Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Virenwarnung: Windows detected malicious virus? (https://www.trojaner-board.de/187575-virenwarnung-windows-detected-malicious-virus.html)

ImmiMax 22.11.2017 10:47
Virenwarnung: Windows detected malicious virus?
 
Liste der Anhänge anzeigen (Anzahl: 2)
Hi,
neuerdings geht bei mir im Firefox immer mal wieder eine Seite auf mit einer Virenwarnung und der Aufforderung, eine Rufnummer anzurufen. Könnt Ihr mir eventuell sagen, was das ist?
Bei mir läuft Avira, die aber nichts gemerkt hat.
Malwarebyte hat etwas entdeckt und beseitigt. Es kommt aber immer wieder.

Könnt Ihr mir bitte helfen?

cosinus 22.11.2017 12:29
Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

ImmiMax 22.11.2017 17:02
FRST.txt
 
Hallo und vielen Dank.
Hier sind die Ergebnisse:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-11-2017
durchgeführt von Berni (Administrator) auf BERNIS-LAPTOP (22-11-2017 16:37:49)
Gestartet von C:\Users\Berni\Desktop
Geladene Profile: Berni & DefaultAppPool &  (Verfügbare Profile: Berni & Administrator & DefaultAppPool)
Platform: Windows 10 Pro N Version 1703 15063.726 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
() C:\Program Files (x86)\STRATO\HiDrive\Updater\MaintenanceService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\MOTU\Pro Audio\Service\MOTUProAudioHTTPServer.exe
(MOTU Inc.) C:\Program Files (x86)\MOTU\Pro Audio\Service\motuDNSResponder.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files (x86)\MOTU\Pro Audio\MOTUDiscovery.exe
() C:\Program Files (x86)\MOTU\Pro Audio\Service\MOTUProAudio.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Program Files (x86)\MOTU\Audio\MFWAKeys.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopyUAC.exe
() C:\Program Files (x86)\STRATO\HiDrive\HiDrive.App.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Play! 3\Sound Blaster Play! 3 Control Panel\SBPlay3.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Heiko Sommerfeldt) C:\Program Files (x86)\PhonerLite\PhonerLite.exe
() C:\Program Files (x86)\Real\RealPlayer\RealDownloader\downloader2.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [MOTUDiscovery.exe] => C:\Program Files (x86)\MOTU\Pro Audio\MOTUDiscovery.exe [524808 2017-10-11] ()
HKLM\...\Run: [MOTUProAudio.exe] => C:\Program Files (x86)\MOTU\Pro Audio\Service\MOTUProAudio.exe [252936 2017-10-11] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-24] (Intel Corporation)
HKLM-x32\...\Run: [Flashget] => C:\Program Files (x86)\FlashGet.exe [2007088 2007-09-25] (FlashGet.com)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [412808 2017-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298504 2014-11-08] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [Google Desktop Search] => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2015-10-25] (Google)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [202280 2015-09-29] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [352648 2016-09-25] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe [708336 2016-09-03] ()
HKLM-x32\...\Run: [Sound Blaster Play! 3 Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Play! 3\Sound Blaster Play! 3 Control Panel\SBPlay3.exe [994304 2017-06-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Run: [Dropbox Update] => C:\Users\Berni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Run: [Spotify] => C:\Users\Berni\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-13] (Spotify Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3155640 2017-05-20] (Unified Intents AB)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Run: [Spotify Web Helper] => C:\Users\Berni\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-13] (Spotify Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Run: [MOTUDiscovery.exe] => C:\Program Files (x86)\MOTU\Pro Audio\MOTUDiscovery.exe [524808 2017-10-11] ()
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\MountPoints2: {8accd171-c843-11e4-806b-606c662f99db} - "D:\setup.exe"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\Plane9.scr [78336 2015-02-27] ()
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Run: [Dropbox Update] => C:\Users\Berni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Run: [Spotify] => C:\Users\Berni\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-13] (Spotify Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3155640 2017-05-20] (Unified Intents AB)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Run: [Spotify Web Helper] => C:\Users\Berni\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-13] (Spotify Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Run: [MOTUDiscovery.exe] => C:\Program Files (x86)\MOTU\Pro Audio\MOTUDiscovery.exe [524808 2017-10-11] ()
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\MountPoints2: {8accd171-c843-11e4-806b-606c662f99db} - "D:\setup.exe"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\Plane9.scr [78336 2015-02-27] ()
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Run: [Dropbox Update] => C:\Users\Berni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Run: [Spotify] => C:\Users\Berni\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-13] (Spotify Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3155640 2017-05-20] (Unified Intents AB)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Run: [Spotify Web Helper] => C:\Users\Berni\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-13] (Spotify Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Run: [MOTUDiscovery.exe] => C:\Program Files (x86)\MOTU\Pro Audio\MOTUDiscovery.exe [524808 2017-10-11] ()
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\MountPoints2: {8accd171-c843-11e4-806b-606c662f99db} - "D:\setup.exe"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\Plane9.scr [78336 2015-02-27] ()
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\Run: [Dropbox Update] => C:\Users\Berni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\Run: [Spotify] => C:\Users\Administrator.Bernis-Laptop\AppData\Roaming\Spotify\Spotify.exe --autostart
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3155640 2017-05-20] (Unified Intents AB)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\Run: [Spotify Web Helper] => C:\Users\Administrator.Bernis-Laptop\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\RunOnce: [C5_ResDefE] => C:\Program Files (x86)\Creative\Sound Blaster Play! 3\Program\Driver\WinVista\Bin\ResDefE.EXE [21992 2017-06-14] (Creative Technology Ltd.)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\RunOnce: [ProdReg] => C:\Program Files (x86)\Creative\Product Registration\ProdReg.exe [1690112 2014-02-24] (Creative Technology Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\MountPoints2: {8accd171-c843-11e4-806b-606c662f99db} - "D:\setup.exe"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\Run: [Dropbox Update] => C:\Users\Berni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\Run: [Spotify] => C:\Users\Administrator.Bernis-Laptop\AppData\Roaming\Spotify\Spotify.exe --autostart
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3155640 2017-05-20] (Unified Intents AB)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\Run: [Spotify Web Helper] => C:\Users\Administrator.Bernis-Laptop\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\RunOnce: [C5_ResDefE] => C:\Program Files (x86)\Creative\Sound Blaster Play! 3\Program\Driver\WinVista\Bin\ResDefE.EXE [21992 2017-06-14] (Creative Technology Ltd.)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\RunOnce: [ProdReg] => C:\Program Files (x86)\Creative\Product Registration\ProdReg.exe [1690112 2014-02-24] (Creative Technology Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\MountPoints2: {8accd171-c843-11e4-806b-606c662f99db} - "D:\setup.exe"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\Run: [Dropbox Update] => C:\Users\Berni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\Run: [Spotify] => C:\Users\Administrator.Bernis-Laptop\AppData\Roaming\Spotify\Spotify.exe --autostart
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3155640 2017-05-20] (Unified Intents AB)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\Run: [Spotify Web Helper] => C:\Users\Administrator.Bernis-Laptop\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\RunOnce: [C5_ResDefE] => C:\Program Files (x86)\Creative\Sound Blaster Play! 3\Program\Driver\WinVista\Bin\ResDefE.EXE [21992 2017-06-14] (Creative Technology Ltd.)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\RunOnce: [ProdReg] => C:\Program Files (x86)\Creative\Product Registration\ProdReg.exe [1690112 2014-02-24] (Creative Technology Ltd)
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\MountPoints2: {8accd171-c843-11e4-806b-606c662f99db} - "D:\setup.exe"
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442461\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454803\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Finanzmanager 2016 Zahlungserinnerung.lnk [2016-05-07]
ShortcutTarget: Finanzmanager 2016 Zahlungserinnerung.lnk -> C:\Windows\Installer\{7429B83A-5AB6-4AEE-A53B-79B9742B9158}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2015-03-21]
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MOTU Pedal Service.lnk [2017-05-24]
ShortcutTarget: MOTU Pedal Service.lnk -> C:\Program Files (x86)\MOTU\Audio\MFWAKeys.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-09-25]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-21]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HiDrive.lnk [2017-10-03]
ShortcutTarget: HiDrive.lnk -> C:\Program Files (x86)\STRATO\HiDrive\HiDrive.App.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1de88ccc-b8ef-4484-95ea-2d17a1046d90}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{29b2ce7d-7d38-4c8b-b190-ff113af4276d}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3f9a483e-9e8f-41b9-8baf-2c8eb7a4c917}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2985758792-33507869-1880162607-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=RmRsIGU81QAe9xOAi053XGZc54s?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=RmRsIGU81QAe9xOAi053XGZc54s?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=RmRsIGU81QAe9xOAi053XGZc54s?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=RmRsIGU81QAe9xOAi053XGZc54s?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=RmRsIGU81QAe9xOAi053XGZc54s?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=RmRsIGU81QAe9xOAi053XGZc54s?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-09-03] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: FGCatchUrl -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> C:\Program Files (x86)\jccatch.dll [2007-08-06] (www.flashget.com)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-09-03] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-07-06] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-06] (Oracle Corporation)
BHO-x32: FlashGet GetFlash Class -> {F156768E-81EF-470C-9057-481BA8380DBA} -> C:\Program Files (x86)\getflash.dll [2007-05-18] (www.flashget.com)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-2985758792-33507869-1880162607-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1438280019487

FireFox:
========
FF DefaultProfile: e9wqvkp1.default
FF ProfilePath: C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\e9wqvkp1.default [2017-11-22]
FF Homepage: Mozilla\Firefox\Profiles\e9wqvkp1.default -> hxxp://www.t-online.de/
FF NewTab: Mozilla\Firefox\Profiles\e9wqvkp1.default -> www.t-online.de
FF Extension: (Avira Browserschutz) - C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\e9wqvkp1.default\Extensions\abs@avira.com.xpi [2017-10-28]
FF Extension: (Video Downloader Prime) - C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\e9wqvkp1.default\Extensions\jid1-i6dUGvCrz2WZu8@jetpack.xpi [2016-12-28]
FF Extension: (AdBlock) - C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\e9wqvkp1.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-11-15]
FF Extension: (Trusted Shops-Erweiterung für Firefox) - C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\e9wqvkp1.default\Extensions\jid1-PBNne26X1Kn6hQ@jetpack.xpi [2017-11-09]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\e9wqvkp1.default\features\{5c066f97-3f99-455e-802f-2b6bc53dc5ea}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-22] [Lagacy]
FF SearchPlugin: C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\e9wqvkp1.default\searchplugins\google-default.xml [2015-04-07]
FF HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch\firefoxconnector => nicht gefunden
FF HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch\firefoxconnector => nicht gefunden
FF HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch\firefoxconnector => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.5.699 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2016-09-25] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.5.699 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2016-09-25] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.t-online.de/","hxxp://www.t-online.de/"
CHR Profile: C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default [2017-10-31]
CHR Extension: (Präsentationen) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Docs) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Google Drive) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-21]
CHR Extension: (YouTube) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Google Cast) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-04-05]
CHR Extension: (Adblock Plus) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-31]
CHR Extension: (Google-Suche) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-06]
CHR Extension: (Tabellen) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Avira Browserschutz) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-30]
CHR Extension: (Google Docs Offline) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Local Image File Viewer) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlckkgdiojkapplglfeomlkjllphilo [2017-04-10]
CHR Extension: (Skype) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-08-13]
CHR Extension: (Simple Reload All Tabs) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjgnnhafpjijpmhjlhbnlkeddmajmnbb [2017-04-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-02]
CHR Extension: (Amazon) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-05-15]
CHR Extension: (Google Mail) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-15]
CHR Extension: (Chrome Media Router) - C:\Users\Berni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2985758792-33507869-1880162607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch\ChromeConnector\ChromeConnector.crx <nicht gefunden>
CHR HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch\ChromeConnector\ChromeConnector.crx <nicht gefunden>
CHR HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch\ChromeConnector\ChromeConnector.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Berni\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-03-18]

