystalDiskInfo 6.7.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.7.5 - Crystal Dew World)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815a - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dropbox (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
easyFly 3 Starter Edition (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}) (Version: 3.0.1.11 - IPACS)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
e-Sword (HKLM\...\{8E436940-A944-4D67-A45B-1876E23BB9C0}) (Version: 9.08.0003 - Rick Meyers)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Lexware Info Service (HKLM\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
MAGIX Audio Cleaning Lab 16 deluxe (HKLM\...\mclab_16dlx) (Version: 16.0.0.0 - MAGIX AG)
MAGIX Audio Cleaning Lab 16 deluxe (Version: 16.0.0.0 - MAGIX AG) Hidden
MAGIX PC Check & Tuning 2010 5.0.22.687 (D) (HKLM\...\MAGIX PC Check & Tuning 2010 D) (Version: 5.0.22.687 - MAGIX AG)
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEDION GoPal Assistant (HKLM\...\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}) (Version: 6.2.0.12196 - MEDION)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4815.1001 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
my editor v5.00 (HKLM\...\{6B435248-5F4F-4CE9-A533-CB3D8D97A210}) (Version: 5.00.8505.2014 - Wings Systems Ltd.)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.2.1 - Nikon)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.3.0 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Profili 2 (HKLM\...\Profili 2) (Version:  - )
Quicken DELUXE 2014 (HKLM\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.32.00.0004 - Haufe-Lexware GmbH & Co.KG)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6136 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
SafeZone Stable 1.48.2066.98 (Version: 1.48.2066.98 - Avast Software) Hidden
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Schrankplaner (HKLM\...\{C92CE7AF-B104-4710-8F5C-9F833976D308}) (Version: 3.01.00 - schrankplaner.de)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sweet Home 3D version 3.1 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Video Grabber (HKLM\...\Uninstaller51278dcb0) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52b328480) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52d266740) (Version: 1.0.0.0 - Conexant Systems)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.2.1 - Nikon)
VoipStunt (HKLM\...\VoipStunt_is1) (Version: 4.09 build 661 - Finarea S.A. Switzerland)
Watchtower Library 2011 - Deutsch (HKLM\...\{8BE514E8-4486-4730-8B68-FA15EEDC942E}) (Version: 13.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - Deutsch (HKLM\...\{CFDF0961-77C7-4392-96EE-624DFE81C3C2}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - hrvatsko izdanje (HKLM\...\{56067BE8-31E8-4796-9EA2-164CDB5ACCF7}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2013 - Deutsch (HKLM\...\{61118DEB-78F1-4158-97ED-78A457550FE7}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2015 - Deutsch (HKLM\...\{AEB12380-3E2F-4A9F-B8DF-1BD7682DE663}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Wilcom TrueSizer e3.0 (HKLM\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Wilcom TrueSizer e3.0 (Version: 17.0.185.7427 - Wilcom) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2015 (HKLM\...\{F8738EA4-CE8F-4D4B-8478-6ADB18B165F4}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wuala (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Conny\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0566F4FA-CF4E-4C46-997E-318EF28A44E0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {0694FA8A-71C8-4F5D-AACA-0D7E0EC23467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1146A79F-834C-4E3E-AE60-25376A2F0C32} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {2FA8CCB7-D2C4-425F-B969-3AD397F4954D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {508DFAA9-A4C7-43C0-B9EB-1CF6D6BF0159} - System32\Tasks\{AB34AA99-BADE-4F56-8BE7-B62F817BA872} => pcalua.exe -a "C:\Program Files\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {5962BB5D-E22C-48DF-8BFF-A58FEDFD8EDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {72660B4F-A773-4C60-8F36-EA5EBFD568E1} - \Start Registry Reviver -> Keine Datei <==== ACHTUNG
Task: {82391F2D-89D3-44FD-BBCC-FEC45E88F02B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-04-19] (AVAST Software)
Task: {A56D78C3-8218-48CE-BCC6-F9BCD07BFEA9} - System32\Tasks\{D6C07A53-11F0-44F1-8FB2-A2B09B196048} => pcalua.exe -a C:\Users\Conny\Downloads\ADE_2.0_Installer.exe -d C:\Users\Conny\Downloads
Task: {BB1571C3-45D2-4BD6-AF06-4628247E13B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {D00F2FB4-80F4-49C5-82E2-025ED397C0E7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {D37CDEB0-9A62-4E01-B7CB-216DD0E9B2FD} - System32\Tasks\SafeZone scheduled Autoupdate 1461085304 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-30] (Avast Software)
Task: {E5EE64D2-F42F-4C48-8D87-4AF66A1D44AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E9E1F514-54AB-4250-B4B6-4B5C81A5488B} - System32\Tasks\{1D3FF1F2-CC6B-4C77-A161-109C6F1A455A} => pcalua.exe -a C:\Users\Conny\AppData\Local\Temp\Temp1_profile_version_3206.zip\setup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-04-19 18:56 - 2016-04-19 18:56 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-04-19 18:56 - 2016-04-19 18:56 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-20 17:42 - 2016-04-20 17:42 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16042000\algo.dll
2016-04-19 18:56 - 2016-04-19 18:56 - 00478144 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-03-19 11:54 - 2015-10-13 03:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2016-04-19 18:56 - 2016-04-19 18:56 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-01-08 00:31 - 2016-04-06 17:56 - 00153032 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2016-01-08 00:31 - 2016-04-06 17:56 - 00022472 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2014-03-07 17:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\Services: UniversalCommunicationServer => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Conny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B5BB3F09-3F28-4037-ADDF-ED0D9521AD3F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7E1E0E25-5811-48BA-8112-A999DE7DA7F1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5D17EE8E-2B60-4228-90AE-0DF6430EF885}] => (Allow) svchost.exe
FirewallRules: [{811CA0F5-D2BB-4A4D-BE17-4014C5E8BC67}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{1D853E59-2575-4067-9F21-DE76C38A37B7}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{30E69FC8-3BEF-4B3C-B402-933778084EAA}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{9E4248B8-B08B-4A20-9DBE-8BBD3F09CECC}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{4687042B-D555-4A1A-8039-1AD75E458545}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{961DDA7A-4319-4911-9776-A89874CE5335}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [{34DA1426-B63B-474F-8DEF-EB5235221BDD}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [TCP Query User{6B778748-C7B6-4A46-81D2-56ADEA63F1A7}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{FED1122E-4925-4558-BB06-142DCA1E502E}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{2605EEA3-C05C-459A-87D1-842F42681013}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{38E3F568-5839-4423-B7F7-825F441E9A3F}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{C1A531C8-1DCD-4DFA-82BE-CE5888CD32FD}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{7172C1E6-B85E-41BD-96A0-91C9CFA8119A}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{CE46AC23-B67F-4108-B551-AFF5D9782AD8}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{F877EC4A-9159-4A64-ABC7-2C95CD583B21}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{E73F7B8C-8D61-423F-92F6-41B4EE6DEAD8}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{3C609447-8057-4BCF-B11B-5FCA7ECC5A3C}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{39DCAE11-5CF4-4AC2-94EA-3595A667BBF9}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{B5B309C3-7463-4C30-AD15-7700AD51E9E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{796C015A-E095-4D97-8615-A51836C2BB2E}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{E533F68C-9F2E-4D27-B503-8603931A946A}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{69A98C7C-2D08-429A-BDD8-F97B185625D2}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FD8D8E36-1BB4-4BBB-AFB4-89635DFB6CE7}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{130F31E3-FF6C-4582-9B49-4194BAEB4B39}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{635854E1-9AB3-49FD-AD53-26ABE6288B52}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [TCP Query User{4957885E-9DC6-48AF-A709-0FD7610930C7}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{0CBAC78E-6FDF-485D-99DA-654A55EF276E}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [{692BDFF9-D89E-4F8D-95AE-221810CAE02F}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{2C43FFDD-B6BD-41A4-8BD6-AA2AB5E8ACAD}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{91395ADC-2BDE-4B46-8494-9EB27A9F6BD5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C6E35A0B-6B7A-4247-B0D4-51F114611254}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D91B19E8-D1DB-4CCC-9FD6-8BDAFD9CF437}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{18E738B9-3F17-4BBA-9045-1E4375E39A6E}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{627658B7-DB21-4DE6-8548-530E847DBE8B}] => (Allow) C:\Users\Conny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{FA30B07B-7F14-4D50-92AF-EEFCA9D3D396}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FE75D3F4-E8D1-4CFB-933D-6209B76DFF6C}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{0A4EC1A1-3B46-45A0-9BF7-910C850A4A46}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [{A5BDF030-2E00-440F-8298-3EE9A52D72B3}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{0EA845AE-B769-468C-BC49-64CA7AF58BE5}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{C5E5ECF1-9DF5-4D24-8CD9-FB695F96D803}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{7134D83D-E8E8-4235-A798-2FE8D9DA33F4}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{7CB4C706-0C27-4B19-865D-815C72462270}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{E3B3F49D-318B-458B-9996-94602E7A3B4C}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{2CBE49FE-1280-4E63-84CD-6A6B240E6A94}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{8C617366-DC95-4B51-AC60-3619F4EE1DE5}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{8049D308-47AD-4656-B8E4-FF0389C5D98C}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{944C753C-8B4D-4193-8F20-0269D1175512}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{0E0A14D1-5FE6-4430-BCD0-DC3481E510DA}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{73FE0611-6B7C-44E0-A9F2-F78142FB7FC6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE19B7A7-4403-4BC4-8281-661A9265FB98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA0C48A7-A4EA-4EE4-9C93-1A05765AF979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8274CD7-8D0E-4CEB-A85D-7D2D260C6077}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{05DB99BC-CB68-457B-859C-9EC460476FA8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5E9E69BC-6EC8-4A84-BC79-6C6F7872BF2C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{EB4831F9-9BE1-44B9-AAEC-71C5B4077093}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B17B8E5F-4C83-4DD8-9665-A2B50F2029F2}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{200C6D82-A0ED-4E15-917B-F41277C0081E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8F33AE0D-E430-42CB-8C6B-71E0C3E0349F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DBDD8041-CAD2-4CBF-83FC-0D30AD8185AA}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{A32D8C8E-4BF5-4C68-8B07-959AE85FF082}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [{A6B220F1-D801-47D9-A621-2277B6B58787}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AF8BFD75-C3B3-4A57-A7EC-44C89A708810}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{67CF725E-AD3D-4CEE-9FA1-8BDD832B9CAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8F61C0B2-0B6D-42E3-9CBD-CE7132C7B29E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{79543A19-0C7A-465C-8AB6-F2877AFC8470}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C4A111E1-5D7A-4168-BCD8-DEF2656767E6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Wiederherstellungspunkte =========================

