| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim HochfahrenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.08.2015, 07:13
| #1 |
| |  C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren Guten Tag zusammen, seit einigen Tagen öffnet sich beim Hochfahren von Windows 7 ein "Dos-Fenster", bei dem oben im Rahmen Folgendes steht: "C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe" (Anstelle Name steht mein Name, anstelle des Bindestrichs eine Tilde) Im Fenster blinkt ein Cursor-Symbol. Ich würde gern wissen, worum es sich dabei handelt und für einen Hinweis, wie ich dieses Fenster vom Bildschirm weg und auch insgesamt vom Notebook bekomme bin ich dankbar. Gruß W |
|
01.08.2015, 10:13
| #2 |
| /// the machine /// TB-Ausbilder    | C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
22.08.2015, 10:36
| #3 |
| | Frst Dies ist die Frst-Datei
__________________FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2015 03
durchgeführt von Ebling (Administrator) auf HP625 (22-08-2015 11:22:27)
Gestartet von C:\Users\Ebling\Desktop
Geladene Profile: Ebling (Verfügbare Profile: Ebling & Doris & DHBW)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\System32\atibtmon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
(AVM Berlin) C:\Program Files\1&1\IGDCTRL.EXE
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
() C:\Program Files\AntiBrowserSpy\BrowserMask.exe
(WiseCleaner.com) C:\Program Files\Wise\Wise Care 365\WiseTray.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaRegistry.exe
() C:\Windows\System32\ieconfig_1und1_svc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(AVM Berlin) C:\Program Files\1&1\Stcenter.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaUI.exe
(Dr. J. Rathlev, D-24222 Schwentinental) C:\Program Files\Personal Backup 5\Persbackup.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-03-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2011-11-12] (IDT, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM\...\runonceex: [ContentMerger] => c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-11-23] (Sonic Solutions)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2009-05-28] ()
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [Google Update] => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-17] (Google Inc.)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\RunOnce: [Application Restart #0] => C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\1&1 FRITZ!Box starter.lnk [2011-03-15]
ShortcutTarget: 1&1 FRITZ!Box starter.lnk -> C:\Windows\Installer\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}\Icon2457326B4.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-08-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hama Wireless LAN Utility.lnk [2011-02-15]
ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Program Files\Hama\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011-04-24] ()
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk [2014-12-25]
ShortcutTarget: Persbackup.lnk -> C:\Program Files\Personal Backup 5\Persbackup.exe (Dr. J. Rathlev, D-24222 Schwentinental)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyEnable: [S-1-5-21-1320190850-2687297852-4289220983-1001] => Internet Explorer proxy ist aktiviert.
ProxyServer: [S-1-5-21-1320190850-2687297852-4289220983-1001] => localhost:8088
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
hxxp://www.bild.de/
SearchScopes: HKLM -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {17DEF703-7B02-4191-B3CE-0C5250344CEB} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\.DEFAULT -> {979F1432-D714-4905-B07F-C9CB5EF2462E} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKU\.DEFAULT -> {E8A98910-41C8-4FEA-9BBF-439433B95BE5} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\.DEFAULT -> {F45BF24A-B4EC-40A7-942F-501104FC55E9} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {06090F73-779E-4FB6-BB0A-FF6807704AF7} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {10FC8F81-E923-4DFC-A0DF-FFABC14D54A6} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL =
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {417ACE4C-D557-454E-9A06-CE17AD599530} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {43D89E1D-8489-468F-B390-7D3F79E8C588} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {6C4B03E8-9DE0-4F32-9FED-DA4B3A10C431} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {FC8A9B8F-BE3A-4BBF-82B2-C4427BE73C4B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-03-12] (IObit)
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\System32\ieconfig_1und1.dll [2011-03-15] (mquadr.at software engineering und consulting GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKU\.DEFAULT -> Kein Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - Keine Datei
Toolbar: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{666D63E0-1108-40D3-940A-9120699323D7}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A574D06-DDF0-4179-92C5-EAA454D4C1FE}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{AE1DF2C2-266A-4B0D-840C-FBB55ACD6C7B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BBD08B48-9530-4B32-A8B9-41E57567D632}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\windows\system32\npDeployJava1.dll [2012-09-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2012-01-02]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2012-01-02]
Chrome:
=======
CHR Profile: C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kein Name) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2015-05-09]
CHR Extension: (Bitdefender Wallet) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-02-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Kostenfinder) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfbgjcggeplmenpepddbemhcjfdapoh [2013-08-08]
CHR Extension: (AntiBrowserSpy - SocialBlock) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd [2015-05-15]
CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files\AntiBrowserSpy\Addons\Chrome.crx [2015-05-15]
StartMenuInternet: Google Chrome.B4WUOD3OCN64G3KXDJYLCPUSZE - C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2159472 2014-03-25] (G Data Software AG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [254328 2010-03-30] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [121720 2010-03-30] (AVM Berlin)
R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2409280 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [117280 2014-09-05] ()
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard)
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [180768 2014-09-05] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2010-03-30] (AVM Berlin)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc)
R2 RalinkRegistryWriter; C:\Program Files\Hama\Common\RaRegistry.exe [193888 2010-06-01] (Ralink Technology, Corp.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [Datei ist nicht signiert]
R2 serviceIEConfig; C:\Windows\System32\ieconfig_1und1_svc.exe [1053848 2011-03-15] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [Datei ist nicht signiert]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [254034 2011-11-12] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580144 2015-05-12] (WiseCleaner.com)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 avmaudio; C:\windows\System32\DRIVERS\avmaudio.sys [101248 2010-11-14] (AVM Berlin)
R3 avmaura; C:\windows\System32\DRIVERS\avmaura.sys [101248 2010-09-12] (AVM Berlin)
R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [297000 2010-07-14] (Broadcom Corporation.)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [15968 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10208 2014-11-18] ()
R0 GDBehave; C:\windows\System32\drivers\GDBehave.sys [44544 2015-03-29] (G Data Software AG)
R1 GDMnIcpt; C:\windows\system32\drivers\MiniIcpt.sys [101504 2015-03-29] (G Data Software AG)
R3 GDPkIcpt; C:\windows\system32\drivers\PktIcpt.sys [56832 2015-03-29] (G Data Software AG)
R1 gdwfpcd; C:\windows\System32\drivers\gdwfpcd32.sys [53248 2015-03-29] (G Data Software AG)
R1 GRD; C:\windows\system32\drivers\GRD.sys [29528 2015-03-29] (G Data Software)
R1 HookCentre; C:\windows\system32\drivers\HookCentre.sys [50176 2015-03-29] (G Data Software AG)
R0 hotcore3; C:\windows\System32\DRIVERS\hotcore3.sys [27464 2014-05-19] (Paragon Software Group)
S3 HWHandSet; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.)
R3 LVUSBSta; C:\windows\System32\drivers\lvusbsta.sys [22016 2005-01-31] (Logitech Inc.)
R3 NWIM; C:\windows\System32\DRIVERS\avmnwim.sys [335224 2010-03-30] (AVM Berlin)
S3 PID_0928; C:\windows\System32\DRIVERS\LV561AV.SYS [211712 2005-01-31] (Logitech Inc.)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [10320 2013-09-30] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-04-27] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [473656 2012-02-04] (Duplex Secure Ltd.)
R3 teamviewervpn; C:\windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-03-30] (TeamViewer GmbH)
R1 UimBus; C:\windows\System32\DRIVERS\UimBus.sys [91016 2014-05-19] ()
R1 Uim_DEVIM; C:\windows\System32\DRIVERS\uim_devim.sys [20616 2014-05-19] ()
R1 Uim_IM; C:\windows\System32\Drivers\Uim_IM.sys [540040 2014-05-19] ()
S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert]
R3 WiseHDInfo; C:\windows\WiseHDInfo32.dll [13264 2015-08-01] (wisecleaner.com)
S3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S2 ASPI32; kein ImagePath
U3 DfSdkS; kein ImagePath
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-22 11:22 - 2015-08-22 11:23 - 00024754 _____ C:\Users\Ebling\Desktop\FRST.txt
2015-08-22 11:21 - 2015-08-22 11:22 - 00000000 ____D C:\FRST
2015-08-22 11:20 - 2015-08-22 11:20 - 01677824 _____ (Farbar) C:\Users\Ebling\Desktop\FRST.exe
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung.lnk
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung (2).lnk
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\Documents\Bluetooth-Exchange-Ordner
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\AppData\Local\Broadcom
2015-08-20 13:43 - 2010-07-20 13:26 - 00111656 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwavdt.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00088616 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwaudio.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00018728 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwrchid.sys
2015-08-20 13:43 - 2010-07-14 06:25 - 00297000 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwampfl.sys
2015-08-20 13:43 - 2010-03-02 14:37 - 00033320 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwl2cap.sys
2015-08-19 22:31 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-08-19 22:31 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-19 14:10 - 2015-08-19 18:18 - 00000000 ____D C:\Program Files\Huawei
2015-08-19 14:10 - 2011-10-24 06:04 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_quusbmdm.sys
2015-08-19 14:10 - 2011-10-24 05:51 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_usbdev.sys