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [224176 2010-11-18] ()
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128944 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-11-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1526832 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [413592 2017-11-02] (Avira Operations GmbH & Co. KG)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3883544 2016-12-22] (devolo AG)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [Datei ist nicht signiert]
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2015-10-25] (Google)
R2 HiDriveMaintenanceService; C:\Program Files (x86)\STRATO\HiDrive\Updater\MaintenanceService.exe [914096 2017-07-31] ()
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [135408 2015-06-18] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66088 2016-03-03] (Haufe-Lexware GmbH & Co. KG)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MOTUProAudioHTTPServer; C:\Program Files (x86)\MOTU\Pro Audio\Service\MOTUProAudioHTTPServer.exe [435208 2017-10-11] ()
R2 MOTU_ZeroConf; C:\Program Files (x86)\MOTU\Pro Audio\Service\motuDNSResponder.exe [391472 2014-12-11] (MOTU Inc.)
R2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [20912752 2017-09-27] (Native Instruments GmbH)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [412808 2017-07-05] (Geek Software GmbH)
S2 RealPlayerUpdateSvc; C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe [35104 2016-09-03] ()
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [987408 2016-09-25] (RealNetworks, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-08-25] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-16] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-09-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-09-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2015-03-11] (Disc Soft Ltd)
R0 hotcore3; C:\WINDOWS\System32\DRIVERS\hotcore3.sys [33968 2015-08-26] (Paragon Software Group)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2017-10-02] (REALiX(tm))
S3 KsUSBa64; C:\WINDOWS\system32\drivers\ksUSBa64.sys [1671656 2017-06-14] (Creative Technology Ltd.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-22] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S3 mlkumidi; C:\WINDOWS\system32\drivers\mlkumidi.sys [55856 2014-08-30] (MusicLab, Inc.)
S3 MOTU; C:\WINDOWS\System32\Drivers\MOTUProAudio.sys [167848 2017-10-11] (MOTU, Inc)
R3 motubus; C:\WINDOWS\system32\drivers\MotuBus64.sys [32016 2015-07-14] (Mark of the Unicorn)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2017-03-18] (Intel Corporation)
S3 nika6audio; C:\WINDOWS\System32\Drivers\nika6audio.sys [375720 2015-09-09] (Native Instruments GmbH)
S3 nika6usb; C:\WINDOWS\system32\DRIVERS\nika6usb.sys [93536 2015-09-09] (Native Instruments GmbH)
R3 NIWinCDEmu; C:\WINDOWS\System32\drivers\NIWinCDEmu.sys [111696 2015-03-12] ()
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2016-12-22] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvpmwu.inf_amd64_f2045d1eeb288d10\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 synusb64; C:\WINDOWS\System32\drivers\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-12-19] ()
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-12-19] ()
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2014-12-19] ()
R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2017-05-20] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-11-22 16:37 - 2017-11-22 16:38 - 000056675 _____ C:\Users\Berni\Desktop\FRST.txt
2017-11-22 16:36 - 2017-11-22 16:36 - 002391552 _____ (Farbar) C:\Users\Berni\Desktop\FRST64.exe
2017-11-21 07:13 - 2017-11-21 07:13 - 000000000 ___HD C:\OneDriveTemp
2017-11-20 05:04 - 2017-11-20 05:05 - 000000000 ____D C:\Users\Berni\Documents\Cubase
2017-11-17 14:31 - 2017-11-17 16:45 - 000000000 ____D C:\Users\Berni\AppData\Roaming\PhonerLite
2017-11-17 14:31 - 2017-11-17 14:31 - 000001112 _____ C:\Users\Berni\Desktop\PhonerLite.lnk
2017-11-17 14:31 - 2017-11-17 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhonerLite
2017-11-17 14:31 - 2017-11-17 14:31 - 000000000 ____D C:\Program Files (x86)\PhonerLite
2017-11-17 06:52 - 2017-11-17 06:52 - 000951466 _____ C:\Users\Berni\Documents\2017-11-17 Gewinnermittlung PV Anlage 2014001.pdf
2017-11-17 05:55 - 2017-11-17 05:55 - 000001228 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-11-17 05:53 - 2017-11-17 05:53 - 000000000 ____D C:\Users\Berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-15 18:21 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-15 18:21 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-15 18:21 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-15 18:21 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-15 18:21 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-15 18:21 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-15 18:21 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-15 18:21 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-15 18:21 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-15 18:21 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-15 18:21 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-15 18:21 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-15 18:21 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-15 18:21 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-15 18:21 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-15 18:21 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-15 18:21 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-15 18:21 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-15 18:21 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-15 18:21 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-15 18:21 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-15 18:21 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-15 18:21 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-15 18:21 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-15 18:21 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-15 18:21 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-15 18:21 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-15 18:21 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-15 18:21 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-15 18:21 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-15 18:21 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-15 18:21 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-15 18:21 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-15 18:21 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-15 18:21 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-15 18:21 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-15 18:21 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-15 18:21 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-15 18:21 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-15 18:21 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-15 18:21 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-15 18:21 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-15 18:21 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-15 18:21 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-15 18:21 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-15 18:21 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-15 18:21 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-15 18:21 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-15 18:21 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-15 18:21 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-15 18:21 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-15 18:21 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-15 18:21 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-15 18:21 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-15 18:21 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-15 18:21 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-15 18:21 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-15 18:21 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-15 18:21 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-15 18:21 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-15 18:21 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-15 18:21 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-15 18:21 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-15 18:21 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-15 18:21 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-15 18:21 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-15 18:21 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-15 18:21 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-15 18:21 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-15 18:21 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-15 18:21 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-15 18:21 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-15 18:21 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-15 18:21 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-15 18:21 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-15 18:21 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-15 18:21 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-15 18:21 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-15 18:21 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-15 18:21 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-15 18:21 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-15 18:21 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-15 18:21 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-15 18:21 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-15 18:21 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-15 18:21 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-15 18:21 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-15 18:21 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-15 18:21 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-15 18:21 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-15 18:21 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-15 18:21 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-15 18:21 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-15 18:21 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-15 18:21 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-15 18:21 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-15 18:21 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-15 18:21 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-15 18:21 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-15 18:21 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-15 18:21 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-15 18:21 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-15 18:21 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-15 18:21 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-15 18:21 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-15 18:21 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-15 18:21 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-15 18:21 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-15 18:21 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-15 18:21 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-15 18:21 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-15 18:21 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-15 18:20 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-15 18:20 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-15 18:20 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-15 18:20 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-15 18:20 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-15 18:20 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-15 18:20 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-15 18:20 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-15 18:20 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-15 18:20 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-15 18:20 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-15 18:20 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-15 18:20 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-15 18:20 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-15 18:20 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-15 18:20 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-15 18:20 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-15 18:20 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-15 18:20 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-15 18:20 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-15 18:20 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-15 18:20 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-15 18:20 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-15 18:20 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-15 18:20 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-15 18:20 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-15 18:20 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-15 18:20 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-15 18:20 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-15 18:20 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-15 18:20 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-15 18:20 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-15 18:20 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-15 18:20 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-15 18:20 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-15 18:20 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-15 18:20 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-15 18:20 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-15 18:20 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-15 18:20 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-15 18:20 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-15 18:20 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-15 18:20 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-15 18:20 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-15 18:20 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-15 18:20 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-15 18:20 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-15 18:20 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-15 18:20 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-15 18:20 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-15 18:20 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-15 18:20 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-15 18:20 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-15 18:20 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-15 18:20 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-15 18:20 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-15 18:20 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-15 18:20 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-15 18:20 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-15 18:20 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-15 18:20 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-15 18:20 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-15 18:20 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-15 18:20 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-15 18:20 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-15 18:20 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-15 18:20 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-15 18:20 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-15 18:20 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-15 18:20 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-15 18:20 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-15 18:20 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-15 18:20 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-15 18:20 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-15 18:20 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-15 18:20 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-15 18:20 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-15 18:20 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-15 18:20 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-15 18:20 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-15 18:20 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-15 18:20 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-15 18:20 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-15 18:20 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-15 18:20 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-15 18:20 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-15 18:20 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-15 18:20 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-15 18:20 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-15 18:20 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-15 18:20 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-15 18:20 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-15 18:20 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-15 18:20 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-15 18:20 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-13 16:20 - 2017-11-13 16:20 - 000001394 _____ C:\Users\Public\Desktop\MOTU Pro Audio WebUI Setup.lnk
2017-11-13 16:20 - 2017-10-11 09:31 - 000167848 _____ (MOTU, Inc) C:\WINDOWS\system32\Drivers\MOTUProAudio.sys
2017-11-13 15:06 - 2017-11-13 15:06 - 000708205 _____ C:\Users\Berni\Documents\2016-2017 Gewinnermittlung Photovoltaik007.pdf
2017-11-13 14:52 - 2017-11-13 14:52 - 001165746 _____ C:\Users\Berni\Documents\2016-2017 EWE Erstattung006.pdf
2017-11-13 14:49 - 2017-11-13 14:49 - 001436255 _____ C:\Users\Berni\Documents\2016-2017 EWE Erstattung005.pdf
2017-11-12 16:00 - 2017-11-12 15:55 - 000002074 _____ C:\Users\Berni\Desktop\set-Segoe.reg
2017-11-10 14:28 - 2017-11-10 14:32 - 000000705 _____ C:\Users\Berni\Desktop\set-Verdana.reg
2017-11-10 14:21 - 2017-11-10 14:22 - 554332540 _____ C:\WINDOWS\system32\registry Backup.reg
2017-11-09 13:40 - 2017-11-09 13:40 - 000000000 ____D C:\Users\Public\Documents\Motu
2017-11-09 04:26 - 2017-11-09 04:26 - 000059904 _____ C:\Users\Berni\Desktop\Microsoft Publisher-Dokument (neu).pub
2017-11-08 21:27 - 2017-11-08 21:29 - 746533480 _____ C:\Users\Berni\Desktop\Backup08.11.20172127.reg
2017-11-06 23:11 - 2017-11-22 07:12 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-06 23:11 - 2017-11-06 23:11 - 000001924 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-06 23:11 - 2017-11-06 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-06 23:10 - 2017-11-06 23:10 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2017-11-06 23:10 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-04 11:07 - 2017-11-04 11:07 - 000000000 ____D C:\Users\Berni\Documents\VST XMLs
2017-11-04 09:03 - 2017-11-04 10:51 - 000000000 ____D C:\Users\Berni\AppData\Roaming\Celemony Software GmbH
2017-11-04 08:47 - 2017-11-04 08:47 - 000000000 ____D C:\Users\Public\Documents\Celemony
2017-11-04 08:47 - 2017-11-04 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celemony
2017-11-04 08:47 - 2017-11-04 08:47 - 000000000 ____D C:\ProgramData\Celemony Software GmbH
2017-11-04 08:47 - 2017-11-04 08:47 - 000000000 ____D C:\Program Files\Common Files\Celemony
2017-11-04 08:47 - 2017-11-04 08:47 - 000000000 ____D C:\Program Files\Celemony
2017-11-04 08:47 - 2017-11-04 08:47 - 000000000 ____D C:\Program Files (x86)\Celemony
2017-11-04 08:19 - 2017-11-04 08:19 - 000000000 __HDC C:\ProgramData\{0A33A878-C40B-45AA-942C-67C40B5F8B30}
2017-11-02 09:35 - 2017-11-02 22:25 - 000001193 _____ C:\Users\Berni\Desktop\Hauptwerk.lnk
2017-11-02 09:35 - 2017-11-02 09:35 - 000001302 _____ C:\Users\Berni\Desktop\Hauptwerk user guide.lnk
2017-11-02 09:35 - 2017-11-02 09:35 - 000001087 _____ C:\Users\Berni\Desktop\Hauptwerk (alt config 3).lnk
2017-11-02 09:35 - 2017-11-02 09:35 - 000001087 _____ C:\Users\Berni\Desktop\Hauptwerk (alt config 2).lnk
2017-11-02 09:35 - 2017-11-02 09:35 - 000001087 _____ C:\Users\Berni\Desktop\Hauptwerk (alt config 1).lnk
2017-11-02 09:35 - 2017-11-02 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauptwerk Virtual Pipe Organ
2017-11-02 09:34 - 2017-11-02 09:35 - 000000000 ____D C:\Program Files\Hauptwerk Virtual Pipe Organ
2017-11-02 09:34 - 2017-11-02 09:34 - 000000000 ____D C:\Program Files (x86)\HauptwerkJavaRuntime
2017-11-02 09:34 - 2017-11-02 09:34 - 000000000 ____D C:\Hauptwerk
2017-11-02 08:32 - 2017-11-02 09:12 - 000000114 _____ C:\ProgramData\.vslscantool_path
2017-11-02 08:24 - 2017-11-02 08:24 - 000000000 ____D C:\Users\Public\Documents\VSL Custom Data
2017-11-02 05:52 - 2017-11-02 05:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vienna Instruments
2017-11-02 05:52 - 2017-11-02 05:52 - 000000000 ____D C:\Program Files\Vienna Instruments
2017-11-02 05:51 - 2017-11-02 08:28 - 000000000 ____D C:\ProgramData\VSL
2017-11-02 05:51 - 2017-11-02 05:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vienna Ensemble Pro
2017-11-02 05:51 - 2017-11-02 05:51 - 000000000 ____D C:\Program Files\Common Files\MOTU
2017-11-02 05:51 - 2017-11-02 05:51 - 000000000 ____D C:\Program Files (x86)\Vienna Ensemble Pro
2017-11-02 05:39 - 2017-11-03 07:58 - 000000000 ____D C:\Users\Berni\AppData\Roaming\VSL
2017-11-02 05:39 - 2017-11-02 05:51 - 000000000 ____D C:\Program Files\Vienna Ensemble Pro
2017-11-02 05:39 - 2017-10-06 09:40 - 000108400 _____ C:\WINDOWS\system32\veproshared64.dll
2017-11-02 05:39 - 2017-10-06 09:40 - 000085360 _____ C:\WINDOWS\SysWOW64\veproshared32.dll
2017-11-02 05:38 - 2017-11-17 06:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-11-01 22:49 - 2017-11-01 22:49 - 000000000 ____D C:\Program Files (x86)\Propellerhead
2017-11-01 20:12 - 2017-11-01 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vienna Download Manager
2017-11-01 20:12 - 2017-11-01 20:12 - 000000000 ____D C:\Program Files\Vienna Download Manager
2017-11-01 19:48 - 2017-11-01 19:48 - 000000000 __HDC C:\ProgramData\{14BC4D33-B3C6-424D-B0D2-8F8E46B4EC04}
2017-11-01 19:47 - 2017-11-01 19:47 - 000002238 _____ C:\Users\Berni\Desktop\HALion Sonic.lnk
2017-11-01 19:47 - 2017-11-01 19:47 - 000000000 ____D C:\Users\Berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALion Sonic
2017-11-01 19:26 - 2017-11-01 19:47 - 000000000 ____D C:\Users\Berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALion Library Manager
2017-11-01 18:30 - 2017-11-01 18:30 - 000000000 _____ C:\Users\Berni\soniccouture-01-11-17.crash
2017-11-01 16:16 - 2017-11-01 16:16 - 000000000 __HDC C:\ProgramData\{7E458FB9-772D-4FD2-82F9-C258731E7DE6}
2017-11-01 04:44 - 2017-11-01 04:44 - 000000000 __HDC C:\ProgramData\{E247A448-6FA2-4B84-B9AE-F4BE54CBAA42}
2017-11-01 00:37 - 2017-11-01 00:37 - 000000000 __HDC C:\ProgramData\{AC25341C-C109-41D3-9C13-3A0346BD317B}
2017-10-31 23:44 - 2017-10-31 23:44 - 000000000 __HDC C:\ProgramData\{B52BAF54-A7D8-4EA2-A9AD-1F74FDFA253C}
2017-10-31 23:32 - 2017-10-31 23:32 - 000000000 __HDC C:\ProgramData\{8279D4CC-FAF6-43FE-BD97-323E391C6156}
2017-10-31 23:24 - 2017-11-02 05:52 - 000000000 ____D C:\Program Files\VSTPlugins
2017-10-31 23:24 - 2017-10-31 23:24 - 000001099 _____ C:\Users\Public\Desktop\Kontakt 5.lnk
2017-10-31 23:24 - 2017-10-31 23:24 - 000000000 __HDC C:\ProgramData\{59EC887D-1428-4C49-B6B2-8AF316BA697A}
2017-10-31 23:23 - 2017-10-31 23:23 - 000000000 __HDC C:\ProgramData\{E7C8DC2D-80E8-4183-83D2-E0A0DFC866C7}
2017-10-31 23:22 - 2017-10-31 23:22 - 000000000 __HDC C:\ProgramData\{4B46290B-9384-4D38-8F9D-42C7DDBBBFFE}
2017-10-31 22:27 - 2017-10-31 22:27 - 000000000 __HDC C:\ProgramData\{2D7A070B-3118-4939-B207-6D09CD60972F}
2017-10-31 11:08 - 2017-10-31 11:08 - 000000129 _____ C:\WINDOWS\wininit.ini
2017-10-31 10:32 - 2017-10-31 10:32 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-31 10:31 - 2017-10-31 11:08 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-10-31 10:31 - 2017-10-31 10:31 - 000001472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-10-31 10:31 - 2017-10-31 10:31 - 000001460 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-10-31 10:31 - 2017-10-31 10:31 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-10-31 10:31 - 2017-10-31 10:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-10-31 10:31 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2017-10-31 10:30 - 2017-10-31 10:31 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-11-22 16:37 - 2015-07-15 20:56 - 000000000 ____D C:\FRST
2017-11-22 16:24 - 2017-10-01 11:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-22 16:24 - 2016-11-22 09:19 - 000000000 ____D C:\Users\Berni\AppData\LocalLow\Mozilla
2017-11-22 10:45 - 2017-10-04 04:00 - 000000000 ____D C:\Users\Berni\Documents\hardware
2017-11-22 09:47 - 2017-03-18 22:02 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-22 09:47 - 2017-03-18 22:02 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-22 09:43 - 2015-05-14 12:20 - 000000000 ____D C:\Users\Berni\AppData\Roaming\Nitro PDF
2017-11-22 09:42 - 2017-10-03 08:15 - 000000000 ___RD C:\Users\Berni\HiDrive
2017-11-22 09:42 - 2017-10-01 11:54 - 000000000 ____D C:\Users\Berni
2017-11-22 09:42 - 2015-05-13 20:06 - 000000000 ___RD C:\Users\Berni\OneDrive
2017-11-22 09:42 - 2015-03-25 22:55 - 000000000 __SHD C:\Users\Berni\IntelGraphicsProfiles
2017-11-22 09:42 - 2015-03-13 16:31 - 000000000 ____D C:\Users\Berni\AppData\Local\Adobe
2017-11-22 07:17 - 2017-10-01 11:54 - 003541990 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-22 07:17 - 2017-03-20 05:40 - 001678110 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-22 07:17 - 2017-03-20 05:40 - 000418466 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-22 07:12 - 2017-10-01 12:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-22 07:12 - 2016-09-25 10:36 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-21 23:36 - 2017-10-01 12:08 - 000004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{67DF6E7B-A221-442F-BAAE-86BAADB87053}
2017-11-21 09:48 - 2017-10-01 12:08 - 000003976 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1486726643
2017-11-21 09:48 - 2017-06-30 11:40 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2017-11-21 09:48 - 2017-02-10 12:37 - 000000000 ____D C:\Program Files\Opera
2017-11-21 07:15 - 2015-03-12 03:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-21 07:14 - 2017-10-01 11:54 - 000000000 ____D C:\Users\Administrator.Bernis-Laptop
2017-11-21 07:06 - 2017-10-11 05:04 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-21 07:06 - 2015-03-12 03:08 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-20 05:13 - 2017-10-01 11:54 - 000000000 ____D C:\Users\DefaultAppPool
2017-11-19 10:09 - 2015-11-12 17:19 - 000000000 ____D C:\Users\Berni\Documents\Ebay
2017-11-18 11:39 - 2015-03-11 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-11-18 07:28 - 2015-07-08 15:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-18 07:28 - 2015-03-14 21:35 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-18 07:28 - 2015-03-11 19:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-17 14:39 - 2017-03-18 22:02 - 000000000 ____D C:\WINDOWS\rescache
2017-11-17 05:55 - 2015-03-11 19:39 - 000001240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-17 05:53 - 2015-05-06 17:48 - 000000000 ____D C:\Users\Berni\AppData\Roaming\Dropbox
2017-11-17 05:50 - 2015-03-11 19:39 - 000000000 ____D C:\Users\Berni\AppData\Roaming\Mozilla
2017-11-16 09:49 - 2017-03-18 22:02 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-11-16 09:45 - 2015-08-11 12:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-15 20:25 - 2015-03-12 00:20 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-11-15 20:25 - 2009-07-14 03:34 - 000000260 _____ C:\WINDOWS\win.ini
2017-11-15 20:23 - 2017-03-18 22:00 - 000000000 ____D C:\WINDOWS\INF
2017-11-15 20:13 - 2017-10-01 11:52 - 005247792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-15 20:12 - 2017-03-18 22:02 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-15 20:12 - 2017-03-18 22:02 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-15 20:12 - 2017-03-18 22:02 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-15 20:12 - 2017-03-18 22:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-15 20:12 - 2017-03-18 22:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 20:12 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-11-15 18:27 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-15 18:21 - 2015-03-11 21:30 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-14 20:17 - 2015-05-15 05:07 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 15:00 - 2017-10-01 12:08 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-11-14 14:59 - 2015-05-01 04:45 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-14 14:46 - 2017-03-18 22:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-14 14:46 - 2017-03-18 22:02 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-13 20:11 - 2017-10-01 12:08 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-13 20:11 - 2017-10-01 12:08 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-13 16:20 - 2017-05-24 20:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOTU
2017-11-13 16:20 - 2017-05-24 20:49 - 000000000 ____D C:\Program Files (x86)\MOTU
2017-11-08 20:36 - 2017-03-18 22:02 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2017-11-08 17:38 - 2015-05-15 05:14 - 000000000 ____D C:\Users\Berni\AppData\Local\ElevatedDiagnostics
2017-11-08 06:15 - 2015-03-11 17:34 - 000000275 _____ C:\WINDOWS\WindowsUpdate.log.bak
2017-11-07 11:42 - 2017-10-01 12:08 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2985758792-33507869-1880162607-1000
2017-11-07 11:42 - 2015-08-11 12:17 - 000002438 _____ C:\Users\Berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-05 02:40 - 2017-03-18 22:04 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-05 02:40 - 2017-03-18 22:04 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-04 15:52 - 2017-03-18 22:02 - 000000000 ____D C:\WINDOWS\system32\Catroot2.bak
2017-11-04 08:47 - 2015-03-19 17:33 - 000000000 ____D C:\Program Files\Common Files\VST3
2017-11-04 08:47 - 2015-03-11 18:29 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-11-04 08:19 - 2015-03-13 13:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2017-11-04 08:19 - 2015-03-13 13:17 - 000000000 ____D C:\Program Files\Native Instruments
2017-11-04 04:30 - 2015-04-08 06:20 - 000000000 ____D C:\Users\Berni\AppData\Local\JDownloader 2.0
2017-11-02 08:38 - 2017-08-02 19:30 - 000000016 _____ C:\Users\Berni\AppData\Roaming\msregsvv.dll
2017-11-02 08:38 - 2015-03-26 17:35 - 000000016 _____ C:\ProgramData\autobk.inc
2017-11-02 08:38 - 2015-03-11 22:44 - 000000000 ____D C:\Users\Berni\AppData\Roaming\MAGIX
2017-11-02 08:38 - 2015-03-11 22:37 - 000000000 ____D C:\ProgramData\MAGIX
2017-11-02 05:52 - 2015-03-12 00:29 - 000000000 ____D C:\Program Files (x86)\VSTPlugins
2017-11-01 20:07 - 2015-06-24 20:58 - 000000000 ____D C:\tmp
2017-11-01 19:50 - 2015-04-22 05:45 - 000000000 ____D C:\Users\Berni\AppData\Roaming\Steinberg
2017-11-01 19:50 - 2015-03-11 23:41 - 000000000 ____D C:\Users\Berni\Documents\Native Instruments
2017-11-01 19:47 - 2017-10-02 04:25 - 000001288 _____ C:\Users\Public\Desktop\eLicenser Control Center.lnk
2017-11-01 19:47 - 2015-04-22 05:45 - 000000000 ____D C:\Program Files\Steinberg
2017-11-01 16:16 - 2015-03-11 22:06 - 000000000 ____D C:\Program Files\Common Files\Native Instruments
2017-11-01 05:23 - 2017-06-01 01:31 - 000001524 _____ C:\Users\Public\Desktop\Steinberg Download Assistant.lnk
2017-10-31 11:13 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-10-31 10:32 - 2015-07-05 05:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-23 14:34 - 2015-03-11 21:51 - 000000000 ____D C:\Users\Berni\AppData\Roaming\TeamViewer