09-03-2016 01:51:41 Windows Update
12-03-2016 10:38:38 Windows Update
13-03-2016 20:01:02 Windows-Sicherung
16-03-2016 19:30:51 Windows Update
20-03-2016 18:21:28 Windows Update
20-03-2016 20:02:56 Windows-Sicherung
25-03-2016 00:33:47 Windows Update
27-03-2016 19:01:13 Windows-Sicherung
28-03-2016 16:04:44 Windows Update
31-03-2016 17:03:40 Windows Update
03-04-2016 22:45:42 Windows Update
04-04-2016 21:44:47 Windows-Sicherung
07-04-2016 14:32:25 Windows Update
11-04-2016 20:55:56 Windows Update
12-04-2016 12:22:26 Windows-Sicherung
14-04-2016 00:37:07 Windows Update
17-04-2016 20:00:28 Windows Update
17-04-2016 20:03:24 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/20/2016 08:37:12 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (04/20/2016 08:27:12 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=EB8}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (04/20/2016 08:27:12 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=EB8}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (04/20/2016 05:51:06 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (04/20/2016 05:41:06 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=B18}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (04/20/2016 05:41:06 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=B18}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (04/19/2016 07:11:12 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (04/19/2016 07:01:13 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1110}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (04/19/2016 07:01:13 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=1110}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (04/19/2016 05:02:40 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:


Systemfehler:
=============
Error: (04/20/2016 08:27:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/20/2016 08:26:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/20/2016 08:25:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (04/20/2016 08:24:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/20/2016 08:24:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/20/2016 08:24:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/20/2016 08:24:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/20/2016 08:24:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/20/2016 08:24:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Service Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/20/2016 08:24:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SeaPort" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 63%
Installierter physikalischer RAM: 2039.11 MB
Verfügbarer physikalischer RAM: 742.32 MB
Summe virtueller Speicher: 4078.23 MB
Verfügbarer virtueller Speicher: 2437.98 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:1078.23 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:0.01 GB) NTFS
Drive f: (EX FESTPL 4) (Fixed) (Total:931.47 GB) (Free:850.99 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== Ende vom Addition.txt ============================
Danke Rafael, für Deine Antwort und für Deine Hilfe!

Zum Antivirenprogramm hab ich noch eine Frage...

Avast habe ich installiert, weil es mir von euch empfohlen wurde.
Zuvor habe ich mit AntiVir gearbeitet.

Ist das Microsoft Security Essentials empfehlenswert, bzw. besser
als Avast? Sonst könnte ich ja Microsoft Security Essentials deaktivieren.
Bei den Microsoftsicherheitsprogrammen habe ich halt immer Bedenken...
Aber ich bin kein Fachmann, darum nehme ich Deinen Rat sehr gerne an.

burningice 22.04.2016 15:31
Zitat:
Avast habe ich installiert, weil es mir von euch empfohlen wurde.
Das ist aber schon eine Zeit her denke ich ;)
Such es dir aus, jedenfalls eins der beiden Programme gehört runter. Avast haben wir halt das Problem damit, dass sie die Nutzerdaten der User mehr oder weniger auswerten, also was du so am PC machst usw.
Die Security Essentials sind echt nicht schlecht und vergleichbar mit anderen AV Programmen.

Downloade Dir HitmanProhttp://deeprybka.trojaner-board.de/b.../hitmanpro.pngauf Deinen Desktop:

HitmanPro-32 Bit Version
HitmanPro-64 Bit Version
Hast du noch irgendwelche Probleme mit deinem Rechner?

Lilian-Rose 22.04.2016 19:29
Danke Rafael, dann werde ich Avast löschen.
Ich hab die Security Essentials bisher gar nicht besonders beachtet,
läuft eher im Hintergrund. Wie kann ich das Programm am
besten nutzen? Welche Einstellungen empfiehlst Du mir?
Ansonsten hab ich das Problem mit der Werbung, die sich immer
wieder einblendet...

hier kommt die gewünschte Logdatei von HitmanPro...

Code:

       
Code:

       
HitmanPro 3.7.13.258
www.hitmanpro.com

   Computer name . . . . : CONNY-PC
   Windows . . . . . . . : 6.1.1.7601.X86/4
   User name . . . . . . : Conny-PC\Conny
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-04-22 20:08:02
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 9m 12s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 26

   Objects scanned . . . : 1.846.915
   Files scanned . . . . : 70.908
   Remnants scanned  . . : 440.765 files / 1.335.242 keys

Malware _____________________________________________________________________

   C:\Users\Conny\Dropbox\Downloads\Notfall_DVD_5.0_Free_CB-DL-Manager(2).exe
      Size . . . . . . . : 558.744 bytes
      Age  . . . . . . . : 175.0 days (2015-10-30 19:43:33)
      Entropy  . . . . . : 6.9
      SHA-256  . . . . . : 36E54CED4F07051A76D02E9A1181AC71A1C9D51A0011AD9EA7F8FF93C8F6488E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Bitdefender  . . . : Gen:Variant.Application.Bundler.DownloadGuide.11
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.Ocna.asb
      Fuzzy  . . . . . . : 99.0

   C:\Users\Conny\Dropbox\Downloads\Notfall_DVD_5.0_Free_CB-DL-Manager.exe
      Size . . . . . . . : 558.744 bytes
      Age  . . . . . . . : 175.0 days (2015-10-30 19:35:18)
      Entropy  . . . . . : 6.9
      SHA-256  . . . . . : 4C252FC39C285F9AC1ECD3F61FB5DEEC98FFF0A4D37AC13D22099A3242BD6E93
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Bitdefender  . . . : Gen:Variant.Application.Bundler.DownloadGuide.11
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.Ocna.asb
      Fuzzy  . . . . . . : 99.0


Suspicious files ____________________________________________________________

   C:\Users\Conny\Desktop\Rafael\FRST.exe
      Size . . . . . . . : 1.722.368 bytes
      Age  . . . . . . . : 59.4 days (2016-02-23 11:00:14)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 698D9294ACDBC174E5BC6EC03EE159E445291E99A64E0663FE1C4ACA7C59F091
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

   C:\Users\Conny\Desktop\Verschiedenes\Neuer Ordner\Software zum Entfernen von Viren und Trojanern\FRST(1).exe
      Size . . . . . . . : 1.145.344 bytes
      Age  . . . . . . . : 776.2 days (2014-03-08 16:04:01)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : BA2F1F2D4529FA67112C98FCB18C51FC802350EE9A9F3FFD1FBAD9893BC0A890
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

   C:\Users\Conny\Dropbox\Downloads\FRST(1).exe
      Size . . . . . . . : 1.722.368 bytes
      Age  . . . . . . . : 59.4 days (2016-02-23 11:01:12)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 698D9294ACDBC174E5BC6EC03EE159E445291E99A64E0663FE1C4ACA7C59F091
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

   C:\Users\Conny\Dropbox\Downloads\Verschiedenes\FRST.exe
      Size . . . . . . . : 1.145.344 bytes
      Age  . . . . . . . : 779.4 days (2014-03-05 10:10:49)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 3FB4B3F37FDC3B4248E4FEC84823910430653AC5B3E66BC59A8B0837B51ED94B
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.