2015-08-16 13:25 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 11:43 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-08-16 11:42 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-16 11:42 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-16 11:42 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-16 11:42 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-16 11:42 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-16 11:42 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-08-16 11:42 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-08-16 11:42 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-16 11:42 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-08-16 11:42 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-08-16 11:42 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-08-16 11:42 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-08-16 11:42 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-08-16 11:42 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-08-16 11:42 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-08-16 11:42 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-08-16 11:42 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-16 11:42 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-08-16 11:42 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-08-16 11:42 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-08-16 11:42 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-16 11:42 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-08-16 11:42 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-08-16 11:42 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-16 11:42 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-16 11:42 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-16 11:42 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-08-16 11:42 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-08-16 11:42 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-08-16 11:42 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-08-16 11:42 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-08-16 11:42 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-08-16 11:42 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-16 11:42 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-16 11:42 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-08-16 11:29 - 2015-08-16 12:29 - 09284296 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerInstaller.exe
2015-08-03 13:48 - 2015-08-03 13:51 - 00000000 ____D C:\windows\rescache
2015-08-02 09:29 - 2015-08-02 09:29 - 02232320 _____ C:\windows\system32\config\DEFAULT.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00094208 _____ C:\windows\system32\config\SAM.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00028672 _____ C:\windows\system32\config\SECURITY.rhk
2015-08-02 09:25 - 2015-08-02 09:29 - 73924608 _____ C:\windows\system32\config\SOFTWARE.rhk
2015-08-01 16:09 - 2015-08-22 11:09 - 01162952 _____ C:\windows\WindowsUpdate.log
2015-08-01 16:08 - 2015-08-01 16:08 - 00133048 _____ C:\Users\Ebling\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-01 16:07 - 2015-08-22 10:57 - 00007956 _____ C:\windows\setupact.log
2015-08-01 16:07 - 2015-08-01 16:07 - 00000000 _____ C:\windows\setuperr.log
2015-08-01 16:06 - 2015-08-16 18:29 - 00467536 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-01 16:06 - 2015-08-01 16:06 - 00001772 _____ C:\windows\PFRO.log
2015-08-01 10:39 - 2015-08-22 10:57 - 00000378 _____ C:\windows\Tasks\Wise Care 365.job
2015-08-01 10:39 - 2015-08-20 10:00 - 00000406 _____ C:\windows\Tasks\Wise Turbo Checker.job
2015-08-01 10:31 - 2015-08-01 16:07 - 00000546 _____ C:\windows\Tasks\Wise Care 365 PC Checkup Task.job
2015-08-01 10:27 - 2015-08-22 10:58 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00013264 _____ (wisecleaner.com) C:\windows\WiseHDInfo32.dll
2015-08-01 10:27 - 2015-08-01 10:27 - 00001118 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\Program Files\Wise
2015-08-01 10:23 - 2015-08-01 10:23 - 06043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe
2015-07-28 09:04 - 2015-07-28 09:04 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-28 09:04 - 2015-07-28 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-28 08:54 - 2015-07-28 08:54 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-07-25 17:20 - 2015-07-25 17:20 - 06962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-22 11:17 - 2012-09-18 23:36 - 00002664 _____ C:\Users\Ebling\Desktop\Google Chrome.lnk
2015-08-22 11:17 - 2012-09-18 23:29 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job
2015-08-22 11:12 - 2010-09-25 11:38 - 00001098 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-22 11:07 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-22 11:07 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-22 10:58 - 2011-02-15 18:17 - 00000432 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-08-22 10:57 - 2010-09-25 11:38 - 00001094 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-22 10:57 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-20 21:30 - 2014-11-11 20:35 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-20 13:50 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-20 13:49 - 2012-01-03 01:14 - 00000000 ____D C:\Program Files\AntiBrowserSpy
2015-08-20 13:35 - 2010-09-11 15:51 - 00000000 ____D C:\Users\Ebling
2015-08-20 13:35 - 2010-07-01 15:50 - 00000000 ____D C:\Program Files\Broadcom
2015-08-20 11:48 - 2010-09-18 11:50 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForEbling.job
2015-08-19 20:12 - 2012-09-18 23:29 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job
2015-08-19 18:52 - 2010-06-11 20:30 - 01629212 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-19 14:10 - 2014-02-02 15:03 - 00000764 _____ C:\NSI_DriverInstall.log
2015-08-19 14:09 - 2012-06-09 22:00 - 00000000 ____D C:\Program Files\Handset WinDriver
2015-08-17 10:32 - 2014-11-07 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-08-17 10:18 - 2014-11-07 00:01 - 00000000 ____D C:\Program Files\TomTom HOME 2
2015-08-17 10:15 - 2011-08-13 16:07 - 00000000 ____D C:\Users\Ebling\AppData\Local\Downloaded Installations
2015-08-16 22:29 - 2012-08-23 19:54 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-16 19:45 - 2014-09-29 22:19 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\HpUpdate
2015-08-16 19:29 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET
2015-08-16 18:26 - 2014-12-10 04:15 - 00000000 ____D C:\windows\system32\appraiser
2015-08-16 18:26 - 2014-05-06 21:54 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-16 18:26 - 2010-06-11 20:42 - 00000000 ____D C:\windows\system32\Drivers\de-DE
2015-08-16 18:26 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\de-DE
2015-08-16 13:53 - 2010-09-11 18:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 13:52 - 2015-04-19 18:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 13:52 - 2011-05-04 06:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 13:47 - 2013-08-15 17:30 - 00000000 ____D C:\windows\system32\MRT
2015-08-16 13:30 - 2010-09-16 19:47 - 129304528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-16 12:29 - 2012-05-25 10:47 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-08-16 12:29 - 2011-06-04 12:20 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-16 11:24 - 2010-06-11 20:47 - 00000000 ____D C:\ProgramData\PDFC
2015-08-01 10:46 - 2010-09-11 18:02 - 00000000 __RHD C:\MSOCache
2015-08-01 10:32 - 2015-03-12 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-08-01 10:32 - 2014-03-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2015-08-01 10:32 - 2012-05-27 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-01 10:32 - 2012-03-07 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager
2015-08-01 09:36 - 2013-05-09 22:58 - 00000000 ____D C:\Users\Ebling\AppData\Local\CrashDumps
2015-07-31 18:12 - 2015-03-29 18:16 - 00000400 _____ C:\windows\Tasks\One-Click Optimizer WO11.job
2015-07-30 20:36 - 2015-05-09 08:58 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Update Manager
2015-07-29 21:26 - 2014-09-29 22:18 - 00000000 ____D C:\ProgramData\HP
2015-07-29 20:06 - 2010-09-11 15:55 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Hewlett-Packard
2015-07-28 09:04 - 2011-12-01 22:27 - 00000000 ____D C:\Program Files\iTunes
2015-07-28 09:03 - 2012-06-16 13:21 - 00000000 ____D C:\Program Files\iPod
2015-07-28 09:02 - 2015-04-17 16:42 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\Program Files\QuickTime
2015-07-27 11:02 - 2015-04-23 18:47 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\iFunbox_UserCache
2015-07-26 21:03 - 2015-01-21 23:40 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieBrowserModeList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieUserList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieSiteList
2015-07-25 18:07 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-25 09:08 - 2015-03-28 20:40 - 00000000 ___SD C:\windows\system32\GWX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-09 09:02 - 2015-05-09 09:02 - 2204160 _____ () C:\Program Files\adwcleaner_4.203.exe
2015-05-03 22:35 - 2015-05-03 22:35 - 0891224 _____ (AMD) C:\Program Files\amddriverdownloader.exe
2014-02-27 18:57 - 2013-05-19 17:18 - 13431464 _____ () C:\Program Files\anytrans-setup.exe
2015-03-29 18:02 - 2015-03-29 18:02 - 28444000 _____ (Ashampoo GmbH & Co. KG ) C:\Program Files\ashampoo_winoptimizer_2015_18590.exe
2011-04-24 07:47 - 2011-04-24 07:47 - 0620972 _____ () C:\Program Files\Autoruns.zip
2012-07-17 22:53 - 2012-07-17 22:51 - 0883840 _____ () C:\Program Files\Avira-DE-Cleaner.exe
2015-03-06 15:20 - 2015-03-06 15:20 - 2314104 _____ () C:\Program Files\avira_pc_cleaner_de.exe
2013-10-08 13:20 - 2015-07-05 11:04 - 0027155 _____ () C:\Program Files\Changes.txt
2014-06-09 18:25 - 2014-06-09 18:24 - 0277107 _____ () C:\Program Files\clonepartition.rar
2013-05-29 15:04 - 2013-09-09 18:55 - 8334304 _____ (WindSolutions) C:\Program Files\CopyTransManager.exe
2010-08-29 15:08 - 2015-07-05 11:04 - 0000067 _____ () C:\Program Files\Core Temp Gadget & Addons.url
2013-10-08 13:22 - 2015-07-05 11:04 - 0794272 _____ () C:\Program Files\Core Temp.exe
2015-07-05 10:58 - 2015-07-05 10:58 - 0734473 _____ () C:\Program Files\CoreTemp_106.zip
2011-07-22 08:15 - 2011-07-22 08:15 - 0000000 _____ () C:\Program Files\ctapi_out_gr.txt
2011-02-22 13:48 - 2011-02-22 13:48 - 0175007 _____ () C:\Program Files\DirPrintOK292_Installer.zip
2012-05-02 15:44 - 2012-05-02 15:57 - 50449456 _____ (Microsoft Corporation) C:\Program Files\dotNetFx40_Full_x86_x64.exe
2014-02-27 18:57 - 2013-01-21 02:36 - 68765992 _____ (Landesfinanzdirektion Thüringen) C:\Program Files\ElsterFormular-14.0.0.10960p.exe
2012-07-17 22:06 - 2012-06-05 20:14 - 7207866 _____ (FreeDownloadManager.ORG ) C:\Program Files\fdminst.exe
2011-11-13 16:42 - 2011-11-13 16:45 - 14598944 _____ (Mozilla) C:\Program Files\Firefox Setup 8.0.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\FirstBackup.spg
2013-10-26 10:31 - 2013-10-26 10:21 - 31162768 _____ () C:\Program Files\FreeAudioConverter-5.0.30.1022.exe
2015-05-03 18:51 - 2015-05-03 18:51 - 30650288 _____ () C:\Program Files\FreeVideoToMP3Converter.exe
2014-01-05 13:49 - 2014-01-05 13:48 - 32244744 _____ () C:\Program Files\FreeYouTubeDownload-3.2.20.1230.exe
2014-02-27 18:57 - 2013-01-11 23:56 - 18291784 _____ (AVM Berlin ) C:\Program Files\FRITZ!fax_3.07.04 (1).exe
2013-01-06 21:34 - 2013-01-06 21:32 - 18291784 ____N (AVM Berlin ) C:\Program Files\FRITZ!fax_3.07.04.exe
2011-11-20 18:38 - 2011-09-08 07:23 - 0148923 _____ () C:\Program Files\FRITZ.Box Fon WLAN 7170 (UI) 29.04.80_08.09.11_0723.export