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2007-09-19 08:25 - 2007-09-19 08:25 - 000022486 _____ () C:\Program Files (x86)\cd.ico
2007-05-18 17:13 - 2007-05-18 17:13 - 001030144 _____ (Microsoft Corporation) C:\Program Files (x86)\dbghelp.dll
2007-05-18 17:13 - 2007-05-18 17:13 - 000045056 _____ (flashget) C:\Program Files (x86)\debugrpt.dll
2015-03-11 21:25 - 2015-03-11 21:25 - 000001098 _____ () C:\Program Files (x86)\fgbhocfg.ini
2007-06-15 07:35 - 2007-06-15 07:35 - 000626688 _____ () C:\Program Files (x86)\FGBTCORE.dll
2007-06-14 11:52 - 2007-06-14 11:52 - 001327184 _____ () C:\Program Files (x86)\FGEMCORE.dll
2007-05-18 17:13 - 2007-05-18 17:13 - 000053329 _____ (www.flashget.com) C:\Program Files (x86)\fgmgr.dll
2007-05-18 17:13 - 2007-05-18 17:13 - 000176208 _____ (www.flashget.com) C:\Program Files (x86)\fgupdate.dll
2007-09-25 09:10 - 2007-09-25 09:10 - 002007088 _____ (FlashGet.com) C:\Program Files (x86)\flashget.exe
2007-05-18 17:13 - 2007-05-18 17:13 - 000000546 _____ () C:\Program Files (x86)\flashget.exe.manifest
2007-05-18 17:13 - 2007-05-18 17:13 - 000163840 _____ (www.flashget.com) C:\Program Files (x86)\getflash.dll
2007-05-18 17:13 - 2007-05-18 17:13 - 001145896 _____ (Google) C:\Program Files (x86)\gt.exe
2007-08-06 10:11 - 2007-08-06 10:11 - 000094308 _____ (www.flashget.com) C:\Program Files (x86)\jccatch.dll
2007-05-18 17:13 - 2007-05-18 17:13 - 000001049 _____ () C:\Program Files (x86)\JC_ALL.HTM
2007-05-18 17:13 - 2007-05-18 17:13 - 000001898 _____ () C:\Program Files (x86)\JC_LINK.HTM
2007-05-18 17:13 - 2007-05-18 17:13 - 000007491 _____ () C:\Program Files (x86)\license.txt
2007-05-18 17:13 - 2007-05-18 17:13 - 000000465 _____ () C:\Program Files (x86)\Normal.jcs
2007-05-18 17:13 - 2007-05-18 17:13 - 000003634 _____ () C:\Program Files (x86)\Readme.txt
2007-05-18 17:13 - 2007-05-18 17:13 - 000000599 _____ () C:\Program Files (x86)\Table.jcs
2015-03-11 21:25 - 2015-03-11 21:25 - 000189368 _____ () C:\Program Files (x86)\uninst.exe
2007-09-24 04:41 - 2007-09-24 04:41 - 000018296 _____ () C:\Program Files (x86)\WHATSNEW.TXT
2013-06-29 13:33 - 2013-06-29 13:33 - 000037607 _____ () C:\Program Files (x86)\Common Files\license.rtf
2013-06-29 13:33 - 2013-06-29 13:33 - 000008046 _____ () C:\Program Files (x86)\Common Files\setupBanner.jpg
2015-06-23 21:19 - 2015-06-23 21:19 - 000001153 _____ () C:\Users\Berni\AppData\Roaming\ACInitialize.log
2016-05-03 08:32 - 2016-05-03 08:32 - 000009398 _____ () C:\Users\Berni\AppData\Roaming\Durch Trennzeichen getrennte Werte.EML
2017-08-02 19:30 - 2017-11-02 08:38 - 000000016 _____ () C:\Users\Berni\AppData\Roaming\msregsvv.dll
2015-03-28 23:00 - 2015-03-28 23:57 - 000005120 _____ () C:\Users\Berni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-12 09:25 - 2016-11-12 09:25 - 000008380 _____ () C:\Users\Berni\AppData\Local\recently-used.xbel
2015-04-17 12:13 - 2015-09-16 03:20 - 000007640 _____ () C:\Users\Berni\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-11-18 13:35

==================== Ende von FRST.txt ============================

cosinus 22.11.2017 22:39
addition.txt Logfile fehlt...