Potential Unwanted Programs _________________________________________________

   C:\Users\Conny\AppData\Roaming\Reviversoft\ (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\ (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\backup.aso (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\ExcludeList.aso (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\log\ (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\log\RCscanlog.xml (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\Partial Backups\ (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\Partial Backups\00000001.rmx (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\Partial Backups\00000001.rxb (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\Registry Reviver\ (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\Registry Reviver\log_07-18-2011.log (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\Registry Reviver\log_07-22-2011.log (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\Registry Reviver\log_07-24-2011.log (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\Registry Reviver\log_09-30-2011.log (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\Registry Reviver\log_10-08-2011.log (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\results.aso (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\status.ini (ReviverSoft)
   C:\Users\Conny\AppData\Roaming\Reviversoft\RRST\TempHLList.aso (ReviverSoft)
   HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4\ (FLV Player)
   HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113} (FLV Player)

burningice 24.04.2016 23:01
Die Einstellungen von den Essentials kannst du einfach lassen.

In welchem Browser bzw. wann hast du das Problem mit der Werbung?

Schritt: 1
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Lilian-Rose 29.04.2016 22:40
Das Problem hab ich mit Firefox und die Werbung erscheint, wenn ich im Internet unterwegs bin und etwas suche, meistens mit Google... dann aber auf jeder Website...

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
durchgeführt von Conny (Administrator) auf CONNY-PC (29-04-2016 23:34:34)
Gestartet von C:\Users\Conny\Desktop\Rafael
Geladene Profile: Conny (Verfügbare Profile: Conny)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390608 2016-04-19] (AVAST Software)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-04-19] (AVAST Software)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {3B713BCF-458F-4A2A-BAD2-9784208C169D} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=00033BB0&OHP=about%3Ablank&OSP=https%3A%2F%2Fde.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-19] (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-03-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-09] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-185569535-4180466776-3876511590-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\gdrdarb7.default-1458668194718
FF Homepage: hxxp://www.jw.org/de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-04-27] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-19]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-19]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-15] <==== ACHTUNG