2012-08-27 20:20 - 2012-08-27 20:27 - 28952353 _____ () C:\Program Files\HiSuiteSetup V1.6.10.08.zip
2015-07-21 18:05 - 2015-07-21 18:05 - 5493352 _____ (Marx Software ) C:\Program Files\IDM05Setup.exe
2015-04-23 18:41 - 2015-04-23 18:41 - 21348024 _____ ( ) C:\Program Files\ifunbox_setup.exe
2014-02-27 18:57 - 2013-09-09 18:46 - 4279392 _____ (WindSolutions) C:\Program Files\Install_CopyTrans_Suite.exe
2011-08-12 16:25 - 2011-08-12 16:25 - 2118933 _____ (Marx Softwareentwicklung ) C:\Program Files\IPESetup09261.exe
2012-10-12 22:31 - 2012-10-12 22:31 - 0077236 _____ (AppWork UG (haftungsbeschränkt)) C:\Program Files\jDownloaderWebInstaller09581.exe
2014-02-27 18:57 - 2014-02-15 14:36 - 30796712 _____ (Oracle Corporation) C:\Program Files\jre-7u51-windows-x64.exe
2014-02-27 18:57 - 2013-05-08 20:44 - 4894912 _____ (Kaspersky Lab ZAO) C:\Program Files\kavremover.exe
2012-01-05 18:39 - 2013-09-09 18:55 - 0012943 _____ () C:\Program Files\License Agreement.rtf
2010-06-30 18:32 - 2015-07-05 11:04 - 0006594 _____ () C:\Program Files\License.txt
2011-04-09 07:18 - 2011-04-09 07:18 - 11239256 _____ (deepinvent Software GmbH ) C:\Program Files\MailStoreHomeSetup-4.2.0.5431.exe
2014-04-18 08:42 - 2014-04-18 08:43 - 28875706 _____ () C:\Program Files\MediathekView_6.zip
2010-09-24 18:34 - 2010-09-24 18:34 - 0002120 _____ () C:\Program Files\mobile
2012-09-02 14:02 - 2012-09-02 14:02 - 0290154 _____ () C:\Program Files\mp3DirectCut2.16.exe
2011-03-06 14:48 - 2011-03-06 14:48 - 0417048 _____ (Yahoo! Inc.) C:\Program Files\msgr10de.exe
2014-09-01 14:24 - 2014-09-01 14:24 - 10530167 _____ (J. Rathlev ) C:\Program Files\pb-setup-5.5.1000.exe
2014-04-16 09:26 - 2014-04-16 09:26 - 16587248 _____ (Tracker Software Products Ltd ) C:\Program Files\PDFX142Vwer.exe
2012-12-02 00:54 - 2012-12-02 00:59 - 15271824 _____ (Google Inc.) C:\Program Files\picasa39-setup.exe
2014-02-27 18:57 - 2013-05-20 14:16 - 15102976 _____ (MiniTool Solution Ltd. ) C:\Program Files\pwhe78.exe
2010-09-06 03:55 - 2015-07-05 11:04 - 0003630 _____ () C:\Program Files\Readme.txt
2014-06-28 16:18 - 2014-06-28 16:18 - 2617176 _____ (VS Revo Group Ltd.) C:\Program Files\revosetup193.exe
2013-04-19 23:21 - 2013-04-19 23:23 - 6018162 _____ () C:\Program Files\Root_Y200_v5.zip
2013-02-17 17:48 - 2013-02-17 17:48 - 5193621 _____ () C:\Program Files\Samsung-PC-Editor.rar
2013-02-17 17:55 - 2013-02-17 17:55 - 6845297 _____ () C:\Program Files\Samsung_ChannelListPCEditor_1.09.zip
2014-02-27 18:57 - 2014-02-15 21:24 - 3930129 _____ () C:\Program Files\Setup_Migraene-Tagebuch.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\sg_backup_2010-09-23-2050.spg
2015-07-25 17:20 - 2015-07-25 17:20 - 6962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe
2011-02-16 16:26 - 2011-02-16 16:26 - 21683544 _____ (Hewlett-Packard Company ) C:\Program Files\sp49541.exe
2013-04-20 12:43 - 2013-04-20 12:43 - 0627688 _____ () C:\Program Files\Superuser-3.0.7-efghi-signed.zip
2014-06-09 18:51 - 2014-06-09 18:51 - 0583496 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\tb_free_installer.exe
2010-09-23 20:46 - 2010-09-23 20:46 - 0655360 _____ (Speed Guide Inc.) C:\Program Files\TCPOptimizer.exe
2012-11-17 12:48 - 2012-11-17 12:49 - 3167176 _____ (TeamViewer) C:\Program Files\TeamViewerQS_de.exe
2009-10-20 00:43 - 2009-10-20 00:43 - 0047104 _____ () C:\Program Files\Thumbs.db
2014-11-06 23:57 - 2014-11-06 23:57 - 31119112 _____ () C:\Program Files\TomTomHOME2winlatest.exe
2015-08-01 10:23 - 2015-08-01 10:23 - 6043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe
2014-05-18 20:19 - 2014-05-18 20:19 - 0699943 _____ () C:\Program Files\wmv2-1.9.8.exe
2015-03-29 19:10 - 2015-03-29 19:10 - 0000000 _____ () C:\Users\Ebling\AppData\Roaming\gdfw.log
2015-03-29 19:10 - 2015-03-29 19:10 - 0000779 _____ () C:\Users\Ebling\AppData\Roaming\gdscan.log
2011-02-16 15:58 - 2011-05-21 20:59 - 0001849 _____ () C:\Users\Ebling\AppData\Roaming\GhostObjGAFix.xml
2011-07-02 21:02 - 2011-07-02 21:03 - 0038452 _____ () C:\Users\Ebling\AppData\Roaming\Microsoft Excel 97-2003.ADR
2011-08-13 19:00 - 2012-01-23 20:20 - 0001570 _____ () C:\Users\Ebling\AppData\Roaming\MyMicroBalanceConfig.ini
2012-09-02 14:21 - 2014-07-31 17:27 - 0004608 _____ () C:\Users\Ebling\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-06 14:44 - 2011-03-06 14:44 - 0000209 _____ () C:\Users\Ebling\AppData\Local\GLFEDA7.tmp
2014-03-15 10:27 - 2014-03-15 10:27 - 0004096 ____H () C:\Users\Ebling\AppData\Local\keyfile3.drm
2012-03-10 11:45 - 2012-03-10 11:45 - 0000017 _____ () C:\Users\Ebling\AppData\Local\resmon.resmoncfg
2012-11-25 03:31 - 2012-11-25 03:31 - 0017408 _____ () C:\Users\Ebling\AppData\Local\WebpageIcons.db
2014-02-15 10:42 - 2014-02-15 10:42 - 1364399 _____ () C:\ProgramData\1392451495.bdinstall.bin
2014-03-20 14:55 - 2014-03-20 14:55 - 0253886 _____ () C:\ProgramData\1395319610.bdinstall.bin
2014-03-20 15:54 - 2014-03-20 15:54 - 1108989 _____ () C:\ProgramData\1395320619.bdinstall.bin
2014-03-20 15:59 - 2014-03-20 15:59 - 0056385 _____ () C:\ProgramData\1395323941.bdinstall.bin
2014-03-20 16:31 - 2014-03-20 16:31 - 3180570 _____ () C:\ProgramData\1395324509.bdinstall.bin
2014-09-29 22:18 - 2014-09-29 22:18 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-12-24 01:00 - 2011-12-24 01:00 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-02-16 13:56 - 2014-06-25 20:24 - 10981376 _____ () C:\ProgramData\sandra.mda
2014-12-26 18:30 - 2014-12-26 18:30 - 0001534 _____ () C:\ProgramData\ss.ini
2011-02-16 14:03 - 2014-06-25 20:03 - 0000000 _____ () C:\ProgramData\xml3D4F.tmp
2011-02-16 14:03 - 2014-12-06 11:49 - 0015350 _____ () C:\ProgramData\xml4155.tmp
2011-02-16 14:03 - 2011-02-16 14:03 - 0001629 _____ () C:\ProgramData\xml428E.tmp
2014-12-06 11:49 - 2014-12-06 11:49 - 0006028 _____ () C:\ProgramData\xml4E12.tmp
Einige Dateien in TEMP:
====================
C:\Users\Doris\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ebling\AppData\Local\Temp\btins.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-03 10:45
==================== Ende vom raportu ============================
|
|
22.08.2015, 10:56
| #4 |
| | C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren und dies die Addition-Datei: Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-08-2015 03 durchgeführt von Ebling (2015-08-22 11:26:05) Gestartet von C:\Users\Ebling\Desktop Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1320190850-2687297852-4289220983-500 - Administrator - Disabled) DHBW (S-1-5-21-1320190850-2687297852-4289220983-1007 - Limited - Enabled) => C:\Users\DHBW Doris (S-1-5-21-1320190850-2687297852-4289220983-1002 - Limited - Enabled) => C:\Users\Doris Ebling (S-1-5-21-1320190850-2687297852-4289220983-1001 - Administrator - Enabled) => C:\Users\Ebling Gast (S-1-5-21-1320190850-2687297852-4289220983-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1320190850-2687297852-4289220983-1011 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 1und1 Internet Explorer Add-On (Version: 1.0 - 1&1 Internet AG) Hidden 7-Zip 4.65 (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated) Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit) AntiBrowserSpy (HKLM\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft) Anti-Twin (Installation 12/29/2011) (HKLM\...\Anti-Twin 2011-12-29 18.43.19) (Version: - Joerg Rosenthal, Germany) AnyTrans 3.4.1 (HKLM\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 3.4.1 - iMobie Inc.) Apple Application Support (32-Bit) (HKLM\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG) ATI Catalyst Install Manager (HKLM\...\{992F7E6B-58D4-428A-B574-082C0884423E}) (Version: 3.0.778.0 - ATI Technologies, Inc.) AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version: - AVM Berlin) AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version: - AVM Berlin) AVM FRITZ!Fernzugang (HKLM\...\{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}) (Version: 1.2.3 - AVM Berlin) BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - ) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation) Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation) ccc-core-static (Version: 2011.0316.116.298 - Ihr Firmenname) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP) Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) CloneSpy 2.62 (HKLM\...\CloneSpy) (Version: - CloneSpy) COMPUTERBILD-Abzockschutz (HKLM\...\{6F03FF16-24BF-4887-9EBA-280CF7657A54}) (Version: 1.0.42 - J3S) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Der grandiose Bildverkleinerer 1.7b (HKLM\...\Der grandiose Bildverkleinerer) (Version: 1.7b - ) DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden DirPrintOK (HKLM\...\DirPrintOK) (Version: - ) EaseUS Partition Master 10.5 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS) ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen) Energy Star Digital Logo (HKLM\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) Everything 1.2.1.371 (HKLM\...\Everything) (Version: - ) Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - Free PDF to Word Doc Converter - easy and powerful pdf converter software.) Free Video Flip and Rotate version 2.1.7.422 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.7.422 - DVDVideoSoft Ltd.) Free Video to MP3 Converter version 5.0.58.415 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.20.1230 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.) FreeRIP MP3 Converter 4.5.3 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.3 - GreenTree Applications SRL) FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin) FRITZ!Box-Fernzugang einrichten (HKLM\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin) G Data InternetSecurity CBE (HKLM\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG) Google Chrome (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google SketchUp 8 (HKLM\...\{15F02176-0D12-4FAF-B2CD-2767C7781427}) (Version: 3.0.4993 - Google, Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden Google+ Auto Backup (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google+ Auto Backup) (Version: 1.0.24.118 - Google, Inc.) GoogleClean (HKLM\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft) Hama Wireless LAN Adapter (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 10.6.0 - Hama) Hama Wireless LAN Adapter (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama) Handset WinDriver 1.02.03.00 (HKLM\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.) HiSuite (HKLM\...\Hi Suite) (Version: 32.610.28.00.06 - Huawei Technologies Co.,Ltd) HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard) HP ESU for Microsoft Windows 7 (HKLM\...\{C2686567-5A9A-4B6D-B965-7A5E26F73A25}) (Version: 1.1.3.1 - Hewlett-Packard Company) HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company) HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet 6500 E710n-z Hilfe (HKLM\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard) HP Setup (HKLM\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company) HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company) HP Software Framework (HKLM\...\{DA200FDD-DE3D-4958-8465-C4FBC869544B}) (Version: 3.5.20.1 - Hewlett-Packard Company) HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company) HP Support Assistant (HKLM\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP User Guides 0190 (HKLM\...