ImmiMax 23.11.2017 15:09
Addition.txt Teil 1
 
Oh sorry, habe ich übersehen, dass der Text wegen der Überlänge gar nicht angenommen wurde.

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-11-2017
durchgeführt von Berni (22-11-2017 16:38:30)
Gestartet von C:\Users\Berni\Desktop
Windows 10 Pro N Version 1703 15063.726 (X64) (2017-10-01 11:11:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2985758792-33507869-1880162607-500 - Administrator - Disabled) => C:\Users\Administrator.Bernis-Laptop
Berni (S-1-5-21-2985758792-33507869-1880162607-1000 - Administrator - Enabled) => C:\Users\Berni
DefaultAccount (S-1-5-21-2985758792-33507869-1880162607-503 - Limited - Disabled)
Gast (S-1-5-21-2985758792-33507869-1880162607-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2985758792-33507869-1880162607-1009 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3DCrafter (HKLM-x32\...\{C5AA22DF-CA45-4F3E-B015-B1480441B52E}) (Version: 9.3.0.1591 - Amabilis Software)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe Audition 3 Vista Compatibility (HKLM\...\{22950922-8438-4c84-80d5-a17e6c2a5717}.sdb) (Version:  - )
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Audition 3.0.1 Patch (HKLM-x32\...\{CDEBE7FF-C832-4B91-9214-A4CA610D78C9}) (Version: 3.00.1000 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.2 - Adobe Systems Incorporated)
Analog Lab 2 2.0.2 (HKLM-x32\...\Analog Lab 2_is1) (Version: 2.0.2 - Arturia)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Anvil Studio 2015 (HKLM-x32\...\{BA13B3DD-F8C9-4E33-B792-860B65DD5AE3}) (Version: 15.08.04 - Willow Software)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
A-PRO Driver (HKLM\...\RolandRDID0102) (Version:  - Roland Corporation)
Arturia Software Center 1.1.9 (HKLM-x32\...\Arturia Software Center_is1) (Version: 1.1.9 - Arturia)
Ashampoo Burning Studio 2016 (HKLM-x32\...\{91B33C97-B4A4-B41A-6B97-C62C82CEB6A9}_is1) (Version: 16.0.2 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Avira (HKLM-x32\...\{37C2DE81-46FA-4EB3-83A5-F0D8F5B08F6E}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{5a024a65-9f29-41b1-b178-946c9f826e72}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.33.24 - Avira Operations GmbH & Co. KG)
Beurer HealthManager (HKLM-x32\...\{19085CFD-F909-4E1E-838F-6C123F34B8CC}) (Version: 3.2.0.0 - Beurer Health And Well-Being) Hidden
Beurer HealthManager (HKLM-x32\...\Beurer*HealthManager) (Version: 3.2.0.0 - Beurer Health And Well-Being)
Blender (HKLM\...\{70DFC1C6-C234-4B4D-87C1-E01793AAB130}) (Version: 2.78.0 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{E7AFA156-D5CB-4B8C-843D-E7CA58D36B0A}) (Version: 8.6.0.2054 - TechSmith Corporation)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.2.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.0 - Canon Inc.)
Command Center (HKLM-x32\...\{B5C98C54-097A-4B4C-8189-FEF1C79F3638}_is1) (Version: 1.1.7.1 - Cakewalk Music Software)
Connect (HKLM-x32\...\Connect 2.2.2) (Version: 2.2.2 - Continuata)
CPUID CPU-Z 1.80 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4210.0 - Ihr Firmenname) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4210.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
DDBAC (HKLM-x32\...\{79B95C3D-7DD0-4D4B-A449-49FF0E5E141C}) (Version: 5.3.46.0 - DataDesign)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.16 - NCH Software)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.2.0 - devolo AG)
Dropbox (HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Dropbox) (Version: 39.4.49 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Dropbox) (Version: 39.4.49 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Dropbox) (Version: 39.4.49 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\Dropbox) (Version: 36.4.22 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\Dropbox) (Version: 36.4.22 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\Dropbox) (Version: 36.4.22 - Dropbox, Inc.)
EasyFit (HKLM-x32\...\{25819AEA-328B-4F18-A53C-EAAAFFF0DBEF}) (Version: 2.30.0000 - Beurer GmbH)
E-License Manager (HKLM\...\{E605F95E-31D3-4C9B-A411-BC6A51F8EE48}) (Version: 1.3.0.0 - Magix) Hidden
E-License Manager (HKLM-x32\...\E-License Manager) (Version: 1.3.0.0 - Best Service)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.10.6.2216 - Steinberg Media Technologies GmbH)
Engine 2 (HKLM\...\{EEBB1282-AF42-4A11-9DCA-A8DD1CF565CF}) (Version: 2.3.0.25 - Best Service) Hidden
Engine 2 (HKLM-x32\...\Engine 2) (Version: 2.3.0.25 - Best Service)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Express Zip File Compression (HKLM-x32\...\ExpressZip) (Version: 2.33 - NCH Software)
Finanzmanager 2016 (HKLM-x32\...\{7429B83A-5AB6-4AEE-A53B-79B9742B9158}) (Version: 23.39.00.0197 - Haufe-Lexware GmbH & Co.KG) Hidden
Finanzmanager Import Export Server 2016 (HKLM-x32\...\{EAC3DD93-4552-4C35-A5EC-3930E0C3BBF5}) (Version: 23.37.00.0125 - Haufe-Lexware GmbH & Co.KG) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FlashGet 1.9.6.1073 (HKLM-x32\...\FlashGet) (Version: 1.9.6.1073 - hxxp://www.FlashGet.com)
Fotogalerie (HKLM-x32\...\{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Geiss for Winamp 2x (remove only) (HKLM-x32\...\vis_geis.dllWinamp) (Version:  - )
G-Force (HKLM-x32\...\G-Force) (Version: 5.4.2 - SoundSpectrum)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.18) (Version: 9.18 - Artifex Software Inc.)
gsview (HKLM\...\gsview 6.0) (Version: 6.0 - Artifex Software Inc.)
Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2013.06.27 - www.hardcopy.de)
Hauptwerk (HKLM-x32\...\Hauptwerk) (Version: 4.2.1.3 - Milan Digital Audio)
HiDrive (HKLM-x32\...\{05279062-3A01-48C6-9EDD-994C26646921}) (Version: 4.4.0.0 - STRATO AG)
HWiNFO64 Version 5.58 (HKLM\...\HWiNFO64_is1) (Version: 5.58 - Martin Malík - REALiX)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Driver Update Utility 2.2 (HKLM-x32\...\{3EE9923D-3045-46AB-9CAA-E375993AEB4A}) (Version: 2.2.0.1 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{158FD6EB-3086-4BB6-8CC4-A7D7D0AE80B5}) (Version: 18.1.1525.1445 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jeta Logo Designer FREE EDITION 1.30 (HKLM-x32\...\{B9552944-5DB8-48C1-890A-9D4419F4984B}_is1) (Version: 1.30 - JETA.COM)
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
Knuddels Standalone App (HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
Knuddels Standalone App (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
Knuddels Standalone App (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
Knuddels Standalone App (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
Knuddels Standalone App (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
Knuddels Standalone App (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
Lexware Finanzmanager 2016 (HKLM-x32\...\{c1e70aab-69d5-45c3-aed1-998a2720748d}) (Version: 23.37.0.128 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (HKLM-x32\...\{1C3F4B46-9004-4830-BD7D-1137A615FBF0}) (Version: 16.00.00.0040 - Haufe-Lexware GmbH & Co.KG)
Lexware Installations Dienst (HKLM-x32\...\{6FF55A3A-4E59-4CF8-9248-2EE747168B3E}) (Version: 5.01.00.0040 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM-x32\...\{BDED7C2D-BAC0-40CA-90AA-E3D23FDAC87D}) (Version: 22.02.00.0040 - Haufe-Lexware GmbH & Co.KG) Hidden
LightUp v4.4f DEMO (64-bit) (HKLM\...\{05F0E444-4824-4636-A7BB-6EB0FAFF71E6}) (Version: 4.4.6 - Billyard Enterprises)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.0.2.0 - Lightworks)
MAGIX 3D Maker 7 Download-Version (HKLM-x32\...\{8F182094-4AF1-4961-896F-E497CDFF2370}) (Version: 7.0.0.482 - MAGIX AG) Hidden
MAGIX 3D Maker 7 Download-Version (HKLM-x32\...\MAGIX_MSI_3D7) (Version: 7.0.0.482 - MAGIX AG)
MAGIX Analogue Modelling Suite Plus (HKLM\...\{F485F2FE-1D3D-4F6D-AD4E-13FA5FB22A88}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Analogue Modelling Suite Plus (HKLM\...\MX.{F485F2FE-1D3D-4F6D-AD4E-13FA5FB22A88}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Burn routines (HKLM\...\{E1D960E1-A892-4795-A3E2-01D953E38B5F}) (Version: 12.0.0.240 - MAGIX Software GmbH) Hidden
MAGIX Burn routines (HKLM-x32\...\MX.{E1D960E1-A892-4795-A3E2-01D953E38B5F}) (Version: 12.0.0.240 - MAGIX Software GmbH)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX essentialFX Suite (HKLM\...\{CB7B17F4-3833-4699-890B-52C5D0AB926D}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX essentialFX Suite (HKLM\...\MX.{CB7B17F4-3833-4699-890B-52C5D0AB926D}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Foto Manager 12 (HKLM\...\{097A1C00-76CC-4DE8-BD84-7B724A24DF12}) (Version: 10.0.0.271 - MAGIX Software GmbH) Hidden
MAGIX Foto Manager 12 (HKLM-x32\...\MX.{097A1C00-76CC-4DE8-BD84-7B724A24DF12}) (Version: 10.0.0.271 - MAGIX Software GmbH)
MAGIX Independence Libraries Common Files (HKLM\...\{3A85C79B-B98A-4C08-ADFC-0EE15215C471}) (Version: 3.2.0.0 - MAGIX Software GmbH) Hidden
MAGIX Independence Libraries Common Files (HKLM\...\MX.{3A85C79B-B98A-4C08-ADFC-0EE15215C471}) (Version: 3.2.0.0 - MAGIX Software GmbH)
MAGIX Independence Pro 3.2 VST-Plugins (HKLM\...\{CE4E2B9B-9D8C-4857-8BD5-230CE6E24A3B}) (Version: 3.2.0.0 - MAGIX AG) Hidden
MAGIX Independence Pro 3.2 VST-Plugins (HKLM\...\{CEA5EC2A-7F16-41C1-819C-1E53097CE2C3}) (Version: 3.2.0.0 - MAGIX Software GmbH) Hidden
MAGIX Independence Pro 3.2 VST-Plugins (HKLM\...\MX.{CE4E2B9B-9D8C-4857-8BD5-230CE6E24A3B}) (Version: 3.2.0.0 - MAGIX AG)
MAGIX Independence Pro 3.2 VST-Plugins (HKLM\...\MX.{CEA5EC2A-7F16-41C1-819C-1E53097CE2C3}) (Version: 3.2.0.0 - MAGIX Software GmbH)
MAGIX Independence Pro Software Suite 3.2 (HKLM\...\{12FBE83D-482B-4D82-BAC7-665B7DD79DB2}) (Version: 3.2.0.91 - MAGIX AG) Hidden
MAGIX Independence Pro Software Suite 3.2 (HKLM\...\{8DC48D55-2E91-4ACE-9144-DAD198E0E89A}) (Version: 3.2.0.130 - MAGIX Software GmbH) Hidden
MAGIX Independence Pro Software Suite 3.2 (HKLM-x32\...\MX.{12FBE83D-482B-4D82-BAC7-665B7DD79DB2}) (Version: 3.2.0.91 - MAGIX AG)
MAGIX Independence Pro Software Suite 3.2 (HKLM-x32\...\MX.{8DC48D55-2E91-4ACE-9144-DAD198E0E89A}) (Version: 3.2.0.130 - MAGIX Software GmbH)
MAGIX Music Maker 2015 Premium (HKLM\...\{EC27D0F4-981D-431B-9F41-CE84163880F1}) (Version: 21.0.2.33 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium (HKLM-x32\...\MX.{EC27D0F4-981D-431B-9F41-CE84163880F1}) (Version: 21.0.2.33 - MAGIX Software GmbH)
MAGIX Music Maker 2015 Premium Soundpools (HKLM\...\{56986F92-9DF2-4973-8C93-C939C5FE39E2}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium Update (HKLM\...\{F96B18AE-0566-4A74-A0E9-5357EE85E6AE}) (Version: 21.0.3.38 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Soundpools (HKLM\...\{E6CE24FB-A70B-44D6-A37F-5EE69928E08B}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Studio 2015 (HKLM\...\{5C9E2F9D-E841-484F-8B23-F4FF70F30F01}) (Version: 21.0.0.16 - MAGIX Software GmbH) Hidden
MAGIX Music Studio 2015 (HKLM-x32\...\MX.{5C9E2F9D-E841-484F-8B23-F4FF70F30F01}) (Version: 21.0.0.16 - MAGIX Software GmbH)
Magix Music Studio 2015 Update (HKLM\...\{497F8089-45FE-42BF-8C7B-1AF256271F5B}) (Version: 21.0.3.40 - MAGIX Software GmbH) Hidden
Magix Music Studio 2015 Update (HKLM\...\{AC286F34-7029-4A16-A496-602F7318077A}) (Version: 21.0.2.36 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\{6CC16015-BF4F-4AD2-B70E-18ABFAE5F396}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{6CC16015-BF4F-4AD2-B70E-18ABFAE5F396}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Vandal VST-PlugIn (HKLM\...\{24F96DED-7B99-49C4-B877-CDCDC37762FA}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Vandal VST-PlugIn (HKLM\...\MX.{24F96DED-7B99-49C4-B877-CDCDC37762FA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX VariVerb II VST-PlugIn (HKLM\...\{7A97538C-6D3F-4BB5-B2A1-D0ECFB199A4C}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX VariVerb II VST-PlugIn (HKLM\...\MX.{7A97538C-6D3F-4BB5-B2A1-D0ECFB199A4C}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 (HKLM\...\{DA7B58E7-740A-4411-AC11-7D9BA50804E2}) (Version: 14.0.0.153 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 (HKLM\...\MX.{DA7B58E7-740A-4411-AC11-7D9BA50804E2}) (Version: 14.0.0.153 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Update (HKLM\...\{0EDD5135-FB1A-40B5-B916-0DF5812CF0AF}) (Version: 14.0.0.176 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Update (HKLM\...\{D2FB0240-9E08-4858-9532-EBF07532BD6D}) (Version: 14.0.0.172 - MAGIX Software GmbH) Hidden