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Google-Suche) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-16]
CHR Extension: (Skype Click to Call) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Google Mail) - C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-19]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-19] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4422704 2016-04-19] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1917680 2016-03-08] (Microsoft Corporation)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S4 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
S4 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2012-06-22] ()
S4 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S4 UniversalCommunicationServer; C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe [90496 2013-05-02] (BERNINA International AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-04-19] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-04-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-04-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-04-19] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-04-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [815792 2016-04-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449640 2016-04-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [124808 2016-04-19] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221368 2016-04-19] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
R0 DiskSec; C:\Windows\system32\Drivers\DiskSec.sys [14208 2008-04-04] (MAGIX) [Datei ist nicht signiert]
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [136432 2016-04-19] (AVAST Software)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 SydexFDD; C:\Windows\system32\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows (R) 2000 DDK provider) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [262984 2016-04-19] (Avast Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Conny\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Conny\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S3 eapihdrv; \??\C:\Users\Conny\AppData\Local\Temp\ehdrv.sys [X]
S2 tmcomm; system32\DRIVERS\tmcomm.sys [X]
S2 wntpport; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-28 22:41 - 2016-04-28 23:59 - 00006392 _____ C:\Users\Conny\Desktop\Babyschühchen.odt
2016-04-22 20:06 - 2016-04-22 20:23 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-22 20:03 - 2016-04-22 20:04 - 10457272 _____ (SurfRight B.V.) C:\Users\Conny\Desktop\HitmanPro.exe
2016-04-22 14:49 - 2016-04-22 14:49 - 00000000 ____D C:\Windows\system32\vbox
2016-04-20 20:14 - 2016-04-20 20:14 - 03683904 _____ C:\Users\Conny\Desktop\AdwCleaner_5.112.exe
2016-04-20 20:07 - 2016-04-20 20:07 - 00001218 _____ C:\Users\Conny\Desktop\mbam.txt
2016-04-20 19:01 - 2016-04-20 19:01 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-20 18:56 - 2016-04-20 18:57 - 22851472 _____ (Malwarebytes ) C:\Users\Conny\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-19 19:01 - 2016-04-19 19:01 - 00001122 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-04-19 19:01 - 2016-04-19 19:01 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-19 18:57 - 2016-04-19 18:55 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-04-19 18:56 - 2016-04-19 18:56 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-04-19 18:56 - 2016-04-19 18:56 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-04-16 14:04 - 2016-04-16 14:04 - 00015262 _____ C:\Users\Conny\Documents\Nestchen.odt
2016-04-15 12:45 - 2016-04-15 12:45 - 00004838 _____ C:\Users\Conny\Desktop\Pfauenschwanzmuster.odt
2016-04-13 21:29 - 2016-04-04 19:54 - 00034024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 21:29 - 2016-04-04 19:42 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 21:29 - 2016-04-02 15:07 - 01218048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 21:29 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 21:29 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 21:29 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 21:29 - 2016-03-31 02:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 21:29 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 21:29 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 21:29 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-13 21:29 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-13 21:29 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-13 21:29 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 21:29 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 21:29 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-13 21:29 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 21:29 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 21:29 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-13 21:29 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 21:29 - 2016-03-31 01:45 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-13 21:29 - 2016-03-31 01:41 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 21:29 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 21:29 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 21:29 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-13 21:29 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-13 21:29 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 21:29 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 21:29 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 21:29 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-13 21:29 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 21:29 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 21:29 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 21:29 - 2016-03-31 01:23 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 21:29 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-13 21:29 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 21:29 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 21:29 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 21:29 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 21:29 - 2016-03-23 16:02 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 21:29 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-04-13 21:29 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 21:29 - 2016-03-18 00:36 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 21:29 - 2016-03-18 00:36 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 21:29 - 2016-03-18 00:33 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 21:29 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 21:29 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 21:29 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 21:29 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 21:29 - 2016-03-18 00:26 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 21:29 - 2016-03-18 00:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 21:29 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 21:29 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 21:29 - 2016-03-17 23:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 21:29 - 2016-03-17 23:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 21:29 - 2016-03-17 23:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 21:29 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 21:29 - 2016-03-17 23:36 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 21:29 - 2016-03-17 23:35 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 21:29 - 2016-03-17 23:30 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 21:29 - 2016-03-17 23:30 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 21:29 - 2016-03-17 23:30 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 21:29 - 2016-03-17 23:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 21:29 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 21:29 - 2016-03-17 23:29 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 21:29 - 2016-03-17 20:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 21:29 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-04-13 21:29 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 21:29 - 2016-02-02 20:48 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-13 21:27 - 2016-03-29 19:35 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 21:27 - 2016-03-16 01:53 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 21:27 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 21:27 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 21:27 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 21:27 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 21:27 - 2016-02-05 20:44 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-13 21:27 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-04-13 21:27 - 2016-01-21 02:51 - 00057280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 21:27 - 2015-06-03 22:22 - 00355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-04-13 20:55 - 2016-04-13 20:55 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-12 22:43 - 2016-04-12 22:43 - 00005307 _____ C:\Users\Conny\Desktop\Mein Liebes.odt
2016-04-05 18:02 - 2016-04-05 18:04 - 00009280 _____ C:\Users\Conny\Documents\Weight Watchers Formel.odt
2016-03-30 11:39 - 2016-03-30 12:03 - 00005112 _____ C:\Users\Conny\Desktop\Mütze für Aaron stricken.odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-29 23:34 - 2014-03-05 10:11 - 00000000 ____D C:\FRST
2016-04-29 23:18 - 2012-05-31 23:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-29 23:15 - 2009-07-14 06:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-29 23:15 - 2009-07-14 06:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-29 22:48 - 2015-06-12 20:37 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job
2016-04-29 22:42 - 2011-01-10 23:01 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-29 20:42 - 2011-01-10 23:01 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-29 18:01 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-28 23:48 - 2015-06-12 20:37 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job
2016-04-28 18:36 - 2012-10-17 17:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-27 22:45 - 2016-02-12 21:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-22 09:57 - 2010-08-30 18:46 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-20 20:26 - 2014-06-29 10:37 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-04-20 20:24 - 2016-02-25 13:36 - 00000000 ____D C:\ProgramData\Lavasoft
2016-04-20 20:18 - 2014-03-08 15:19 - 00000000 ____D C:\AdwCleaner
2016-04-20 19:04 - 2014-06-29 10:37 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-20 19:01 - 2014-06-29 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-20 17:46 - 2010-08-28 02:49 - 01622236 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-20 17:46 - 2010-05-12 15:13 - 00699884 _____ C:\Windows\system32\perfh007.dat
2016-04-20 17:46 - 2010-05-12 15:13 - 00149766 _____ C:\Windows\system32\perfc007.dat
2016-04-20 17:46 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-04-19 18:57 - 2014-11-29 11:26 - 00221368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-04-19 18:56 - 2014-11-29 12:38 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-04-19 18:56 - 2014-11-29 11:26 - 00449640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-04-19 18:56 - 2014-11-29 11:26 - 00124808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-04-19 18:56 - 2014-11-29 11:26 - 00091232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-04-19 18:56 - 2014-11-29 11:26 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-04-19 18:56 - 2014-11-29 11:26 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-04-19 18:56 - 2014-11-29 11:25 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-19 18:55 - 2015-07-20 21:02 - 00136432 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2016-04-19 18:55 - 2014-11-29 11:26 - 00815792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-04-19 18:55 - 2014-11-29 11:25 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-19 17:11 - 2014-01-21 10:22 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-19 17:09 - 2014-01-21 10:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-18 14:28 - 2013-02-23 12:15 - 00000000 ____D C:\Users\Conny\Desktop\Handarbeit
2016-04-15 20:02 - 2016-02-24 00:31 - 00000000 ____D C:\Users\Conny\Desktop\Rafael
2016-04-15 14:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2016-04-14 17:45 - 2011-01-10 23:04 - 00000000 ____D C:\Users\Conny
2016-04-14 17:11 - 2013-12-16 16:35 - 00269824 ___SH C:\Users\Conny\Thumbs.db
2016-04-14 14:10 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-14 14:10 - 2009-07-14 06:33 - 00386896 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-14 14:05 - 2014-12-11 13:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-14 00:45 - 2013-08-15 10:15 - 00000000 ____D C:\Windows\system32\MRT
2016-04-14 00:41 - 2010-08-30 18:47 - 132539272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-13 20:54 - 2013-03-10 11:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Dropbox
2016-04-11 21:44 - 2012-09-17 17:48 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-07 14:20 - 2016-01-08 00:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2007-03-12 19:59 - 2007-03-12 19:59 - 0299008 _____ () C:\Program Files\navigram_register.exe
2013-03-16 10:27 - 2013-03-16 10:27 - 0000288 _____ () C:\Users\Conny\AppData\Roaming\.backup.dm
2014-09-30 12:46 - 2014-09-30 12:48 - 0000055 _____ () C:\Users\Conny\AppData\Roaming\My Profile.xml
2011-09-29 14:09 - 2011-10-04 15:29 - 0001188 _____ () C:\Users\Conny\AppData\Local\crc32list11.txt
2011-09-03 21:06 - 2015-11-08 16:39 - 0005120 _____ () C:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-03 12:37 - 2014-03-03 12:37 - 0001461 _____ () C:\Users\Conny\AppData\Local\recently-used.xbel
2011-03-17 18:55 - 2011-03-17 18:55 - 0000017 _____ () C:\Users\Conny\AppData\Local\resmon.resmoncfg
2011-01-11 23:23 - 2012-05-10 09:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Einige Dateien in TEMP:
====================
C:\Users\Conny\AppData\Local\Temp\{B33FA7FF-FE49-446E-85DB-7F964DC21DCF}-DropboxClient_3.18.1.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-29 21:16