\{5B0D9F1A-425E-46C4-B06D-2C0736C1E804}) (Version: 1.00.0000 - Hewlett-Packard) HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.25.0 - Roxio) HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50014.0 - Sonix) HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard) I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iBackupBot 5.2.5 (HKLM\...\iBackupBot) (Version: 5.2.5 - VOWSoft, Ltd.) iDevice Manager (HKLM\...\FE5AE7DC-7B01-4263-A94C-B4526C276550_is1) (Version: 5.0.0.0 - Marx Software) IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT) iFunbox (v2.95.2610.819), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.95.2610.819 - ) iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.) Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle) JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Licensing Service Install (HKLM\...\{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}) (Version: 2.0.1.181 - Protexis Inc.) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) MiniTool Partition Wizard Home Edition 7.1 (HKLM\...\{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1) (Version: - MiniTool Solution Ltd.) MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) miTracker 1.1.4 (HKLM\...\miTracker) (Version: 1.1.4 - Vitarsoft Co. Limited.) Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mp3tag v2.53 (HKLM\...\Mp3tag) (Version: v2.53 - Florian Heidenreich) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyMicroBalance (HKLM\...\{1AE1CCB0-DF19-44DF-B8C8-8E259F63B028}) (Version: 2.5.3 - Trusted Bytes Softwareentwicklung e.U.) Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - ) Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions) Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software) Paragon Festplatten Manager™ 2011 Kompakt (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software) PC Connectivity Solution (HKLM\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia) PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.117 - PDF Complete, Inc) PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery) pdfsam (HKLM\...\pdfsam) (Version: 2.2.1 - ) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd) Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev) PhoneClean 2.1.6 (HKLM\...\{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1) (Version: 2.1.6 - iMobie Inc.) PhotoFiltre (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre) (Version: - ) PhotoFiltre Studio X (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre Studio X) (Version: - ) PhotoScape (HKLM\...\PhotoScape) (Version: - ) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) POP and IMAP Troubleshooter (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PopImapTroubleshooter) (Version: 0.1 - Google) QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek) Recuva (HKLM\...\Recuva) (Version: 1.39 - Piriform) Revo Uninstaller 1.93 (HKLM\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group) Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3.56.20 - Roxio) Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version: - ) SiSoftware Sandra Lite 2011.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 17.36.2011.2 - SiSoftware) Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit) SmartTools Office DDE-Fix (HKLM\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing) Snapfish Fotobuch (HKLM\...\Snapfish Fotobuch) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG) Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{F158CFB3-2C04-4138-9556-B9C3D5A89CF4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated) System.Data.SQLite v1.0.81.0 (HKLM\...\{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1) (Version: 1.0.81.0 - System.Data.SQLite Team) TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.13992 - TeamViewer GmbH) TomTom HOME (HKLM\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname) TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Trainingssoftware (HKLM\...\{7C33F907-7A81-48B8-BD2D-D851C5FA9EFC}) (Version: 1.0.0 - IKE Software Solutions) TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation) TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden TuneUp Utilities 2014 (Version: 14.0.1000.275 - TuneUp Software) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN) Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.7 - Hewlett-Packard Company) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom) Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia) Wise Care 365 3.73 (HKLM\...\Wise Care 365_is1) (Version: 3.73 - WiseCleaner.com, Inc.) WMV9/VC-1 Video Playback (Version: 1.0.60316.0158 - ATI Technologies Inc.) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0006F045-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AFACED1-E828-11D1-9187-B532F1E9575D}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{71C3BF7F-682F-4B5E-9E47-5C25D3AC9458}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\windows\system32\urlmon.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{8F170678-2A97-4D59-89A1-7A0A71C1B677}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\windows\system32\actxprxy.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> kein Dateipfad ==================== Wiederherstellungspunkte ========================= 16-08-2015 13:24:16 Windows Update 17-08-2015 10:16:36 Installed TomTom HOME. 17-08-2015 10:30:13 Removed TomTom HOME. 19-08-2015 22:30:53 Windows Update 20-08-2015 13:36:19 Installed Bluetooth Software ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:04 - 2013-11-09 04:23 - 00000893 ____N C:\windows\system32\Drivers\etc\hosts 127.0.0.1 Google Analytics - Mobile, Premium and Free Website Analytics ? Google 127.0.0.1 google-analytics.com ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01979C6F-F3CD-4ADF-850A-D355D7DBF1E2} - System32\Tasks\{D7B22B5B-FEF4-45DD-BBD7-DDD4B3D3BD98} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -c /x {537BF16E-7412-448C-95D8-846E85A1D817} Task: {07BC50FA-DF6F-41CB-9167-7FC771DE5D0E} - System32\Tasks\{BF456A74-A282-4513-BE6C-DCEC0EDB9173} => pcalua.exe -a "C:\Program Files\SmartTools\SmartTools Office DDE-Fix.exe" -d "C:\Program Files\SmartTools" Task: {0CD0B4DA-4EF0-4CEA-B9E6-E216CF647833} - System32\Tasks\{734BA5A5-D0D3-413C-A06E-1334EA7C253A} => pcalua.exe -a "H:\WISO\Steuersoftware 2015\WISOSteuersoftware2015 (1).exe" -d "H:\WISO\Steuersoftware 2015" Task: {0D0F5B0A-9C80-49E0-ACF1-ED2D99D3963B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {133132F4-A462-4221-9918-D1E109459994} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-13] () Task: {1490F15A-500B-48F8-A1B6-CD708B60A869} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.) Task: {231BF404-97D8-4B25-823E-2EEA520D3319} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {24F1B7B9-C2DA-4872-82DF-78F6957EA702} - System32\Tasks\{EAAA07BA-9CB7-4E2A-B8AB-9B51384CBF79} => pcalua.exe -a C:\windows\IsUn0407.exe -c -f"C:\Program Files\FRITZ!\Uninst.isu" -c"C:\Program Files\FRITZ!\UNINST.DLL" Task: {295090DA-E78F-4DBC-9965-0937ACB7F00F} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files\AntiBrowserSpy\BrowserMask.exe [2014-01-13] () Task: {2A74942C-6BCB-4059-8646-F38427E9E926} - System32\Tasks\Google Updater and Installer => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {314EFBE2-4FB4-4363-BC33-95BD2D0C199D} - System32\Tasks\HPCeeScheduleForEbling => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard) Task: {33EAEE3C-E0B9-46D9-A740-23FBC29BEA0E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {34D6170E-7F66-43DE-92AA-51121A2FB431} - System32\Tasks\One-Click Optimizer WO11 => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe [2015-01-05] (Ashampoo Development GmbH & Co. KG) Task: {47C8A5FF-A6CA-49DB-A739-DD959BC47F21} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard) Task: {5BF671C8-011A-460A-99B5-366A17D75C6E} - System32\Tasks\Wise Turbo Checker => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe [2015-05-12] (WiseCleaner.COM) Task: {640420A2-1CD1-4541-91A8-2D13AEEF61A5} - System32\Tasks\{782CEE39-1246-4CF0-BF80-77CA87BA991F} => pcalua.exe -a H:\InstallTomTomHOME.exe -d H:\ Task: {6DD37970-9D6C-420D-A55B-205B563BB395} - System32\Tasks\{DAD58C6D-7B0D-449A-873D-CA8C01E5FDC1} => C:\Program Files\iMobie\AnyTrans\anytrans-setup.exe [2013-05-19] () Task: {70BFAB2A-6C59-4B2E-8435-4E319F28F7AE} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe [2015-07-01] (WiseCleaner.com) Task: {71F4526D-6F16-446D-9F58-81D891E12DCD} - System32\Tasks\{890ED934-859F-4552-B0DC-F478B34CFB2F} => Chrome.exe hxxp://ui.skype.com/ui/0/5.0.0.152/de/go/help.faq.installer?LastError=1603 Task: {80F50AED-FAF1-4F20-94DD-E15F2C60E6E8} - System32\Tasks\{0B46AF53-A2FB-4098-BCB8-5E86A4457EB7} => pcalua.exe -a "C:\Program Files\SmartTools\Office DDE-Fix\uninstall.exe" -d "C:\Program Files\SmartTools\Office DDE-Fix" Task: {80F9E998-4AB6-4377-9B91-521DD6141DE2} - System32\Tasks\{48C16FF1-F5E1-40A1-9BD6-EE8DA774B726} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental) Task: {811A6051-40F0-4085-BB3B-6F577CCA5B7C} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {81A420AF-3DA2-462B-B3D8-796DF4E2C60A} - System32\Tasks\{E508F5B1-0FFE-4648-861C-C3B3A77109F3} => pcalua.exe -a "C:\Program Files\FRITZ!Box\FRITZ!fax_3.07.04.exe" -d "C:\Program Files\FRITZ!Box" Task: {88D05C53-BF29-41FC-8A4F-B8209C8AB5A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {8B11E630-046A-43CF-B73A-930B0CE305C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {8D02AB57-24BF-4370-9117-62250A647186} - System32\Tasks\{CDE98B08-CC91-4969-BD47-3D0DBF714EEF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603 Task: {8E7BDED3-155B-4581-B97D-92DA9F8FE5C5} - System32\Tasks\ASC8_SkipUac_Ebling => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe Task: {8F503074-A26D-4DEC-9EDC-E9416CBF32B6} - System32\Tasks\{48F2F052-31D6-4307-8BA0-EA9DB63FAFAF} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental) Task: {904E8419-36B7-4F8D-B3DF-B43242CE78CB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.) Task: {908D6E9A-4122-418D-AF2A-07C2F1DB3436} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe Task: {921512E0-3959-4FA8-BAA4-AE58DEA62E50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.) Task: {95224B42-2574-4EA7-8C4C-BBA507E88A85} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {95946CEF-BBB5-44EA-B9F7-2B00B060CD98} - System32\Tasks\{40FAF4F9-93F5-4266-B1FF-0D111039189A} => pcalua.exe -a "C:\Program Files\iview430g_setup.exe" -d C:\Users\Ebling\Desktop Task: {9A36F8F5-7717-472E-BCA6-85FC241B45CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd) Task: {9B9B14A7-54D1-453C-AFEE-E91D118F3B31} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe Task: {9CC38FA3-C263-44D3-9DEC-2D75EFD699BC} - System32\Tasks\{1D954EBB-64CB-4FBA-BF3A-20D806CCF871} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603 Task: {B744F1FB-F29F-464E-AB93-9D81D3D2D28A} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-13] () Task: {B8AF33E7-CFDB-4410-A365-6593DC01A192} - System32\Tasks\Uninstaller_SkipUac_Ebling => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {C6136B4B-1487-4868-9914-75136056ABD1} - System32\Tasks\{DD71730C-F8FF-4900-86CE-BE6EEDFD9428} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -d C:\windows\system32 -c /x {537BF16E-7412-448C-95D8-846E85A1D817} Task: {CB1078AD-B5F2-4DC1-8562-52E51BB18B43} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {CCCDDC80-D966-4940-8B67-4187F134A4A9} - System32\Tasks\HPCeeScheduleForHP625$ => c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard) Task: {CF723268-1BCF-454E-938C-2279828B9184} - System32\Tasks\{6EEE5437-4E2D-40EB-911F-A6C858C971FB} => pcalua.exe -a "C:\Program Files\Google\Picasa3\Uninstall.exe" Task: {D8854C4B-75DA-4B07-BDE5-1424B67FF13C} - System32\Tasks\{E2634312-8A42-4EBF-A6EC-E194A5615141} => pcalua.exe -a "C:\Program Files\FRITZ!fax_3.07.04.exe" -d "C:\Program Files" Task: {DA27E8F3-6587-46EF-AEFF-A1904A36D21A} - System32\Tasks\Wise Care 365 => C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2015-06-04] (WiseCleaner.com) Task: {DB0E0E0B-036C-440E-8614-02291AC4A684} - System32\Tasks\{16FE68E3-8085-4DE4-BBB7-DB8ED9F20C62} => pcalua.exe -a "C:\Users\Ebling\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLQGS4AV\sp48591[1].exe" -d C:\Users\Ebling\Desktop Task: {DF21E094-5EE5-4916-8AA8-5079BA6F1785} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated) Task: {EAD8E160-4EB7-44C6-8388-7595B0CBBB11} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe Task: {F037DEC8-361B-43FB-B03E-A9D31575BA3F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation) Task: {F402D984-6BEC-4B64-AA36-D3C005440D04} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {FBCE29B2-17E0-4A73-958C-838E5BBD1E89} - System32\Tasks\{49950F46-4A32-40C2-B8EB-8A7B7344E019} => pcalua.exe -a "D:\1-Wilfried\Nebentätigkeiten\0-Lehrauftrag-Baureferendare\Rheinland-Pfalz\Foliensatz für Baureferendare 2011\iview430g_setup.exe" -d C:\Users\Ebling\Desktop (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\HPCeeScheduleForEbling.