MAGIX Vintage Effects Suite (HKLM\...\{48978B41-9CD5-4274-9519-B622DD89727D}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Vintage Effects Suite (HKLM\...\MX.{48978B41-9CD5-4274-9519-B622DD89727D}) (Version: 1.0.0.0 - MAGIX Software GmbH)
Malwarebytes Version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.01.0111 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Tool Web Package:diskpart.exe (HKLM-x32\...\{9782762F-639B-499B-A23D-5EBEAFC160E6}) (Version: 1.0.0.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e52a6842-b0ac-476e-b48f-378a97a67346}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{f325f05b-f963-4640-a43b-c8a494cdda0f}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MIDI-OX (HKLM-x32\...\{A6457851-5EA9-45B0-AF1D-D2A0A4781CFB}) (Version: 7.02.372 - MIDIOX Computing)
MiniTool Partition Wizard Free 10.2.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MOTU Hardware (HKLM\...\{E45DD703-F7E6-4C4E-85CB-42208A41E222}) (Version: 4.0.6.6814 - MOTU)
MOTU Pro Audio (HKLM\...\com_motu_installer_pro_audio_is1) (Version: 2.73991 - MOTU, Inc.)
Movie Maker (HKLM-x32\...\{03CC9D58-B132-4CC0-A521-4F3660AA43C7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0 (x64 de) (HKLM\...\Mozilla Firefox 57.0 (x64 de)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Mozilla Thunderbird 52.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.4.0 (x86 de)) (Version: 52.4.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
Native Instruments Abbey Road 50s Drummer (HKLM-x32\...\Native Instruments Abbey Road 50s Drummer) (Version: 1.2.0.11 - Native Instruments)
Native Instruments Abbey Road 60s Drummer (HKLM-x32\...\Native Instruments Abbey Road 60s Drummer) (Version: 1.3.0.12 - Native Instruments)
Native Instruments Abbey Road 70s Drummer (HKLM-x32\...\Native Instruments Abbey Road 70s Drummer) (Version: 1.3.0.8 - Native Instruments)
Native Instruments Abbey Road 80s Drummer (HKLM-x32\...\Native Instruments Abbey Road 80s Drummer) (Version: 1.3.0.5 - Native Instruments)
Native Instruments Abbey Road Modern Drummer (HKLM-x32\...\Native Instruments Abbey Road Modern Drummer) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Abbey Road Vintage Drummer (HKLM-x32\...\Native Instruments Abbey Road Vintage Drummer) (Version: 1.3.0.11 - Native Instruments)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.3.1.1628 - Native Instruments)
Native Instruments Action Strikes (HKLM-x32\...\Native Instruments Action Strikes) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Action Strings (HKLM-x32\...\Native Instruments Action Strings) (Version: 1.5.0.1 - Native Instruments)
Native Instruments Alicias Keys (HKLM-x32\...\Native Instruments Alicias Keys) (Version: 1.5.0.2 - Native Instruments)
Native Instruments Balinese Gamelan (HKLM-x32\...\Native Instruments Balinese Gamelan) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.1.6.27 - Native Instruments)
Native Instruments Battery 4 Factory Library (HKLM-x32\...\Native Instruments Battery 4 Factory Library) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.2.0.263 - Native Instruments)
Native Instruments Cuba (HKLM-x32\...\Native Instruments Cuba) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Damage (HKLM-x32\...\Native Instruments Damage) (Version: 1.5.0.2 - Native Instruments)
Native Instruments Driver (HKLM-x32\...\Native Instruments Driver) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Drum Lab (HKLM-x32\...\Native Instruments Drum Lab) (Version: 1.2.0.6 - Native Instruments)
Native Instruments Emotive Strings (HKLM-x32\...\Native Instruments Emotive Strings) (Version: 1.0.0.2 - Native Instruments)
Native Instruments Enhanced EQ (HKLM-x32\...\Native Instruments Enhanced EQ) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Evolve Mutations (HKLM-x32\...\Native Instruments Evolve Mutations) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Evolve Mutations 2 (HKLM-x32\...\Native Instruments Evolve Mutations 2) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Evolve R2 (HKLM-x32\...\Native Instruments Evolve R2) (Version: 1.7.0.3 - Native Instruments)
Native Instruments Flesh (HKLM-x32\...\Native Instruments Flesh) (Version: 1.0.0.2 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.4.1.1599 - Native Instruments)
Native Instruments Form (HKLM-x32\...\Native Instruments Form) (Version: 1.1.0.7 - Native Instruments)
Native Instruments George Duke Soul Treasures (HKLM-x32\...\Native Instruments George Duke Soul Treasures) (Version: 1.3.0.1 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.2.8 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version:  - Native Instruments)
Native Instruments India (HKLM-x32\...\Native Instruments India) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Kinetic Treats (HKLM-x32\...\Native Instruments Kinetic Treats) (Version: 1.0.0.18 - Native Instruments)
Native Instruments Komplete Audio 6 Driver (HKLM-x32\...\Native Instruments Komplete Audio 6 Driver) (Version:  - Native Instruments)
Native Instruments Komplete Kontrol (HKLM-x32\...\Native Instruments Komplete Kontrol) (Version: 1.9.1.191 - Native Instruments)
Native Instruments Komplete Kontrol Driver (HKLM-x32\...\Native Instruments Komplete Kontrol Driver) (Version:  - Native Instruments)
Native Instruments Komplete Kontrol MK2 Driver (HKLM-x32\...\Native Instruments Komplete Kontrol MK2 Driver) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:  - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.3.0.5 - Native Instruments)
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version: 1.4.0.4 - Native Instruments)
Native Instruments Kontour (HKLM-x32\...\Native Instruments Kontour) (Version: 1.0.0.1 - Native Instruments)
Native Instruments Maschine Drum Selection (HKLM-x32\...\Native Instruments Maschine Drum Selection) (Version: 1.3.0.19 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.1.637 - Native Instruments)
Native Instruments Molekular (HKLM-x32\...\Native Instruments Molekular) (Version: 1.0.0.3 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.4.1.59 - Native Instruments)
Native Instruments Native Browser Preview Library (HKLM-x32\...\Native Instruments Native Browser Preview Library) (Version: 1.0.1.3 - Native Instruments)
Native Instruments NIHostIntegrationAgent (HKLM-x32\...\Native Instruments NIHostIntegrationAgent) (Version: 1.4.1.210 - Native Instruments)
Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Polyplex (HKLM-x32\...\Native Instruments Polyplex) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.5 - Native Instruments)
Native Instruments Razor (HKLM-x32\...\Native Instruments Razor) (Version: 1.7.0.4 - Native Instruments)
Native Instruments RC 24 (HKLM-x32\...\Native Instruments RC 24) (Version: 1.3.1.45 - Native Instruments)
Native Instruments RC 48 (HKLM-x32\...\Native Instruments RC 48) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.4.1512 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.2.0.51 - Native Instruments)
Native Instruments Reaktor Blocks (HKLM-x32\...\Native Instruments Reaktor Blocks) (Version: 1.3.0.5 - Native Instruments)
Native Instruments Reaktor Blocks Wired (HKLM-x32\...\Native Instruments Reaktor Blocks Wired) (Version: 1.0.2.1 - Native Instruments)
Native Instruments Reaktor Factory Library (HKLM-x32\...\Native Instruments Reaktor Factory Library) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.6.0.2 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.4.0.4 - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.3.2.50 - Native Instruments)
Native Instruments Replika XT (HKLM-x32\...\Native Instruments Replika XT) (Version: 1.0.3.50 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: 1.3.0.4 - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version:  - Native Instruments)
Native Instruments Rise and Hit (HKLM-x32\...\Native Instruments Rise and Hit) (Version: 1.2.0.11 - Native Instruments)
Native Instruments Rounds (HKLM-x32\...\Native Instruments Rounds) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Scarbee Funk Guitarist (HKLM-x32\...\Native Instruments Scarbee Funk Guitarist) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Scarbee Jay-Bass (HKLM-x32\...\Native Instruments Scarbee Jay-Bass) (Version: 1.1.0.1 - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Scarbee MM-Bass Amped (HKLM-x32\...\Native Instruments Scarbee MM-Bass Amped) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Scarbee Pre-Bass (HKLM-x32\...\Native Instruments Scarbee Pre-Bass) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Scarbee Pre-Bass Amped (HKLM-x32\...\Native Instruments Scarbee Pre-Bass Amped) (Version: 1.1.0.1 - Native Instruments)
Native Instruments Scarbee Rickenbacker Bass (HKLM-x32\...\Native Instruments Scarbee Rickenbacker Bass) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version: 1.3.0.6 - Native Instruments)
Native Instruments Session Guitarist - Strummed Acoustic (HKLM-x32\...\Native Instruments Session Guitarist - Strummed Acoustic) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Session Guitarist - Strummed Acoustic 2 (HKLM-x32\...\Native Instruments Session Guitarist - Strummed Acoustic 2) (Version: 1.0.0.10 - Native Instruments)
Native Instruments Session Horns (HKLM-x32\...\Native Instruments Session Horns) (Version: 1.1.0.1 - Native Instruments)
Native Instruments Session Horns Pro (HKLM-x32\...\Native Instruments Session Horns Pro) (Version: 1.3.0.5 - Native Instruments)
Native Instruments Session Strings (HKLM-x32\...\Native Instruments Session Strings) (Version: 1.3.0.1 - Native Instruments)
Native Instruments Session Strings Pro (HKLM-x32\...\Native Instruments Session Strings Pro) (Version: 1.4.0.2 - Native Instruments)
Native Instruments Skanner XT (HKLM-x32\...\Native Instruments Skanner XT) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.13 - Native Instruments)
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Supercharger GT (HKLM-x32\...\Native Instruments Supercharger GT) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Symphony Essentials Brass Ensemble (HKLM-x32\...\Native Instruments Symphony Essentials Brass Ensemble) (Version: 1.3.0.7 - Native Instruments)
Native Instruments Symphony Essentials Brass Solo (HKLM-x32\...\Native Instruments Symphony Essentials Brass Solo) (Version: 1.3.0.5 - Native Instruments)
Native Instruments Symphony Essentials String Ensemble (HKLM-x32\...\Native Instruments Symphony Essentials String Ensemble) (Version: 1.3.0.5 - Native Instruments)
Native Instruments Symphony Essentials Woodwind Ensemble (HKLM-x32\...\Native Instruments Symphony Essentials Woodwind Ensemble) (Version: 1.3.0.5 - Native Instruments)
Native Instruments Symphony Essentials Woodwind Solo (HKLM-x32\...\Native Instruments Symphony Essentials Woodwind Solo) (Version: 1.3.0.4 - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: 1.3.0.1 - Native Instruments)
Native Instruments The Gentleman (HKLM-x32\...\Native Instruments The Gentleman) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version: 1.2.0.8 - Native Instruments)
Native Instruments The Grandeur (HKLM-x32\...\Native Instruments The Grandeur) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Maverick (HKLM-x32\...\Native Instruments The Maverick) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Mouth (HKLM-x32\...\Native Instruments The Mouth) (Version: 1.3.0.1 - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: 2.0.0.3 - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Una Corda (HKLM-x32\...\Native Instruments Una Corda) (Version: 1.0.0.13 - Native Instruments)
Native Instruments Vari Comp (HKLM-x32\...\Native Instruments Vari Comp) (Version: 1.3.1.45 - Native Instruments)
Native Instruments VC 160 FX (HKLM-x32\...\Native Instruments VC 160 FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments VC 2A FX (HKLM-x32\...\Native Instruments VC 2A FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments VC 76 FX (HKLM-x32\...\Native Instruments VC 76 FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: 1.4.0.5 - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.3.0.1 - Native Instruments)
Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.1 - Notepad++ Team)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 49.0.2725.39 (HKLM-x32\...\Opera 49.0.2725.39) (Version: 49.0.2725.39 - Opera Software)
Oszillos Mega Scope 1.5.4 (HKLM-x32\...\OszillosMegaScope) (Version:  - )
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PACE License Support Win64 (HKLM\...\{DF91FC8F-0D43-415b-BB5D-22533FC1CC1A}) (Version: 2.6.0.1134 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{DF91FC8F-0D43-415b-BB5D-22533FC1CC1A}) (Version: 2.6.0.1134 - PACE Anti-Piracy, Inc.)