==================== Ende vom FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
durchgeführt von Conny (2016-04-29 23:36:04)
Gestartet von C:\Users\Conny\Desktop\Rafael
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2011-01-10 21:04:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-185569535-4180466776-3876511590-500 - Administrator - Disabled)
Conny (S-1-5-21-185569535-4180466776-3876511590-1000 - Administrator - Enabled) => C:\Users\Conny
Gast (S-1-5-21-185569535-4180466776-3876511590-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-185569535-4180466776-3876511590-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 11.2.2261 - AVAST Software)
BERNINA ARTlink 7 (HKLM\...\{CA812D88-2139-4107-97B5-1B2D2A1DD04D}) (Version: 18.0.94.7011 - BERNINA)
BERNINA ARTlink 7 (Version: 18.0.94.7011 - Wilcom) Hidden
BERNINA Universal Communication Server (HKLM\...\{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}) (Version: 1.27.70 - BERNINA)
Blackboard Collaborate Launcher (HKLM\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon iP3600 series Benutzerregistrierung (HKLM\...\Canon iP3600 series Benutzerregistrierung) (Version:  - )
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version:  - )
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC8) (Version: 8.5.0.7 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller51278dcd0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52b3284a0) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller52d266760) (Version: 1.0.0.0 - Conexant Systems)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CrystalDiskInfo 6.7.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.7.5 - Crystal Dew World)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815a - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dropbox (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
easyFly 3 Starter Edition (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}) (Version: 3.0.1.11 - IPACS)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
e-Sword (HKLM\...\{8E436940-A944-4D67-A45B-1876E23BB9C0}) (Version: 9.08.0003 - Rick Meyers)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Lexware Info Service (HKLM\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
MAGIX Audio Cleaning Lab 16 deluxe (HKLM\...\mclab_16dlx) (Version: 16.0.0.0 - MAGIX AG)
MAGIX Audio Cleaning Lab 16 deluxe (Version: 16.0.0.0 - MAGIX AG) Hidden
MAGIX PC Check & Tuning 2010 5.0.22.687 (D) (HKLM\...\MAGIX PC Check & Tuning 2010 D) (Version: 5.0.22.687 - MAGIX AG)
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEDION GoPal Assistant (HKLM\...\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}) (Version: 6.2.0.12196 - MEDION)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4815.1001 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 46.0 (x86 de) (HKLM\...\Mozilla Firefox 46.0 (x86 de)) (Version: 46.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.0.5955 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
my editor v5.00 (HKLM\...\{6B435248-5F4F-4CE9-A533-CB3D8D97A210}) (Version: 5.00.8505.2014 - Wings Systems Ltd.)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.2.1 - Nikon)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.3.0 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Profili 2 (HKLM\...\Profili 2) (Version:  - )
Quicken DELUXE 2014 (HKLM\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.32.00.0004 - Haufe-Lexware GmbH & Co.KG)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6136 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
SafeZone Stable 1.48.2066.98 (Version: 1.48.2066.98 - Avast Software) Hidden
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Schrankplaner (HKLM\...\{C92CE7AF-B104-4710-8F5C-9F833976D308}) (Version: 3.01.00 - schrankplaner.de)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sweet Home 3D version 3.1 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Video Grabber (HKLM\...\Uninstaller51278dcb0) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52b328480) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller52d266740) (Version: 1.0.0.0 - Conexant Systems)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.2.1 - Nikon)
VoipStunt (HKLM\...\VoipStunt_is1) (Version: 4.09 build 661 - Finarea S.A. Switzerland)
Watchtower Library 2011 - Deutsch (HKLM\...\{8BE514E8-4486-4730-8B68-FA15EEDC942E}) (Version: 13.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - Deutsch (HKLM\...\{CFDF0961-77C7-4392-96EE-624DFE81C3C2}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2012 - hrvatsko izdanje (HKLM\...\{56067BE8-31E8-4796-9EA2-164CDB5ACCF7}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2013 - Deutsch (HKLM\...\{61118DEB-78F1-4158-97ED-78A457550FE7}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2015 - Deutsch (HKLM\...\{AEB12380-3E2F-4A9F-B8DF-1BD7682DE663}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Wilcom TrueSizer e3.0 (HKLM\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Wilcom TrueSizer e3.0 (Version: 17.0.185.7427 - Wilcom) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2015 (HKLM\...\{F8738EA4-CE8F-4D4B-8478-6ADB18B165F4}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Wuala (HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Conny\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-185569535-4180466776-3876511590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0566F4FA-CF4E-4C46-997E-318EF28A44E0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {0694FA8A-71C8-4F5D-AACA-0D7E0EC23467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1146A79F-834C-4E3E-AE60-25376A2F0C32} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {2FA8CCB7-D2C4-425F-B969-3AD397F4954D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {508DFAA9-A4C7-43C0-B9EB-1CF6D6BF0159} - System32\Tasks\{AB34AA99-BADE-4F56-8BE7-B62F817BA872} => pcalua.exe -a "C:\Program Files\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {5962BB5D-E22C-48DF-8BFF-A58FEDFD8EDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {72660B4F-A773-4C60-8F36-EA5EBFD568E1} - \Start Registry Reviver -> Keine Datei <==== ACHTUNG
Task: {82391F2D-89D3-44FD-BBCC-FEC45E88F02B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-04-19] (AVAST Software)
Task: {A56D78C3-8218-48CE-BCC6-F9BCD07BFEA9} - System32\Tasks\{D6C07A53-11F0-44F1-8FB2-A2B09B196048} => pcalua.exe -a C:\Users\Conny\Downloads\ADE_2.0_Installer.exe -d C:\Users\Conny\Downloads
Task: {BB1571C3-45D2-4BD6-AF06-4628247E13B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {D00F2FB4-80F4-49C5-82E2-025ED397C0E7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {D37CDEB0-9A62-4E01-B7CB-216DD0E9B2FD} - System32\Tasks\SafeZone scheduled Autoupdate 1461085304 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-30] (Avast Software)
Task: {E5EE64D2-F42F-4C48-8D87-4AF66A1D44AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E9E1F514-54AB-4250-B4B6-4B5C81A5488B} - System32\Tasks\{1D3FF1F2-CC6B-4C77-A161-109C6F1A455A} => pcalua.exe -a C:\Users\Conny\AppData\Local\Temp\Temp1_profile_version_3206.zip\setup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000Core.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-185569535-4180466776-3876511590-1000UA.job => C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-04-19 18:56 - 2016-04-19 18:56 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-04-19 18:56 - 2016-04-19 18:56 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-28 22:39 - 2016-04-28 22:39 - 02891264 _____ () C:\Program Files\AVAST Software\Avast\defs\16042802\algo.dll
2016-04-29 18:02 - 2016-04-29 18:02 - 02891264 _____ () C:\Program Files\AVAST Software\Avast\defs\16042900\algo.dll
2016-04-19 18:56 - 2016-04-19 18:56 - 00478144 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-29 22:03 - 2016-04-29 22:03 - 02892288 _____ () C:\Program Files\AVAST Software\Avast\defs\16042901\algo.dll