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\windows\Tasks\HPCeeScheduleForHP625$.job => c:\program files\hewlett-packard\hp ceement\HPCEE.exe Task: C:\windows\Tasks\One-Click Optimizer WO11.job => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe Task: C:\windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe Task: C:\windows\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe Task: C:\windows\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2011-03-04 20:00 - 2001-10-28 17:42 - 00116224 _____ () C:\windows\System32\pdfcmnnt.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-18 14:52 - 2014-09-05 09:40 - 00117280 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe 2015-07-18 14:52 - 2014-09-05 09:40 - 00180768 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe 2015-05-15 19:04 - 2014-01-13 10:08 - 01136640 _____ () C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe 2015-05-15 19:04 - 2014-01-13 10:15 - 00778240 _____ () C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe 2015-05-15 19:04 - 2014-01-13 10:15 - 00823424 _____ () C:\Program Files\AntiBrowserSpy\BrowserMask.exe 2011-03-15 13:03 - 2011-03-15 13:03 - 01053848 ____N () C:\Windows\System32\ieconfig_1und1_svc.exe 2013-12-19 04:42 - 2013-12-19 04:42 - 00287864 ____N () C:\Program Files\Common Files\G Data\AVKProxy\PktIcpt2.dll 2011-02-15 17:38 - 2010-06-14 15:38 - 00984416 _____ () C:\Program Files\Hama\Common\RaWLAPI.dll 2011-03-14 14:20 - 2011-03-14 14:20 - 00098304 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-03-16 01:14 - 2011-03-16 01:14 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll 2015-08-16 12:22 - 2015-08-08 02:13 - 01405768 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\libglesv2.dll 2015-08-16 12:22 - 2015-08-08 02:13 - 00081224 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\libegl.dll 2015-08-16 12:22 - 2015-08-08 02:13 - 16393032 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll 2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ibackupbot_setup.exe:BDU AlternateDataStreams: C:\wm2014xxl.exe:BDU AlternateDataStreams: C:\Program Files\ashampoo_winoptimizer_2015_18590.exe:BDU AlternateDataStreams: C:\Program Files\avira_pc_cleaner_de.exe:BDU AlternateDataStreams: C:\Program Files\PDFX142Vwer.exe:BDU AlternateDataStreams: C:\Program Files\revosetup193.exe:BDU AlternateDataStreams: C:\Program Files\Setup_Migraene-Tagebuch.exe:BDU AlternateDataStreams: C:\Program Files\tb_free_installer.exe:BDU AlternateDataStreams: C:\Program Files\TomTomHOME2winlatest.exe:BDU AlternateDataStreams: C:\Program Files\wmv2-1.9.8.exe:BDU AlternateDataStreams: C:\windows\system32\atibtmon.exe:AGC AlternateDataStreams: C:\Users\Ebling\OJ6500_E710n-z_1315-1.exe:BDU ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Classes\.exe: => <===== ACHTUNG ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com Da befinden sich 4789 mehr eingeschränkte Seiten. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.5 BD Edition.lnk => C:\windows\pss\PHOTOfunSTUDIO 6.5 BD Edition.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk => C:\windows\pss\Scanner Finder.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TraXEx PC-Putzer.lnk => C:\windows\pss\TraXEx PC-Putzer.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Ebling^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\windows\pss\Persbackup.lnk.Startup MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe MSCONFIG\startupreg: estar => C:\System.Sav\Util\HideDOS.EXE C:\System.Sav\util\estartwk\twk7.bat MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden MSCONFIG\startupreg: iFunBox Fast App Install Handler => C:\Program Files\i-Funbox DevTeam\iFunBox.exe /tray MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Messenger (Yahoo!) => ~"C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet MSCONFIG\startupreg: miTracker => C:\Program Files\miTracker\miTracker.exe MSCONFIG\startupreg: Mobile Partner => C:\Program Files\HiSuite\HiSuite.exe -s MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: UM => C:\Users\Ebling\AppData\Roaming\Update Manager\UM.EXE ==================== FirewallRules (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{1FB21EF4-B2D9-46D3-9143-81A824193170}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe FirewallRules: [{DA70798B-6C74-4314-9E85-0AD7EA3FFA4D}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe FirewallRules: [{D398DBA3-5B1A-4115-A443-1555995590FA}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe FirewallRules: [{C6E9E309-E04A-4465-AB54-A8C3BBD0D257}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe FirewallRules: [{34A2C04A-52FD-4633-B7BB-E7E8B7B8E06E}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe FirewallRules: [{35F1465C-4094-4338-B217-7DE418ECC2AA}] => (Allow) G:\fsetup.exe FirewallRules: [{0771C26A-3465-4A63-A3FB-5DEB25174563}] => (Allow) G:\fsetup.exe FirewallRules: [{9C8EEAC4-C79E-4645-A345-338396030737}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe FirewallRules: [{D194DF3A-FFF0-4543-8EE4-2AF55A8E73F5}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe FirewallRules: [{9AA67938-324E-4F9A-A3FD-09CE569F0070}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe FirewallRules: [{7BA68422-AA22-4466-857F-D9E00534E399}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe FirewallRules: [{70A20D15-4578-458B-B6F1-133FB02F5710}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F5E420C5-9698-499C-B6CF-25C51A6B905A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{023C21EE-16A0-4373-9E02-AE44FC9F9843}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{F2DE679E-9EA9-4C6F-B596-E6E80E9394BA}] => (Allow) C:\Windows\System32\msiexec.exe FirewallRules: [{796FA458-B5B4-4C0D-913E-C5CDA12E37BC}] => (Allow) C:\Windows\System32\msiexec.exe FirewallRules: [{912DA99B-4816-4BFF-9B2E-C88D8EFB0407}] => (Allow) C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{C23F3B2D-F668-4510-ABC5-3AD89244CC22}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{98BA9B42-D287-4D0B-9C3A-D7200D181C49}] => (Allow) LPort=2869 FirewallRules: [{BAA9DC4F-E2C2-45A1-83FE-9E71AF8AD65D}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{85D82E3B-5F42-4FE2-8993-64F99282E680}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe FirewallRules: [UDP Query User{C35FA939-86A0-4E6B-9AAF-B4DCD5E7102C}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe FirewallRules: [{3A9FC52B-A777-4ABC-ABAF-DF0880AD4A4E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe FirewallRules: [{257885B6-6087-4E56-861F-72F48D255233}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe FirewallRules: [{7D264A39-5051-4918-A99E-F3EBE90AD86F}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe FirewallRules: [{F428979F-E951-4291-A592-369F7760DF42}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe FirewallRules: [{4DA75E71-DD81-4198-B34A-64F14B9DA25E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe FirewallRules: [{9033FD3A-8909-4C19-8130-4AF6CB8A2296}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{E45CB4B1-E05C-4C78-9A1A-4B5AA6D03B9C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\RpcSandraSrv.exe FirewallRules: [{27FF653E-2A0D-4C5D-8401-30DB0FB5BB27}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe FirewallRules: [{B7891E7C-022C-47E0-AA42-FACA7E4B6B2E}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe FirewallRules: [{4FFA83CB-C837-4B93-87FC-FE0FDAE91AC6}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{DBBF42D8-C004-414B-B6D5-6819FC95219F}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe FirewallRules: [UDP Query User{180E934D-78A8-4E31-BA12-CAE8FEF7D41D}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/16/2015 09:34:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14043.574, Zeitstempel: 0x52fb3224 Name des fehlerhaften Moduls: avkhttp.dll, Version: 25.0.14079.176, Zeitstempel: 0x532a4adc Ausnahmecode: 0xc0000417 Fehleroffset: 0x0008cf92 ID des fehlerhaften Prozesses: 0x140 Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0 Pfad der fehlerhaften Anwendung: AVKProxy.exe1 Pfad des fehlerhaften Moduls: AVKProxy.exe2 Berichtskennung: AVKProxy.exe3 Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT) Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\. Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT) Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\. Error: (08/16/2015 01:27:12 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Kontext: Anwendung, SystemIndex Katalog Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT) Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\. Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT) Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\. Error: (08/03/2015 09:18:10 AM) (Source: AVKWCtl) (EventID: 0) (User: ) Description: Failed to connect to Engines (0x1). Result Code: -1 Error: (08/03/2015 09:18:08 AM) (Source: AVKWCtl) (EventID: 0) (User: ) Description: Failed to connect to Engines (0x1). Result Code: -1 Error: (08/03/2015 09:18:05 AM) (Source: AVKWCtl) (EventID: 0) (User: ) Description: Failed to connect to Engines (0x1). Result Code: -1 Error: (08/03/2015 09:18:03 AM) (Source: AVKWCtl) (EventID: 0) (User: ) Description: Failed to connect to Engines (0x1). Result Code: -1 Systemfehler: ============= Error: (08/22/2015 10:57:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/21/2015 10:01:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/20/2015 09:29:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/20/2015 03:22:51 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {51FA2736-5DEE-11D4-98E8-006008BF430C} Error: (08/20/2015 02:39:09 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (08/20/2015 02:27:02 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (08/20/2015 02:24:58 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (08/20/2015 02:24:58 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (08/20/2015 02:20:20 PM) (Source: BTHUSB) (EventID: 16) (User: ) Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (08:df:1f:24:d4:88) ist fehlgeschlagen. Error: (08/20/2015 02:20:10 PM) (Source: BTHUSB) (EventID: 16) (User: ) Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (08:df:1f:24:d4:88) ist fehlgeschlagen. Microsoft Office: ========================= Error: (06/27/2015 03:38:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2068 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/02/2015 12:31:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2364 seconds with 2160 seconds of active time. This session ended with a crash. Error: (12/07/2014 01:12:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8854 seconds with 1680 seconds of active time. This session ended with a crash. Error: (11/06/2014 10:05:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 669 seconds with 0 seconds of active time. This session ended with a crash. Error: (10/18/2014 11:01:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47515 seconds with 18060 seconds of active time. This session ended with a crash. Error: (10/06/2014 10:23:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19835 seconds with 5880 seconds of active time. This session ended with a crash. Error: (07/28/2014 04:11:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29534 seconds with 16380 seconds of active time. This session ended with a crash. Error: (07/07/2014 08:46:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7323 seconds with 2940 seconds of active time. This session ended with a crash. Error: (05/24/2014 11:03:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1296 seconds with 360 seconds of active time. This session ended with a crash. Error: (03/15/2014 09:57:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7475 seconds with 300 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: AMD Athlon(tm) II P320 Dual-Core Processor Prozentuale Nutzung des RAM: 57% Installierter physikalischer RAM: 2812.56 MB Verfügbarer physikalischer RAM: 1209.31 MB Summe virtueller Speicher: 5923.43 MB Verfügbarer virtueller Speicher: 3643.42 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:72.29 GB) (Free:4.73 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)] Drive d: (Daten) (Fixed) (Total:137 GB) (Free:10.48 GB) NTFS Drive e: (Nebentätigkeit) (Fixed) (Total:71.5 GB) (Free:12.84 GB) NTFS Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32 Drive g: (SH_SICHERHEIT2015) (CDROM) (Total:5.26 GB) (Free:0 GB) UDF ==================== MBR & Partitionstabelle ================== ==================== Ende vom raportu ============================ heute kam auch noch folgende Meldung: "Einige Features von AntiBrowserSpy-IE-SocialBlock.exe wurden in allen öffentlichen und privaten Netzwerken von der Windows-Firewall blockiert. Name: AntiBrowserSpy-IE-SocialBlock.exe Herausgeber: Unbekannt Pfad: C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe Kommunikation von Antibrowserspy-IE-SocialBlock.exe in diesen Netzwerken zulassen: [] Private Netzwerke, beispielsweise Heim- oder Arbeitsplatznetzwerk [x] Öffentliche Netzwerke, z.B. in Flughäfen und Cafés (nicht empfohlen, da diese Netzwerke oftmals gar nicht oder nur geringfügig geschützt sind" Dann bestand die Option "Zugriff zulassen" oder "Abbrechen" und zum Ende meines heutigen Eintrags bereits vorab vielen Dank an schrauber für die in Aussicht gestellte Hilfe, auch wenn es etwas gedauert hat, bis ich den Scan mit FRST gemacht habe! W |
|
23.08.2015, 05:59
| #5 |
| /// the machine /// TB-Ausbilder | C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.08.2015, 09:12
| #6 |
| | FRST-Datei okay, beim nächsten Mal weiß ich es. Hier also die FRST-Datei FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2015 03
durchgeführt von Ebling (Administrator) auf HP625 (22-08-2015 11:22:27)
Gestartet von C:\Users\Ebling\Desktop
Geladene Profile: Ebling (Verfügbare Profile: Ebling & Doris & DHBW)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\System32\atibtmon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
(AVM Berlin) C:\Program Files\1&1\IGDCTRL.EXE
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
() C:\Program Files\AntiBrowserSpy\BrowserMask.exe
(WiseCleaner.com) C:\Program Files\Wise\Wise Care 365\WiseTray.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaRegistry.exe
() C:\Windows\System32\ieconfig_1und1_svc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(AVM Berlin) C:\Program Files\1&1\Stcenter.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaUI.exe
(Dr. J. Rathlev, D-24222 Schwentinental) C:\Program Files\Personal Backup 5\Persbackup.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-03-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2011-11-12] (IDT, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM\...\runonceex: [ContentMerger] => c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-11-23] (Sonic Solutions)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2009-05-28] ()
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [Google Update] => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-17] (Google Inc.)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\RunOnce: [Application Restart #0] => C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\1&1 FRITZ!Box starter.lnk [2011-03-15]
ShortcutTarget: 1&1 FRITZ!Box starter.lnk -> C:\Windows\Installer\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}\Icon2457326B4.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-08-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hama Wireless LAN Utility.lnk [2011-02-15]
ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Program Files\Hama\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011-04-24] ()
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk [2014-12-25]
ShortcutTarget: Persbackup.lnk -> C:\Program Files\Personal Backup 5\Persbackup.exe (Dr. J. Rathlev, D-24222 Schwentinental)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyEnable: [S-1-5-21-1320190850-2687297852-4289220983-1001] => Internet Explorer proxy ist aktiviert.
ProxyServer: [S-1-5-21-1320190850-2687297852-4289220983-1001] => localhost:8088
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
hxxp://www.bild.de/
SearchScopes: HKLM -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {17DEF703-7B02-4191-B3CE-0C5250344CEB} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\.DEFAULT -> {979F1432-D714-4905-B07F-C9CB5EF2462E} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKU\.DEFAULT -> {E8A98910-41C8-4FEA-9BBF-439433B95BE5} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\.DEFAULT -> {F45BF24A-B4EC-40A7-942F-501104FC55E9} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {06090F73-779E-4FB6-BB0A-FF6807704AF7} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {10FC8F81-E923-4DFC-A0DF-FFABC14D54A6} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL =
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {417ACE4C-D557-454E-9A06-CE17AD599530} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {43D89E1D-8489-468F-B390-7D3F79E8C588} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {6C4B03E8-9DE0-4F32-9FED-DA4B3A10C431} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {FC8A9B8F-BE3A-4BBF-82B2-C4427BE73C4B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-03-12] (IObit)
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\System32\ieconfig_1und1.dll [2011-03-15] (mquadr.at software engineering und consulting GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKU\.DEFAULT -> Kein Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - Keine Datei
Toolbar: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{666D63E0-1108-40D3-940A-9120699323D7}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A574D06-DDF0-4179-92C5-EAA454D4C1FE}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{AE1DF2C2-266A-4B0D-840C-FBB55ACD6C7B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BBD08B48-9530-4B32-A8B9-41E57567D632}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\windows\system32\npDeployJava1.dll [2012-09-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2012-01-02]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2012-01-02]
Chrome:
=======
CHR Profile: C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kein Name) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2015-05-09]
CHR Extension: (Bitdefender Wallet) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-02-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Kostenfinder) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfbgjcggeplmenpepddbemhcjfdapoh [2013-08-08]
CHR Extension: (AntiBrowserSpy - SocialBlock) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd [2015-05-15]
CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files\AntiBrowserSpy\Addons\Chrome.crx [2015-05-15]
StartMenuInternet: Google Chrome.B4WUOD3OCN64G3KXDJYLCPUSZE - C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2159472 2014-03-25] (G Data Software AG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [254328 2010-03-30] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [121720 2010-03-30] (AVM Berlin)
R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2409280 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [117280 2014-09-05] ()
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard)
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [180768 2014-09-05] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2010-03-30] (AVM Berlin)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc)
R2 RalinkRegistryWriter; C:\Program Files\Hama\Common\RaRegistry.exe [193888 2010-06-01] (Ralink Technology, Corp.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [Datei ist nicht signiert]
R2 serviceIEConfig; C:\Windows\System32\ieconfig_1und1_svc.exe [1053848 2011-03-15] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [Datei ist nicht signiert]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [254034 2011-11-12] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580144 2015-05-12] (WiseCleaner.com)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 avmaudio; C:\windows\System32\DRIVERS\avmaudio.sys [101248 2010-11-14] (AVM Berlin)
R3 avmaura; C:\windows\System32\DRIVERS\avmaura.sys [101248 2010-09-12] (AVM Berlin)
R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [297000 2010-07-14] (Broadcom Corporation.)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [15968 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10208 2014-11-18] ()
R0 GDBehave; C:\windows\System32\drivers\GDBehave.sys [44544 2015-03-29] (G Data Software AG)
R1 GDMnIcpt; C:\windows\system32\drivers\MiniIcpt.sys [101504 2015-03-29] (G Data Software AG)
R3 GDPkIcpt; C:\windows\system32\drivers\PktIcpt.sys [56832 2015-03-29] (G Data Software AG)
R1 gdwfpcd; C:\windows\System32\drivers\gdwfpcd32.sys [53248 2015-03-29] (G Data Software AG)
R1 GRD; C:\windows\system32\drivers\GRD.sys [29528 2015-03-29] (G Data Software)
R1 HookCentre; C:\windows\system32\drivers\HookCentre.sys [50176 2015-03-29] (G Data Software AG)
R0 hotcore3; C:\windows\System32\DRIVERS\hotcore3.sys [27464 2014-05-19] (Paragon Software Group)
S3 HWHandSet; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.)