paint.net (HKLM\...\{F10AAD91-58DF-44EC-A647-810197141667}) (Version: 4.0.19 - dotPDN LLC)
Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Festplatten Manager™ 15 Suite (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF24 Creator 8.2.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PhonerLite 2.55 (HKLM-x32\...\PhonerLite_is1) (Version: 2.55 - Heiko Sommerfeldt)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0081 - Pegatron Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Plane9 v2.2.1.2 (HKLM-x32\...\Plane9) (Version: v2.2.1.2 - Joakim Dahl / Planestate Software)
QUAD-CAPTURE Driver (HKLM\...\RolandRDID0117) (Version:  - Roland Corporation)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
R4 (HKLM-x32\...\R4) (Version:  - )
RealDownloader (HKLM-x32\...\{13743594-F75E-491E-9EFF-203C8F8DF705}) (Version: 18.1.5.699 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{410F406E-7AFC-4E9F-BF7E-0CB3C72BDAB9}) (Version: 18.1.5.699 - RealNetworks, Inc.) Hidden
RealDownloader (HKLM-x32\...\{4e8ca438-78fb-4658-ac5b-2d128f60c54e}) (Version: 18.1.5.699 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.5 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8192 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.0) (Version: 18.0.2 - RealNetworks)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SampleTank FREE (HKLM-x32\...\{6559654F-2F38-491F-8411-211517C3E635}) (Version: 2.5.5 - IK Multimedia)
Samplitude Pro X2 (HKLM\...\{E3BAF539-5C91-4173-9B25-69DA7A299F5D}) (Version: 13.1.0.131 - MAGIX Software GmbH) Hidden
Samplitude Pro X2 (HKLM\...\MX.{E3BAF539-5C91-4173-9B25-69DA7A299F5D}) (Version: 13.1.0.131 - MAGIX Software GmbH)
Samplitude Pro X2 Demo-Projekte (HKLM\...\{F787BD2B-017E-42EA-A598-38736FF76C09}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Samplitude Pro X2 Demo-Projekte (HKLM\...\MX.{F787BD2B-017E-42EA-A598-38736FF76C09}) (Version: 1.0.0.0 - MAGIX Software GmbH)
Samplitude Pro X2 Impulsantworten (HKLM\...\{68E07E7E-0E58-4A32-87EB-366FD40FD9E7}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Samplitude Pro X2 Impulsantworten (HKLM\...\MX.{68E07E7E-0E58-4A32-87EB-366FD40FD9E7}) (Version: 1.0.0.0 - MAGIX Software GmbH)
Samplitude Pro X2 Objekt-Synthesizer (HKLM\...\{1A64CC24-9AF1-46B7-B98C-E169B72BB607}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Samplitude Pro X2 Objekt-Synthesizer (HKLM\...\MX.{1A64CC24-9AF1-46B7-B98C-E169B72BB607}) (Version: 1.0.0.0 - MAGIX Software GmbH)
Samplitude Pro X2 Suite (HKLM\...\{6A7725FF-D4CF-4803-B9CF-B6B0755386BF}) (Version: 13.1.0.123 - MAGIX Software GmbH) Hidden
Samplitude Pro X2 Suite (HKLM\...\MX.{6A7725FF-D4CF-4803-B9CF-B6B0755386BF}) (Version: 13.1.0.123 - MAGIX Software GmbH)
Samplitude Pro X2 Update (HKLM\...\{13602B7B-3D5C-472B-B4AD-04AA27A6AF98}) (Version: 13.1.2.174 - MAGIX Software GmbH) Hidden
Samplitude Pro X2 Update (HKLM\...\{46DE75A7-D2F9-46F2-B4C4-A4D290E3CB8E}) (Version: 13.1.3.176 - MAGIX Software GmbH) Hidden
Samplitude Pro X2 Update (HKLM\...\{A929B947-EB4B-40A9-9B39-1E1BD18FE909}) (Version: 13.2.0.205 - MAGIX Software GmbH) Hidden
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
shortcircuit (HKLM-x32\...\shortcircuit) (Version:  - )
SketchUp 2015 (HKLM\...\{A83795B9-570F-40FF-ACB4-710B568EBA22}) (Version: 15.3.331 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Sonokinetic Content Manager (HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\55588f92182e2469) (Version: 1.2.2.2 - Sonokinetic Ltd)
Sonokinetic Content Manager (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\55588f92182e2469) (Version: 1.2.2.2 - Sonokinetic Ltd)
Sonokinetic Content Manager (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\55588f92182e2469) (Version: 1.2.2.2 - Sonokinetic Ltd)
Sonokinetic Content Manager (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\55588f92182e2469) (Version: 1.2.2.2 - Sonokinetic Ltd)
Sonokinetic Content Manager (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\55588f92182e2469) (Version: 1.2.2.2 - Sonokinetic Ltd)
Sonokinetic Content Manager (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\55588f92182e2469) (Version: 1.2.2.2 - Sonokinetic Ltd)
Sound Blaster Play! 3 (HKLM-x32\...\{F2100C00-3725-4390-8C24-FA3EB06814F9}) (Version: 1.01.07 - Creative Technology Limited)
Sound Blaster Play! 3 Extras (HKLM-x32\...\{5F53C7B7-717F-4785-A6CA-BB6ADA432A14}) (Version: 1.0 - Creative Technology Limited)
Soundbytes BagPipes (HKLM-x32\...\Soundbytes BagPipes) (Version:  - )
Sparkol VideoScribe (HKLM-x32\...\{E68A0302-4FC8-4D02-B5A6-910C04C8273A}) (Version: 2.3.4007 - Sparkol) Hidden
Sparkol VideoScribe (HKLM-x32\...\Sparkol VideoScribe 2.3.4007) (Version: 2.3.4007 - Sparkol)
Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project)
Spotify (HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Spotify (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Spotify (HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Spotify (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Spotify (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Spotify (HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Sqirlz Morph (HKLM-x32\...\Sqirlz Morph) (Version: 2.1 - xiberpix)
Steinberg Caleidoscope Sampler Track Content (HKLM-x32\...\{BD830EFB-4884-422C-8AA0-F564E839FC6F}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Content Updater (HKLM-x32\...\{23BAFE62-0AF0-4D71-98C2-47286139DC45}) (Version: 3.1.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase 9 (HKLM\...\{C1F742B9-1B31-4949-9A25-9C4204FADD8B}) (Version: 9.0.30 - Steinberg Media Technologies GmbH)
Steinberg Download Assistant (HKLM-x32\...\Steinberg Download Assistant) (Version: 1.7.1 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.11 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.30 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.3.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Rock Pop Toolbox Drums (HKLM-x32\...\{E9BFA009-DD72-4F2A-84CB-6DF46472B563}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion 6 Content (HKLM-x32\...\{E6049779-021E-40FD-8C4C-C2A21F9417B5}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Hidden
Steinberg HALion Content Registration (HKLM-x32\...\{D3BC09D3-55D7-424D-9B7B-5CAF1C6113FD}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Hidden
Steinberg HALion Library Manager (HKLM\...\{55B14661-3F86-4974-9097-D7508EC63D97}) (Version: 3.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic 2 Content (HKLM-x32\...\{C50D4628-6064-443C-B154-5A5B780874C2}) (Version: 2.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic 3 (HKLM\...\{7AA3E2A4-8568-41B0-BAB6-13CDB5047DE6}) (Version: 3.0.15 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic Content (HKLM-x32\...\{1AA20A3E-B833-4309-9155-8A15D479D46F}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Symphonic Orchestra 64bit (HKLM\...\{2980E719-19F3-4329-944A-782A7D723741}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Symphonic Orchestra VST Sound Instrument Set (HKLM-x32\...\{1312306D-F0A5-4B64-BA34-AC6169A3A098}) (Version: 1.2.0 - Steinberg Media Technologies GmbH)
Steinberg Instrument Set Granular Guitars (HKLM-x32\...\{84F7093F-E0B9-47C5-BBB0-B2F0BFEFAEC5}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 64bit (HKLM\...\{75F15019-C0C2-4047-AA45-97B4BD313719}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Production Grooves Content (HKLM-x32\...\{F72824BC-4856-4050-A745-D92BC601CCDE}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 2.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Bass Amp Content (HKLM-x32\...\{A2FC1750-B90F-4948-9D6E-DDDA155C6EC8}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg VST Transit 64bit (HKLM\...\{FF1A114C-0F88-11E5-A6C0-1697F925EC7B}) (Version: 1.0.13 - Steinberg Media Technologies GmbH)
Sweet Home 3D version 5.2.2 (HKLM\...\Sweet Home 3D_is1) (Version: 5.2.2 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.0 - Unified Intents AB)
Update for Skype for Business 2015 (KB4011255) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2449D2C4-C30E-4854-9A5E-59AA60DE216B}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011255) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{2449D2C4-C30E-4854-9A5E-59AA60DE216B}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011255) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2449D2C4-C30E-4854-9A5E-59AA60DE216B}) (Version:  - Microsoft)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
Video Downloader (HKLM-x32\...\{80CE5A20-ACAD-46A7-94A0-5FD34A7744F3}) (Version: 1.2.0 - RealNetworks) Hidden
Video DVD Maker v3.32.0.80 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}) (Version:  - )
Vienna Download Manager 2.2.15912 (HKLM\...\Vienna Download Manager_is1) (Version:  - Vienna Symphonic Library)
Vienna Ensemble Pro 6.0.16502 (HKLM\...\Vienna Ensemble Pro_is1) (Version:  - Vienna Symphonic Library)
Vienna Instruments 5.4.16488 (HKLM\...\Vienna Instruments_is1) (Version:  - Vienna Symphonic Library)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vita 2 (HKLM\...\{E0CF0134-98F1-46CA-87F1-AE887D0CFEFB}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita 2 Zusatzcontent (HKLM\...\{6F97C05E-DC9E-4CE7-9BF4-C6473541069B}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Analog Synths (HKLM\...\{748F55F9-794E-4D44-97BA-3B4B758D8A78}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Bass Machine (HKLM\...\{FBE9C9B2-F652-48FC-9770-EFDCE387FB49}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Celtic Harp (HKLM\...\{D6287A81-58AD-476A-AF04-2C459B053A64}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Drum Engine (HKLM\...\{0891E1B4-4D1D-4659-80A6-0BDF1EAB637F}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Electric Piano (HKLM\...\{DC3D6691-16F3-4A26-9C2D-C6954644FD73}) (Version: 1.0.2.0 - MAGIX Software GmbH) Hidden
Vita Jazz Drums (HKLM\...\{7A9199E7-EE2C-4B4F-B461-AB3DAD176132}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Rock Drums (HKLM\...\{0354057E-E123-41F9-B650-1F459D61AF7C}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita String Ensemble (HKLM\...\{E5DB7CC1-30C3-44EC-8502-FBAF3B672E97}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Urban Drums (HKLM\...\{4C9A7ACA-C09A-4B23-BD57-72FA53F2568D}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Vintage Organ (HKLM\...\{0DD56431-10EF-4C0B-BE79-B607DAA5AB36}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita World Flutes (HKLM\...\{613D4E1A-3B76-424F-B930-D3EFBC062862}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
vs2015_redist x64 (HKLM\...\{EAED8692-5B63-4665-B857-D626633691DA}) (Version: 1.0.0.0 - Realnetworks) Hidden
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 1.0.0.0 - 1&1 Mail & Media GmbH)
WhiteCap (HKLM-x32\...\WhiteCap) (Version: 5.7.1 - SoundSpectrum)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17362 - Microsoft Corporation)
Windows 7 Upgrade Advisor (HKLM-x32\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
XMedia Recode Version 3.3.5.7 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.5.7 - XMedia Recode)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F926428DDD41}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{603DA4B5-1E17-032A-14A9-BE51E58601ED}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{65626C28-0404-8D3F-6B17-A5C44C31D950}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2985758792-33507869-1880162607-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [    HiDriveOverlayIconCheck] -> {fa8f3afe-6ea5-3352-a1b1-91b8cdcc5856} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    HiDriveOverlayIconError] -> {b96ea5f1-499a-31a5-8260-39577b4c705d} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    HiDriveOverlayIconSync] -> {368c9485-f797-3806-8421-9e6323374ed3} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2015-04-15] ()
ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2014-06-24] (Bulk Rename Utility)
ContextMenuHandlers1: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2015-08-14] ()
ContextMenuHandlers1: [HiDriveCopyExtension] -> {b92d7504-d699-3a52-ac03-4c04c681bf20} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [HiDriveShareFileExtensionCreate] -> {bad9582f-d94d-3e61-adda-97717cf1b80b} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [HiDriveShareFileExtensionEdit] -> {e824652d-1b10-3cfd-8fc6-2b6ef23b1d06} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)