2014-03-19 11:54 - 2015-10-13 03:43 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2016-04-19 18:56 - 2016-04-19 18:56 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-01-08 00:31 - 2016-04-06 17:56 - 00153032 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2016-01-08 00:31 - 2016-04-06 17:56 - 00022472 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Conny\Documents\Zeolith S. 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-185569535-4180466776-3876511590-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2014-03-07 17:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-185569535-4180466776-3876511590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\Services: UniversalCommunicationServer => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Conny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Conny\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B5BB3F09-3F28-4037-ADDF-ED0D9521AD3F}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7E1E0E25-5811-48BA-8112-A999DE7DA7F1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5D17EE8E-2B60-4228-90AE-0DF6430EF885}] => (Allow) svchost.exe
FirewallRules: [{811CA0F5-D2BB-4A4D-BE17-4014C5E8BC67}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{1D853E59-2575-4067-9F21-DE76C38A37B7}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{30E69FC8-3BEF-4B3C-B402-933778084EAA}] => (Allow) C:\Program Files\1&1\IGDCTRL.EXE
FirewallRules: [{9E4248B8-B08B-4A20-9DBE-8BBD3F09CECC}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{4687042B-D555-4A1A-8039-1AD75E458545}] => (Allow) C:\Program Files\1&1\FBoxUpd.exe
FirewallRules: [{961DDA7A-4319-4911-9776-A89874CE5335}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [{34DA1426-B63B-474F-8DEF-EB5235221BDD}] => (Allow) C:\Program Files\1&1\WebwaIgd.exe
FirewallRules: [TCP Query User{6B778748-C7B6-4A46-81D2-56ADEA63F1A7}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{FED1122E-4925-4558-BB06-142DCA1E502E}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{2605EEA3-C05C-459A-87D1-842F42681013}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{38E3F568-5839-4423-B7F7-825F441E9A3F}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{C1A531C8-1DCD-4DFA-82BE-CE5888CD32FD}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{7172C1E6-B85E-41BD-96A0-91C9CFA8119A}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{CE46AC23-B67F-4108-B551-AFF5D9782AD8}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{F877EC4A-9159-4A64-ABC7-2C95CD583B21}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{E73F7B8C-8D61-423F-92F6-41B4EE6DEAD8}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{3C609447-8057-4BCF-B11B-5FCA7ECC5A3C}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{39DCAE11-5CF4-4AC2-94EA-3595A667BBF9}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{B5B309C3-7463-4C30-AD15-7700AD51E9E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{796C015A-E095-4D97-8615-A51836C2BB2E}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{E533F68C-9F2E-4D27-B503-8603931A946A}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{69A98C7C-2D08-429A-BDD8-F97B185625D2}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FD8D8E36-1BB4-4BBB-AFB4-89635DFB6CE7}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{130F31E3-FF6C-4582-9B49-4194BAEB4B39}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{635854E1-9AB3-49FD-AD53-26ABE6288B52}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Allow) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [TCP Query User{4957885E-9DC6-48AF-A709-0FD7610930C7}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [UDP Query User{0CBAC78E-6FDF-485D-99DA-654A55EF276E}C:\program files\voipstunt.com\voipstunt\voipstunt.exe] => (Block) C:\program files\voipstunt.com\voipstunt\voipstunt.exe
FirewallRules: [{692BDFF9-D89E-4F8D-95AE-221810CAE02F}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{2C43FFDD-B6BD-41A4-8BD6-AA2AB5E8ACAD}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{91395ADC-2BDE-4B46-8494-9EB27A9F6BD5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C6E35A0B-6B7A-4247-B0D4-51F114611254}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D91B19E8-D1DB-4CCC-9FD6-8BDAFD9CF437}] => (Allow) C:\Users\Conny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{18E738B9-3F17-4BBA-9045-1E4375E39A6E}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{627658B7-DB21-4DE6-8548-530E847DBE8B}] => (Allow) C:\Users\Conny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{FA30B07B-7F14-4D50-92AF-EEFCA9D3D396}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FE75D3F4-E8D1-4CFB-933D-6209B76DFF6C}] => (Allow) C:\Program Files\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{0A4EC1A1-3B46-45A0-9BF7-910C850A4A46}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [{A5BDF030-2E00-440F-8298-3EE9A52D72B3}] => (Allow) C:\Program Files\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{0EA845AE-B769-468C-BC49-64CA7AF58BE5}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{C5E5ECF1-9DF5-4D24-8CD9-FB695F96D803}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{7134D83D-E8E8-4235-A798-2FE8D9DA33F4}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{7CB4C706-0C27-4B19-865D-815C72462270}C:\program files\phoenixrc\phoenixrc.exe] => (Block) C:\program files\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{E3B3F49D-318B-458B-9996-94602E7A3B4C}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{2CBE49FE-1280-4E63-84CD-6A6B240E6A94}C:\program files\phoenixrc\simulator.exe] => (Allow) C:\program files\phoenixrc\simulator.exe
FirewallRules: [TCP Query User{8C617366-DC95-4B51-AC60-3619F4EE1DE5}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{8049D308-47AD-4656-B8E4-FF0389C5D98C}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{944C753C-8B4D-4193-8F20-0269D1175512}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{0E0A14D1-5FE6-4430-BCD0-DC3481E510DA}C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\conny\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{73FE0611-6B7C-44E0-A9F2-F78142FB7FC6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE19B7A7-4403-4BC4-8281-661A9265FB98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA0C48A7-A4EA-4EE4-9C93-1A05765AF979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8274CD7-8D0E-4CEB-A85D-7D2D260C6077}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{05DB99BC-CB68-457B-859C-9EC460476FA8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5E9E69BC-6EC8-4A84-BC79-6C6F7872BF2C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{EB4831F9-9BE1-44B9-AAEC-71C5B4077093}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B17B8E5F-4C83-4DD8-9665-A2B50F2029F2}C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\conny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{200C6D82-A0ED-4E15-917B-F41277C0081E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8F33AE0D-E430-42CB-8C6B-71E0C3E0349F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DBDD8041-CAD2-4CBF-83FC-0D30AD8185AA}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{A32D8C8E-4BF5-4C68-8B07-959AE85FF082}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [{A6B220F1-D801-47D9-A621-2277B6B58787}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AF8BFD75-C3B3-4A57-A7EC-44C89A708810}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{67CF725E-AD3D-4CEE-9FA1-8BDD832B9CAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8F61C0B2-0B6D-42E3-9CBD-CE7132C7B29E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{79543A19-0C7A-465C-8AB6-F2877AFC8470}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C4A111E1-5D7A-4168-BCD8-DEF2656767E6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Wiederherstellungspunkte =========================