R3 LVUSBSta; C:\windows\System32\drivers\lvusbsta.sys [22016 2005-01-31] (Logitech Inc.)
R3 NWIM; C:\windows\System32\DRIVERS\avmnwim.sys [335224 2010-03-30] (AVM Berlin)
S3 PID_0928; C:\windows\System32\DRIVERS\LV561AV.SYS [211712 2005-01-31] (Logitech Inc.)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [10320 2013-09-30] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-04-27] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [473656 2012-02-04] (Duplex Secure Ltd.)
R3 teamviewervpn; C:\windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-03-30] (TeamViewer GmbH)
R1 UimBus; C:\windows\System32\DRIVERS\UimBus.sys [91016 2014-05-19] ()
R1 Uim_DEVIM; C:\windows\System32\DRIVERS\uim_devim.sys [20616 2014-05-19] ()
R1 Uim_IM; C:\windows\System32\Drivers\Uim_IM.sys [540040 2014-05-19] ()
S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert]
R3 WiseHDInfo; C:\windows\WiseHDInfo32.dll [13264 2015-08-01] (wisecleaner.com)
S3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S2 ASPI32; kein ImagePath
U3 DfSdkS; kein ImagePath
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-22 11:22 - 2015-08-22 11:23 - 00024754 _____ C:\Users\Ebling\Desktop\FRST.txt
2015-08-22 11:21 - 2015-08-22 11:22 - 00000000 ____D C:\FRST
2015-08-22 11:20 - 2015-08-22 11:20 - 01677824 _____ (Farbar) C:\Users\Ebling\Desktop\FRST.exe
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung.lnk
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung (2).lnk
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\Documents\Bluetooth-Exchange-Ordner
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\AppData\Local\Broadcom
2015-08-20 13:43 - 2010-07-20 13:26 - 00111656 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwavdt.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00088616 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwaudio.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00018728 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwrchid.sys
2015-08-20 13:43 - 2010-07-14 06:25 - 00297000 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwampfl.sys
2015-08-20 13:43 - 2010-03-02 14:37 - 00033320 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwl2cap.sys
2015-08-19 22:31 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-08-19 22:31 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-19 14:10 - 2015-08-19 18:18 - 00000000 ____D C:\Program Files\Huawei
2015-08-19 14:10 - 2011-10-24 06:04 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_quusbmdm.sys
2015-08-19 14:10 - 2011-10-24 05:51 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_usbdev.sys
2015-08-16 13:25 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 11:43 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-08-16 11:42 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-16 11:42 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-16 11:42 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-16 11:42 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-16 11:42 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-16 11:42 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-08-16 11:42 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-08-16 11:42 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-16 11:42 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-08-16 11:42 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-08-16 11:42 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-08-16 11:42 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-08-16 11:42 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-08-16 11:42 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-08-16 11:42 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-08-16 11:42 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-08-16 11:42 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-16 11:42 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-08-16 11:42 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-08-16 11:42 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-08-16 11:42 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-16 11:42 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-08-16 11:42 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-08-16 11:42 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-16 11:42 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-16 11:42 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-16 11:42 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-08-16 11:42 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-08-16 11:42 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-08-16 11:42 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-08-16 11:42 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-08-16 11:42 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-08-16 11:42 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-16 11:42 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-16 11:42 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-08-16 11:29 - 2015-08-16 12:29 - 09284296 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerInstaller.exe
2015-08-03 13:48 - 2015-08-03 13:51 - 00000000 ____D C:\windows\rescache
2015-08-02 09:29 - 2015-08-02 09:29 - 02232320 _____ C:\windows\system32\config\DEFAULT.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00094208 _____ C:\windows\system32\config\SAM.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00028672 _____ C:\windows\system32\config\SECURITY.rhk
2015-08-02 09:25 - 2015-08-02 09:29 - 73924608 _____ C:\windows\system32\config\SOFTWARE.rhk
2015-08-01 16:09 - 2015-08-22 11:09 - 01162952 _____ C:\windows\WindowsUpdate.log
2015-08-01 16:08 - 2015-08-01 16:08 - 00133048 _____ C:\Users\Ebling\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-01 16:07 - 2015-08-22 10:57 - 00007956 _____ C:\windows\setupact.log
2015-08-01 16:07 - 2015-08-01 16:07 - 00000000 _____ C:\windows\setuperr.log
2015-08-01 16:06 - 2015-08-16 18:29 - 00467536 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-01 16:06 - 2015-08-01 16:06 - 00001772 _____ C:\windows\PFRO.log
2015-08-01 10:39 - 2015-08-22 10:57 - 00000378 _____ C:\windows\Tasks\Wise Care 365.job
2015-08-01 10:39 - 2015-08-20 10:00 - 00000406 _____ C:\windows\Tasks\Wise Turbo Checker.job
2015-08-01 10:31 - 2015-08-01 16:07 - 00000546 _____ C:\windows\Tasks\Wise Care 365 PC Checkup Task.job
2015-08-01 10:27 - 2015-08-22 10:58 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00013264 _____ (wisecleaner.com) C:\windows\WiseHDInfo32.dll
2015-08-01 10:27 - 2015-08-01 10:27 - 00001118 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\Program Files\Wise
2015-08-01 10:23 - 2015-08-01 10:23 - 06043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe
2015-07-28 09:04 - 2015-07-28 09:04 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-28 09:04 - 2015-07-28 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-28 08:54 - 2015-07-28 08:54 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-07-25 17:20 - 2015-07-25 17:20 - 06962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-22 11:17 - 2012-09-18 23:36 - 00002664 _____ C:\Users\Ebling\Desktop\Google Chrome.lnk
2015-08-22 11:17 - 2012-09-18 23:29 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job
2015-08-22 11:12 - 2010-09-25 11:38 - 00001098 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-22 11:07 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-22 11:07 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-22 10:58 - 2011-02-15 18:17 - 00000432 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-08-22 10:57 - 2010-09-25 11:38 - 00001094 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-22 10:57 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-20 21:30 - 2014-11-11 20:35 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-20 13:50 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-20 13:49 - 2012-01-03 01:14 - 00000000 ____D C:\Program Files\AntiBrowserSpy
2015-08-20 13:35 - 2010-09-11 15:51 - 00000000 ____D C:\Users\Ebling
2015-08-20 13:35 - 2010-07-01 15:50 - 00000000 ____D C:\Program Files\Broadcom
2015-08-20 11:48 - 2010-09-18 11:50 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForEbling.job
2015-08-19 20:12 - 2012-09-18 23:29 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job
2015-08-19 18:52 - 2010-06-11 20:30 - 01629212 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-19 14:10 - 2014-02-02 15:03 - 00000764 _____ C:\NSI_DriverInstall.log
2015-08-19 14:09 - 2012-06-09 22:00 - 00000000 ____D C:\Program Files\Handset WinDriver
2015-08-17 10:32 - 2014-11-07 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-08-17 10:18 - 2014-11-07 00:01 - 00000000 ____D C:\Program Files\TomTom HOME 2
2015-08-17 10:15 - 2011-08-13 16:07 - 00000000 ____D C:\Users\Ebling\AppData\Local\Downloaded Installations
2015-08-16 22:29 - 2012-08-23 19:54 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-16 19:45 - 2014-09-29 22:19 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\HpUpdate
2015-08-16 19:29 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET
2015-08-16 18:26 - 2014-12-10 04:15 - 00000000 ____D C:\windows\system32\appraiser
2015-08-16 18:26 - 2014-05-06 21:54 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-16 18:26 - 2010-06-11 20:42 - 00000000 ____D C:\windows\system32\Drivers\de-DE
2015-08-16 18:26 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\de-DE
2015-08-16 13:53 - 2010-09-11 18:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 13:52 - 2015-04-19 18:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 13:52 - 2011-05-04 06:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 13:47 - 2013-08-15 17:30 - 00000000 ____D C:\windows\system32\MRT