ImmiMax 23.11.2017 15:10
Addition.txt Teil 2
 
Code:
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-11-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2014-06-24] (Bulk Rename Utility)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2016-09-25] (RealNetworks, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2014-06-24] (Bulk Rename Utility)
ContextMenuHandlers4: [HiDriveCopyExtension] -> {b92d7504-d699-3a52-ac03-4c04c681bf20} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers4: [HiDriveShareFileExtensionCreate] -> {bad9582f-d94d-3e61-adda-97717cf1b80b} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers4: [HiDriveShareFileExtensionEdit] -> {e824652d-1b10-3cfd-8fc6-2b6ef23b1d06} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ContextMenuHandlers6: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2015-08-14] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-11-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1_S-1-5-21-2985758792-33507869-1880162607-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2985758792-33507869-1880162607-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2985758792-33507869-1880162607-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Berni\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00533478-A669-40A1-9547-F2C7A021A16A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {09EA3BFC-772A-4853-929C-B0868F4B2880} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0AD0DB76-06D7-49FF-BC30-1E22B3B4EAF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-10] (Google Inc.)
Task: {12DA7728-791F-4919-8CB9-3F596EFCA36F} - System32\Tasks\ReclaimerUpdateXML_Berni => C:\Users\Berni\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.04\agent\rnupgagent.exe
Task: {13EEE230-2420-4881-8822-E6EF93CA86C5} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {169DDF91-4FD0-4CE4-8AAE-7709F356899F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {191DCAFB-DC83-4202-8A5C-77BA46D11918} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {22A8A90F-34E1-44B3-B37C-63759C7B39C6} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {269A16A8-448D-46B1-8677-BDD671196C61} - System32\Tasks\AdobeAAMUpdater-1.0-Bernis-Laptop-Berni => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {26EC4953-F8B5-440B-8594-04AB11DA5228} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {2D6F8D3F-4642-4B08-98BF-1886F1D71E3C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {2EEC72A5-17F0-4A75-B734-8ECCFF2ED9A8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {385D0A3E-9FF9-429A-A5CD-F1880CA66ACA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {40D78217-C77A-4D37-969F-6371C77151CE} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2985758792-33507869-1880162607-1000 => C:\program files (x86)\real\realplayer\RealDownloader\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {41FDA984-39C0-4B43-A475-1AC419953899} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {428F3C87-32B5-4743-A648-201B93E77600} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-11-21] (Microsoft Corporation)
Task: {44209734-0931-4DC1-94E4-0A7F2395EB38} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {49F678B7-511B-4472-B198-6E7D59947795} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4B5D6DCA-78F6-4565-AE04-70D175CA2492} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4DD9504B-AC20-4560-892B-FB746DBC13D5} - System32\Tasks\RNUpgradeHelperLogonPrompt_Berni => C:\Users\Berni\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.04\agent\rnupgagent.exe
Task: {5571759A-7BE6-46CA-A4D4-DE37D44222DD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {624C85B2-6D1C-44E6-84A6-2CFBBD5FED24} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2012-11-08] ()
Task: {7006F564-4FF0-4F63-8EDB-18E3B8F8AF87} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {709002A6-9F47-41CE-B33F-78CA7B973ED5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72767EEC-57A0-48FC-A716-AA1A605A2C53} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {77847C66-4265-443F-81F4-2DF5D029B40F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {799367FB-9481-43EF-8B0C-5C5486F3AE0A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E9FCA88-47AC-430F-947B-807FA6034B0F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2985758792-33507869-1880162607-1000UA1d2370dbb190b95 => C:\Users\Berni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {8823DA38-B42A-4FA8-A578-42A7062F562D} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2017-11-18] (Avira Operations GmbH & Co. KG)
Task: {8C33D2C6-879A-4AD6-8A75-0A4DEA7C881C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {9586E552-BB86-4915-A25B-87E5050BCA5A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9C7BDD00-5E26-4BC1-BA11-10B1C7C2165C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9F2EBB6F-53A7-4E12-88E4-EB3C4150E93E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9FB671ED-AB03-4E71-80AE-77E1E64FF1E9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A558637D-4525-4372-99CF-F4171171B31E} - System32\Tasks\Opera scheduled Autoupdate 1486726643 => C:\Program Files\Opera\launcher.exe [2017-11-15] (Opera Software)
Task: {A5D603D1-A707-4635-955D-A715AAA62FB2} - System32\Tasks\RealDownloader Update Check => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe [2016-09-03] ()
Task: {A6985675-8F72-4C0C-86C9-CFAD8C9318B9} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6B50A75-F4E7-4D4E-9FB7-C508E5EA5FEC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2985758792-33507869-1880162607-1000 => C:\program files (x86)\real\realplayer\RealDownloader\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {A8D0599A-6718-4972-9BA1-2C9B1074D28D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {A9A2DA7D-7899-495E-ADD5-916C5A77A37D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2985758792-33507869-1880162607-1000Core1d2370dbb114229 => C:\Users\Berni\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {ABEC5F25-87E7-4234-991B-FE8639659FCF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AD090B61-FD7F-45BD-867B-F08478EA9480} - System32\Tasks\ReclaimerUpdateFiles_Berni => C:\Users\Berni\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.04\agent\rnupgagent.exe
Task: {AFD19971-5365-4B71-9355-92F47D9C49B9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {B3A5F560-64C7-4E6A-913B-D0A2AEE2CCDA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B4FDAA86-E50F-4A4E-839A-4475AF9BEDA4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {B85914E7-C747-4A59-8327-6962622322B1} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2985758792-33507869-1880162607-1000 => C:\program files (x86)\real\realplayer\RealDownloader\recordingmanager.exe [2016-09-03] (RealNetworks, Inc.)
Task: {B927F142-E898-4927-AAE5-7518FDEC8917} - \WPD\SqmUpload_S-1-5-21-2985758792-33507869-1880162607-1000 -> Keine Datei <==== ACHTUNG
Task: {BB35A01E-6DD0-4F9D-A223-72E09AF13A9F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {BCC8BC87-7185-44FE-B7D4-0B9E34D2131B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BCEC4921-95AF-493A-B475-353B29E318BF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDE54795-6B25-40D1-BEEB-5BA2B2544417} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C6D5138B-FB6C-4DB2-A398-BA91C77E94C0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C968E4C8-0AEC-4664-A107-75598375CC51} - System32\Tasks\{5CBA5960-A2C5-4D12-BD67-D1CCAE9B1C67} => C:\Windows\system32\pcalua.exe -a C:\Users\Berni\Downloads\nw_5252_virtualcddemoexe.exe -d C:\Users\Berni\Downloads
Task: {CBD928D7-7845-459B-A8E3-92F180554641} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {CCF8CB73-EAB2-482E-AA44-2176C9092735} - System32\Tasks\{0DAE00E6-D8E4-436F-AD9A-517BE0664321} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Beurer\Beurer HealthManager\Beurer Health Manager.exe"
Task: {CD9059FB-8A01-4BD9-AE1E-6E1AFE071B0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {D3C45E1B-2FBB-4A91-B966-1197244E87DA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D4E11397-5E11-4715-944B-C37A46B926C4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D879C82A-C5E0-4880-83C9-38D8D0BDCF8A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {DCF47EB4-8981-44DD-9422-633346F0BEBF} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)
Task: {E6635A04-B782-48BD-9EBE-511C14B65B88} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-10] (Google Inc.)
Task: {E6AB3A48-A5FB-4F85-9C4A-CCCB20F4013F} - System32\Tasks\RNUpgradeHelperResumePrompt_Berni => C:\Users\Berni\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.04\agent\rnupgagent.exe
Task: {ECB47E06-1217-459C-8593-4D2CAEA4DF9F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {ED676939-7B69-47E4-B705-1A238C71CF13} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F64A728C-4903-4DCC-AFB0-9337DCC2CE82} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {F8DE5D6F-3DAA-46D9-A9A3-84D75965D1EC} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()
Task: {FFFCF960-C53F-4E7E-863D-B98C5EE88DEE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2985758792-33507869-1880162607-1000Core1d2370dbb114229.job => C:\Users\Berni\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2985758792-33507869-1880162607-1000UA1d2370dbb190b95.job => C:\Users\Berni\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\Berni\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-11 19:00 - 2012-11-29 13:53 - 000805888 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2015-05-01 20:29 - 2010-11-18 17:26 - 000224176 _____ () C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe
2017-07-31 13:05 - 2017-07-31 13:05 - 000914096 _____ () C:\Program Files (x86)\STRATO\HiDrive\Updater\MaintenanceService.exe
2017-11-06 23:10 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-13 16:20 - 2017-10-11 09:07 - 000435208 _____ () C:\Program Files (x86)\MOTU\Pro Audio\Service\MOTUProAudioHTTPServer.exe
2016-03-10 11:00 - 2014-08-25 11:04 - 000389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-03-11 19:00 - 2012-11-27 15:18 - 002215424 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2015-03-11 19:00 - 2010-01-12 17:36 - 000117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2015-03-11 19:00 - 2010-01-12 17:36 - 000121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2015-03-21 06:33 - 2012-07-30 09:28 - 000125504 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_38_x64.dll
2015-03-11 19:00 - 2010-12-17 14:04 - 000449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2017-03-18 21:56 - 2017-03-18 21:56 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-11-28 06:11 - 2015-11-14 04:23 - 000553120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-03-21 06:33 - 2012-11-08 07:39 - 000037440 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
2015-03-21 06:33 - 2012-11-08 07:38 - 000044608 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
2015-03-11 19:00 - 2012-10-23 18:07 - 003471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2015-03-11 19:00 - 2012-08-08 18:10 - 007536128 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2017-03-18 21:58 - 2017-03-20 05:41 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-13 16:20 - 2017-10-11 09:07 - 000524808 _____ () C:\Program Files (x86)\MOTU\Pro Audio\MOTUDiscovery.exe
2017-11-13 16:20 - 2017-10-11 09:07 - 000252936 _____ () C:\Program Files (x86)\MOTU\Pro Audio\Service\MOTUProAudio.exe
2015-07-14 11:56 - 2015-07-14 11:56 - 001457968 _____ () C:\Program Files (x86)\MOTU\Audio\MFWAKeys.exe
2017-07-31 13:05 - 2017-07-31 13:05 - 008284832 _____ () C:\Program Files (x86)\STRATO\HiDrive\HiDrive.App.exe
2015-11-28 06:11 - 2015-11-14 04:22 - 031401120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-09-14 04:48 - 2017-09-14 04:49 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2016-09-03 10:11 - 2016-09-03 10:11 - 000708336 _____ () C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
2017-10-31 10:31 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-10-31 10:31 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-10-31 10:31 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-10-31 10:31 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-07-04 06:11 - 2013-12-09 15:27 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-11 19:00 - 2009-12-18 15:36 - 000973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2015-03-11 19:00 - 2009-12-18 15:41 - 000129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2015-03-21 06:33 - 2012-07-30 09:27 - 000116800 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_38_Win32.dll
2015-03-21 06:33 - 2012-07-05 14:56 - 000052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll
2017-11-13 16:20 - 2017-10-11 09:07 - 000271368 _____ () C:\Program Files (x86)\MOTU\Pro Audio\MOTUDiscoveryCLRLib.dll
2015-11-28 06:11 - 2015-11-16 17:43 - 040523440 ____N () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-21 06:33 - 2013-06-26 08:51 - 002921976 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2017-07-31 13:05 - 2017-07-31 13:05 - 001035936 _____ () C:\Program Files (x86)\STRATO\HiDrive\CefSharp.Core.dll
2017-07-31 13:05 - 2017-07-31 13:05 - 048943768 _____ () C:\Program Files (x86)\STRATO\HiDrive\libcef.dll
2015-11-28 06:11 - 2015-11-16 17:43 - 001365680 ____N () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-11-28 06:11 - 2015-11-16 17:43 - 000219312 ____N () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2015-10-25 06:23 - 2015-10-25 06:23 - 000034816 _____ () C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
2015-07-07 09:38 - 2015-07-07 09:38 - 000176168 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
2015-07-07 09:38 - 2015-07-07 09:38 - 000043048 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
2015-11-25 19:35 - 2015-11-25 19:35 - 000124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2015-11-25 19:35 - 2015-11-25 19:35 - 000188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2015-11-25 19:35 - 2015-11-25 19:35 - 000121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2015-11-25 19:35 - 2015-11-25 19:35 - 000129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2015-11-25 13:22 - 2015-11-25 13:22 - 000158384 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\native\ProxyResolverWin.dll
2015-11-25 19:35 - 2015-11-25 19:35 - 000081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2015-02-10 14:13 - 2015-02-10 14:13 - 001754296 _____ () C:\Program Files (x86)\Microsoft Office\Office15\tmpod.dll
2015-10-13 15:07 - 2015-10-13 15:07 - 001032360 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2016-09-25 17:45 - 2016-09-25 17:45 - 000653072 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\ws.microsoft.com -> hxxp://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\ws.microsoft.com -> hxxps://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\wustat.windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\ws.microsoft.com -> hxxp://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\ws.microsoft.com -> hxxps://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\wustat.windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\ws.microsoft.com -> hxxp://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\ws.microsoft.com -> hxxps://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\wustat.windows.com -> hxxp://wustat.windows.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441754\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453047\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441788\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453084\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442461\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454803\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Flashget"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "RealDownloader"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103441816\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2985758792-33507869-1880162607-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103453117\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11222017104329127\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103442361\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2985758792-33507869-1880162607-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11222017103454675\...\StartupApproved\Run: => "Unified Remote V3"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{17BA77A5-4238-4B8F-B7D2-093B4A4DE6E8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5487FAB1-0342-4D5C-A4DA-72F0912990F9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{611FD2D3-569E-461F-84CC-5560F0960229}] => (Allow) LPort=1280
FirewallRules: [{3196D805-1354-4CA0-B019-E92459A7281C}] => (Allow) C:\Program Files (x86)\MOTU\Pro Audio\Service\MOTUProAudioHTTPServer.exe
FirewallRules: [{624A5E1E-AEB6-4C64-B3C9-CB83DFDDAA39}] => (Allow) C:\Program Files (x86)\MOTU\Pro Audio\Service\MOTUProAudioHTTPServer.exe
FirewallRules: [TCP Query User{A455A0CB-9FA5-482C-ADFA-1F7C65A38B7F}C:\program files\vienna instruments\vienna ensemble x64.exe] => (Allow) C:\program files\vienna instruments\vienna ensemble x64.exe
FirewallRules: [UDP Query User{86531651-BE2C-4EE4-AE92-323D385913DA}C:\program files\vienna instruments\vienna ensemble x64.exe] => (Allow) C:\program files\vienna instruments\vienna ensemble x64.exe
FirewallRules: [{6D87D9B0-A666-436D-87DE-78743BEAB45F}] => (Allow) LPort=1280
FirewallRules: [{463BECCA-20C2-4F79-846E-C324BC87B8C1}] => (Allow) C:\Program Files (x86)\MOTU\Pro Audio\Service\MOTUProAudioHTTPServer.exe
FirewallRules: [{D3C68ABA-1E22-44F0-B325-1159D5990E99}] => (Allow) C:\Program Files (x86)\MOTU\Pro Audio\Service\MOTUProAudioHTTPServer.exe
FirewallRules: [{92181486-89F1-43D8-B701-B6476C89697E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CAFF8CBB-67AF-466D-BFF3-404406A10AF1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{B79100C0-BC38-4174-91D5-25257945E654}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{B8B3793F-5402-4581-B9E7-CE17A19AD11B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9FC6CE8F-7E16-4B87-86C0-A18484E22031}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D231B49A-A22D-488C-84EF-E1900F517DC6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FFBADDEB-9F24-4502-BA08-C9825469FE86}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50195D9C-E0B3-4BAA-A3E0-27595C629214}C:\program files (x86)\phonerlite\phonerlite.exe] => (Allow) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [UDP Query User{91150B87-FF25-4A71-8802-2B0D823B4110}C:\program files (x86)\phonerlite\phonerlite.exe] => (Allow) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [{CB245CFD-BE00-47EA-A2E6-CA9E3F1779A0}] => (Allow) C:\Program Files\Opera\49.0.2725.39\opera.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