20-03-2016 18:21:28 Windows Update
20-03-2016 20:02:56 Windows-Sicherung
25-03-2016 00:33:47 Windows Update
27-03-2016 19:01:13 Windows-Sicherung
28-03-2016 16:04:44 Windows Update
31-03-2016 17:03:40 Windows Update
03-04-2016 22:45:42 Windows Update
04-04-2016 21:44:47 Windows-Sicherung
07-04-2016 14:32:25 Windows Update
11-04-2016 20:55:56 Windows Update
12-04-2016 12:22:26 Windows-Sicherung
14-04-2016 00:37:07 Windows Update
17-04-2016 20:00:28 Windows Update
17-04-2016 20:03:24 Windows-Sicherung
22-04-2016 12:04:19 Windows Update
24-04-2016 19:00:44 Windows-Sicherung
26-04-2016 18:48:56 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/29/2016 06:11:29 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (04/29/2016 06:01:28 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=E4C}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (04/29/2016 06:01:28 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=E4C}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (04/28/2016 06:47:10 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (04/28/2016 06:37:11 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=F84}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (04/28/2016 06:37:11 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=F84}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (04/27/2016 07:00:01 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (04/27/2016 06:50:02 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=B30}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000193).

Error: (04/27/2016 06:50:02 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604070000:tid=B30}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7155.5001.sft' herstellen (Rückgabecode 24604E0A-40000193, ursprünglicher Rückgabecode 24604E0A-40000193).

Error: (04/26/2016 06:47:44 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:


Systemfehler:
=============
Error: (04/29/2016 06:01:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/29/2016 06:01:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/28/2016 06:37:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/28/2016 06:37:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/27/2016 06:49:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/27/2016 06:49:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/26/2016 06:37:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/26/2016 06:37:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/25/2016 09:51:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tmcomm" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/25/2016 09:51:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "wntpport" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 2039.11 MB
Verfügbarer physikalischer RAM: 650.41 MB
Summe virtueller Speicher: 4078.23 MB
Verfügbarer virtueller Speicher: 2150.28 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:1080.13 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:0.01 GB) NTFS
Drive f: (EX FESTPL 4) (Fixed) (Total:931.47 GB) (Free:850.99 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== Ende vom Addition.txt ============================

burningice 30.04.2016 19:26
Bitte folge mal dieser Anleitung: https://support.mozilla.org/de/kb/firefox-bereinigen

Hast du noch irgendwelche Probleme mit deinem Rechner?

Lilian-Rose 01.05.2016 18:38
Liste der Anhänge anzeigen (Anzahl: 1)
Danke Rafael,
außer der Werbung hab ich aktuell keine anderen Probleme mehr...

Im Thread zu unserem Thema ist eine Empfehlung von der ich nicht weiß,
ob sie von Dir / euch kommt, oder ob das auch unerwünschte Werbung ist...

Ich hab es fotografiert und als Grafik angehängt.

Liebe Grüße
Lilian

burningice 03.05.2016 12:06
Also diese Werbung kommt, wenn du auf dem Forum aktiv bist und nicht angemeldet bist - finde ich selber nicht schön, ist aber so...

Dagegen kannst du einen Adblocker installieren.

Ich denke, sonst ist nicht mehr viel bei dir zu finden:
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 17:33 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131