08-11-2017 17:40:53 Geplanter Prüfpunkt
15-11-2017 18:24:04 Windows Update
21-11-2017 07:06:18 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/22/2017 02:47:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: downloader2.exe, Version: 18.1.5.699, Zeitstempel: 0x57cb1259
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00091cc2
ID des fehlerhaften Prozesses: 0x2b40
Startzeit der fehlerhaften Anwendung: 0x01d36387a707e9fc
Pfad der fehlerhaften Anwendung: C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 4f6c994a-c97b-444b-8336-45287ad7c0f5
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/22/2017 11:47:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: downloader2.exe, Version: 18.1.5.699, Zeitstempel: 0x57cb1259
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00091cc2
ID des fehlerhaften Prozesses: 0xfe8
Startzeit der fehlerhaften Anwendung: 0x01d3636e81ba94e5
Pfad der fehlerhaften Anwendung: C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 778a34a9-72bb-4742-b4bc-4267c6272648
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/22/2017 11:13:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 57.0.0.6525 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 23cc

Startzeit: 01d3637758403343

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 47927674-5c06-47f4-8365-69bdcdffa68c

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/22/2017 07:42:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RealPlayerUpdateSvc.exe, Version: 0.0.0.0, Zeitstempel: 0x57cb21f6
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00091cc2
ID des fehlerhaften Prozesses: 0xa38
Startzeit der fehlerhaften Anwendung: 0x01d36358ea0f0da8
Pfad der fehlerhaften Anwendung: C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: f4dfdd2f-7968-47c3-820a-473a9c75479e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/22/2017 07:22:50 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (11/21/2017 09:47:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: downloader2.exe, Version: 18.1.5.699, Zeitstempel: 0x57cb1259
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00091cc2
ID des fehlerhaften Prozesses: 0x30a4
Startzeit der fehlerhaften Anwendung: 0x01d362f928a1ead5
Pfad der fehlerhaften Anwendung: C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 7db2be12-8b9e-4542-87c2-8bbbbd8199b7
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/21/2017 06:47:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: downloader2.exe, Version: 18.1.5.699, Zeitstempel: 0x57cb1259
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00091cc2
ID des fehlerhaften Prozesses: 0x2b14
Startzeit der fehlerhaften Anwendung: 0x01d362e00351789f
Pfad der fehlerhaften Anwendung: C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 25a6ec2e-6d2a-4cd4-8de0-fbcad7766f4e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/21/2017 03:47:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: downloader2.exe, Version: 18.1.5.699, Zeitstempel: 0x57cb1259
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00091cc2
ID des fehlerhaften Prozesses: 0x2e30
Startzeit der fehlerhaften Anwendung: 0x01d362c6de018d59
Pfad der fehlerhaften Anwendung: C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: cf0b9b42-9c8d-41ae-9c41-0c675c9a11b5
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/21/2017 12:47:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: downloader2.exe, Version: 18.1.5.699, Zeitstempel: 0x57cb1259
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00091cc2
ID des fehlerhaften Prozesses: 0x3d64
Startzeit der fehlerhaften Anwendung: 0x01d362adb8b0c6ad
Pfad der fehlerhaften Anwendung: C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: ef578237-9c4a-488b-98bd-be27e74540dc
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/21/2017 09:47:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: downloader2.exe, Version: 18.1.5.699, Zeitstempel: 0x57cb1259
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00091cc2
ID des fehlerhaften Prozesses: 0x42ec
Startzeit der fehlerhaften Anwendung: 0x01d3629493613716
Pfad der fehlerhaften Anwendung: C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: e2f9455b-bfbd-4a05-89cf-4e7641ce849d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Systemfehler:
=============
Error: (11/22/2017 07:42:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RealPlayer Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/22/2017 07:12:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (11/22/2017 07:12:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.

Error: (11/22/2017 07:12:44 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎22.‎11.‎2017 um 00:19:18 unerwartet heruntergefahren.

Error: (11/20/2017 05:03:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RealPlayer Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2017 04:33:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.257.710.0)

Error: (11/20/2017 04:33:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (11/20/2017 04:33:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.

Error: (11/20/2017 04:33:04 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎19.‎11.‎2017 um 22:59:54 unerwartet heruntergefahren.

Error: (11/18/2017 07:58:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RealPlayer Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-11-22 07:13:09.110
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-22 07:13:09.107
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-20 04:33:33.229
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-20 04:33:33.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-18 07:28:53.651
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-18 07:28:53.648
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-17 05:48:25.350
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-17 05:48:25.348
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-15 20:14:47.071
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-15 20:14:47.069
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 8072.83 MB
Verfügbarer physikalischer RAM: 3942.87 MB
Summe virtueller Speicher: 16264.83 MB
Verfügbarer virtueller Speicher: 11117.76 MB

==================== Laufwerke ================================

Drive c: (Win 7 System) (Fixed) (Total:910.8 GB) (Free:285.82 GB) NTFS
Drive d: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:287.93 GB) NTFS
Drive e: (Recording-DVD) (CDROM) (Total:4.23 GB) (Free:0 GB) CDFS
Drive z: (Recovery) (Fixed) (Total:18.44 GB) (Free:7.82 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: EE8EC18F)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

cosinus 23.11.2017 15:22
Du hast deinen Rechner aber echt zugedröhnt mit Software :wtf:

1) Muss das sein?
2) Da ist sehr vile Business- und Bürosoftware dabei. Gewerblich genutztes System?

ImmiMax 23.11.2017 15:38
Nein, ich mache damit Musik und verwalte damit meinen privaten Bürokram. Die Musik ist ein Hobby und erfordert sehr viele Komponenten.
Und die Bürosoftware habe ich noch aus meiner aktiven Arbeitszeit, als ich noch von der Firma einen MSDN Zugang hatte. Jetzt bin ich Rentner und die Software ist halt noch drauf.

cosinus 23.11.2017 15:52
Bitte Avira deinstallieren. Wir deinstallieren dann am besten auch gleich weiteren unnötigen oder veralteten Krempel. Falls du unbedingt ein Programm aus der u.g. Liste braucht, dann lass es drauf gib aber kurz ne Info welches und warum.

Avira empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:


    7-Zip 9.20 (x64 edition)

    Adobe Acrobat Reader DC - Deutsch

    Avira

    Avira Antivirus

    Java 8 Update 91

    Spybot - Search & Destroy


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

ImmiMax 23.11.2017 18:00
Hi, alles gelöscht.
Was mich wundert ist, dass 7-zip mit auf der Liste ist. Es gab damals in meiner Firma (Deutsche Telekom) die Empfehlung diesen zu benutzen.

Es ist aber alles gelöscht.
Es kam noch einmal eine Avira Empfehlung zu Amazon. Sind da noch Reste?

Vielen Dank für die Hilfe

cosinus 23.11.2017 22:48
Ich schrieb ja auch, dass wir auch veralteten Krempel runterschmeißen. Und 7zip 9.20 ist uralt.


Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

ImmiMax 24.11.2017 13:01
MBar Result
 
Hi,
es wurde nichts gefunden:

Code:
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.11.24.03
  rootkit: v2017.10.14.01

Windows 10 x64 NTFS
Internet Explorer 11.726.15063.0
Berni :: BERNIS-LAPTOP [administrator]

24.11.2017 12:20:35
mbar-log-2017-11-24 (12-20-35).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 573386
Time elapsed: 20 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Viele Grüße
Bernhard Bahr

cosinus 24.11.2017 13:02
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!



adwCleaner v7.x

Downloade Dir bitte http://deeprybka.trojaner-board.de/adwcleaner/adwc.pngAdwCleaner auf Deinen Desktop (Bebilderte Anleitung).
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Tracing Schlüssel
    • Prefetch Dateien
    • Proxy
    • Winsock
    • IE Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

ImmiMax 24.11.2017 14:15
Ergebnisfile AdwCleaner
 
Code:
# AdwCleaner 7.0.4.0 - Logfile created on Fri Nov 24 13:00:42 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Pro N (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Deleted: C:\Program Files (x86)\Chip Digital GmbH
Deleted: C:\Windows\\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}


***** [ Files ] *****

Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|ImageStoreRandomFolder [g7wmv9v]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE10RunOnceLastShown_TIMESTAMP [탖睯抎ǐv9v]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE10TourShownTime [ἴ뜑㮼Ǔv9v]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE10RunOnceCompletionTime [ἴ뜑㮼Ǔv9v]
Deleted: [Key] - HKU\S-1-5-21-2985758792-33507869-1880162607-1000\Software\APN PIP
Deleted: [Key] - HKCU\Software\APN PIP
Deleted: [Key] - HKU\S-1-5-21-2985758792-33507869-1880162607-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Chip Digital GmbH\chip1click\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Chip Digital GmbH\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}\
Deleted: [Value] - HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP Starter.exe
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted: [Key] - HKLM\SOFTWARE\Applian Technologies
Deleted: [Key] - HKLM\SOFTWARE\Classes\Applications\amp.exe
Deleted: [Value] - HKLM\SOFTWARE\RegisteredApplications|FLV and Media Player
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDAudioOnArrival
Deleted: [Key] - HKLM\SOFTWARE\Clients\Media\ApplianMP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayMusicFilesOnArrival
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVCDMovieOnArrival
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlaySVCDMovieOnArrival
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVideoFilesOnArrival
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDMovieOnArrival
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayCDAudioOnArrival
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Lavasoft\Web Companion\


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2793 B] - [2015/3/25 21:45:21]
C:/AdwCleaner/AdwCleaner[S1].txt - [1247 B] - [2015/5/3 19:41:24]
C:/AdwCleaner/AdwCleaner[S2].txt - [2427 B] - [2015/6/28 8:9:44]
C:/AdwCleaner/AdwCleaner[S3].txt - [5880 B] - [2017/11/24 12:58:52]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

cosinus 24.11.2017 14:59
adwcleaner bitte zwecks Kontrolle wiederholen


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:39 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129