2015-08-16 13:30 - 2010-09-16 19:47 - 129304528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-16 12:29 - 2012-05-25 10:47 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-08-16 12:29 - 2011-06-04 12:20 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-16 11:24 - 2010-06-11 20:47 - 00000000 ____D C:\ProgramData\PDFC
2015-08-01 10:46 - 2010-09-11 18:02 - 00000000 __RHD C:\MSOCache
2015-08-01 10:32 - 2015-03-12 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-08-01 10:32 - 2014-03-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2015-08-01 10:32 - 2012-05-27 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-01 10:32 - 2012-03-07 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager
2015-08-01 09:36 - 2013-05-09 22:58 - 00000000 ____D C:\Users\Ebling\AppData\Local\CrashDumps
2015-07-31 18:12 - 2015-03-29 18:16 - 00000400 _____ C:\windows\Tasks\One-Click Optimizer WO11.job
2015-07-30 20:36 - 2015-05-09 08:58 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Update Manager
2015-07-29 21:26 - 2014-09-29 22:18 - 00000000 ____D C:\ProgramData\HP
2015-07-29 20:06 - 2010-09-11 15:55 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Hewlett-Packard
2015-07-28 09:04 - 2011-12-01 22:27 - 00000000 ____D C:\Program Files\iTunes
2015-07-28 09:03 - 2012-06-16 13:21 - 00000000 ____D C:\Program Files\iPod
2015-07-28 09:02 - 2015-04-17 16:42 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\Program Files\QuickTime
2015-07-27 11:02 - 2015-04-23 18:47 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\iFunbox_UserCache
2015-07-26 21:03 - 2015-01-21 23:40 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieBrowserModeList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieUserList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieSiteList
2015-07-25 18:07 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-25 09:08 - 2015-03-28 20:40 - 00000000 ___SD C:\windows\system32\GWX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-09 09:02 - 2015-05-09 09:02 - 2204160 _____ () C:\Program Files\adwcleaner_4.203.exe
2015-05-03 22:35 - 2015-05-03 22:35 - 0891224 _____ (AMD) C:\Program Files\amddriverdownloader.exe
2014-02-27 18:57 - 2013-05-19 17:18 - 13431464 _____ () C:\Program Files\anytrans-setup.exe
2015-03-29 18:02 - 2015-03-29 18:02 - 28444000 _____ (Ashampoo GmbH & Co. KG ) C:\Program Files\ashampoo_winoptimizer_2015_18590.exe
2011-04-24 07:47 - 2011-04-24 07:47 - 0620972 _____ () C:\Program Files\Autoruns.zip
2012-07-17 22:53 - 2012-07-17 22:51 - 0883840 _____ () C:\Program Files\Avira-DE-Cleaner.exe
2015-03-06 15:20 - 2015-03-06 15:20 - 2314104 _____ () C:\Program Files\avira_pc_cleaner_de.exe
2013-10-08 13:20 - 2015-07-05 11:04 - 0027155 _____ () C:\Program Files\Changes.txt
2014-06-09 18:25 - 2014-06-09 18:24 - 0277107 _____ () C:\Program Files\clonepartition.rar
2013-05-29 15:04 - 2013-09-09 18:55 - 8334304 _____ (WindSolutions) C:\Program Files\CopyTransManager.exe
2010-08-29 15:08 - 2015-07-05 11:04 - 0000067 _____ () C:\Program Files\Core Temp Gadget & Addons.url
2013-10-08 13:22 - 2015-07-05 11:04 - 0794272 _____ () C:\Program Files\Core Temp.exe
2015-07-05 10:58 - 2015-07-05 10:58 - 0734473 _____ () C:\Program Files\CoreTemp_106.zip
2011-07-22 08:15 - 2011-07-22 08:15 - 0000000 _____ () C:\Program Files\ctapi_out_gr.txt
2011-02-22 13:48 - 2011-02-22 13:48 - 0175007 _____ () C:\Program Files\DirPrintOK292_Installer.zip
2012-05-02 15:44 - 2012-05-02 15:57 - 50449456 _____ (Microsoft Corporation) C:\Program Files\dotNetFx40_Full_x86_x64.exe
2014-02-27 18:57 - 2013-01-21 02:36 - 68765992 _____ (Landesfinanzdirektion Thüringen) C:\Program Files\ElsterFormular-14.0.0.10960p.exe
2012-07-17 22:06 - 2012-06-05 20:14 - 7207866 _____ (FreeDownloadManager.ORG ) C:\Program Files\fdminst.exe
2011-11-13 16:42 - 2011-11-13 16:45 - 14598944 _____ (Mozilla) C:\Program Files\Firefox Setup 8.0.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\FirstBackup.spg
2013-10-26 10:31 - 2013-10-26 10:21 - 31162768 _____ () C:\Program Files\FreeAudioConverter-5.0.30.1022.exe
2015-05-03 18:51 - 2015-05-03 18:51 - 30650288 _____ () C:\Program Files\FreeVideoToMP3Converter.exe
2014-01-05 13:49 - 2014-01-05 13:48 - 32244744 _____ () C:\Program Files\FreeYouTubeDownload-3.2.20.1230.exe
2014-02-27 18:57 - 2013-01-11 23:56 - 18291784 _____ (AVM Berlin ) C:\Program Files\FRITZ!fax_3.07.04 (1).exe
2013-01-06 21:34 - 2013-01-06 21:32 - 18291784 ____N (AVM Berlin ) C:\Program Files\FRITZ!fax_3.07.04.exe
2011-11-20 18:38 - 2011-09-08 07:23 - 0148923 _____ () C:\Program Files\FRITZ.Box Fon WLAN 7170 (UI) 29.04.80_08.09.11_0723.export
2012-08-27 20:20 - 2012-08-27 20:27 - 28952353 _____ () C:\Program Files\HiSuiteSetup V1.6.10.08.zip
2015-07-21 18:05 - 2015-07-21 18:05 - 5493352 _____ (Marx Software ) C:\Program Files\IDM05Setup.exe
2015-04-23 18:41 - 2015-04-23 18:41 - 21348024 _____ ( ) C:\Program Files\ifunbox_setup.exe
2014-02-27 18:57 - 2013-09-09 18:46 - 4279392 _____ (WindSolutions) C:\Program Files\Install_CopyTrans_Suite.exe
2011-08-12 16:25 - 2011-08-12 16:25 - 2118933 _____ (Marx Softwareentwicklung ) C:\Program Files\IPESetup09261.exe
2012-10-12 22:31 - 2012-10-12 22:31 - 0077236 _____ (AppWork UG (haftungsbeschränkt)) C:\Program Files\jDownloaderWebInstaller09581.exe
2014-02-27 18:57 - 2014-02-15 14:36 - 30796712 _____ (Oracle Corporation) C:\Program Files\jre-7u51-windows-x64.exe
2014-02-27 18:57 - 2013-05-08 20:44 - 4894912 _____ (Kaspersky Lab ZAO) C:\Program Files\kavremover.exe
2012-01-05 18:39 - 2013-09-09 18:55 - 0012943 _____ () C:\Program Files\License Agreement.rtf
2010-06-30 18:32 - 2015-07-05 11:04 - 0006594 _____ () C:\Program Files\License.txt
2011-04-09 07:18 - 2011-04-09 07:18 - 11239256 _____ (deepinvent Software GmbH ) C:\Program Files\MailStoreHomeSetup-4.2.0.5431.exe
2014-04-18 08:42 - 2014-04-18 08:43 - 28875706 _____ () C:\Program Files\MediathekView_6.zip
2010-09-24 18:34 - 2010-09-24 18:34 - 0002120 _____ () C:\Program Files\mobile
2012-09-02 14:02 - 2012-09-02 14:02 - 0290154 _____ () C:\Program Files\mp3DirectCut2.16.exe
2011-03-06 14:48 - 2011-03-06 14:48 - 0417048 _____ (Yahoo! Inc.) C:\Program Files\msgr10de.exe
2014-09-01 14:24 - 2014-09-01 14:24 - 10530167 _____ (J. Rathlev ) C:\Program Files\pb-setup-5.5.1000.exe
2014-04-16 09:26 - 2014-04-16 09:26 - 16587248 _____ (Tracker Software Products Ltd ) C:\Program Files\PDFX142Vwer.exe
2012-12-02 00:54 - 2012-12-02 00:59 - 15271824 _____ (Google Inc.) C:\Program Files\picasa39-setup.exe
2014-02-27 18:57 - 2013-05-20 14:16 - 15102976 _____ (MiniTool Solution Ltd. ) C:\Program Files\pwhe78.exe
2010-09-06 03:55 - 2015-07-05 11:04 - 0003630 _____ () C:\Program Files\Readme.txt
2014-06-28 16:18 - 2014-06-28 16:18 - 2617176 _____ (VS Revo Group Ltd.) C:\Program Files\revosetup193.exe
2013-04-19 23:21 - 2013-04-19 23:23 - 6018162 _____ () C:\Program Files\Root_Y200_v5.zip
2013-02-17 17:48 - 2013-02-17 17:48 - 5193621 _____ () C:\Program Files\Samsung-PC-Editor.rar
2013-02-17 17:55 - 2013-02-17 17:55 - 6845297 _____ () C:\Program Files\Samsung_ChannelListPCEditor_1.09.zip
2014-02-27 18:57 - 2014-02-15 21:24 - 3930129 _____ () C:\Program Files\Setup_Migraene-Tagebuch.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\sg_backup_2010-09-23-2050.spg
2015-07-25 17:20 - 2015-07-25 17:20 - 6962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe
2011-02-16 16:26 - 2011-02-16 16:26 - 21683544 _____ (Hewlett-Packard Company ) C:\Program Files\sp49541.exe
2013-04-20 12:43 - 2013-04-20 12:43 - 0627688 _____ () C:\Program Files\Superuser-3.0.7-efghi-signed.zip
2014-06-09 18:51 - 2014-06-09 18:51 - 0583496 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\tb_free_installer.exe
2010-09-23 20:46 - 2010-09-23 20:46 - 0655360 _____ (Speed Guide Inc.) C:\Program Files\TCPOptimizer.exe
2012-11-17 12:48 - 2012-11-17 12:49 - 3167176 _____ (TeamViewer) C:\Program Files\TeamViewerQS_de.exe
2009-10-20 00:43 - 2009-10-20 00:43 - 0047104 _____ () C:\Program Files\Thumbs.db
2014-11-06 23:57 - 2014-11-06 23:57 - 31119112 _____ () C:\Program Files\TomTomHOME2winlatest.exe
2015-08-01 10:23 - 2015-08-01 10:23 - 6043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe
2014-05-18 20:19 - 2014-05-18 20:19 - 0699943 _____ () C:\Program Files\wmv2-1.9.8.exe
2015-03-29 19:10 - 2015-03-29 19:10 - 0000000 _____ () C:\Users\Ebling\AppData\Roaming\gdfw.log
2015-03-29 19:10 - 2015-03-29 19:10 - 0000779 _____ () C:\Users\Ebling\AppData\Roaming\gdscan.log
2011-02-16 15:58 - 2011-05-21 20:59 - 0001849 _____ () C:\Users\Ebling\AppData\Roaming\GhostObjGAFix.xml
2011-07-02 21:02 - 2011-07-02 21:03 - 0038452 _____ () C:\Users\Ebling\AppData\Roaming\Microsoft Excel 97-2003.ADR
2011-08-13 19:00 - 2012-01-23 20:20 - 0001570 _____ () C:\Users\Ebling\AppData\Roaming\MyMicroBalanceConfig.ini
2012-09-02 14:21 - 2014-07-31 17:27 - 0004608 _____ () C:\Users\Ebling\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-06 14:44 - 2011-03-06 14:44 - 0000209 _____ () C:\Users\Ebling\AppData\Local\GLFEDA7.tmp
2014-03-15 10:27 - 2014-03-15 10:27 - 0004096 ____H () C:\Users\Ebling\AppData\Local\keyfile3.drm
2012-03-10 11:45 - 2012-03-10 11:45 - 0000017 _____ () C:\Users\Ebling\AppData\Local\resmon.resmoncfg
2012-11-25 03:31 - 2012-11-25 03:31 - 0017408 _____ () C:\Users\Ebling\AppData\Local\WebpageIcons.db
2014-02-15 10:42 - 2014-02-15 10:42 - 1364399 _____ () C:\ProgramData\1392451495.bdinstall.bin
2014-03-20 14:55 - 2014-03-20 14:55 - 0253886 _____ () C:\ProgramData\1395319610.bdinstall.bin
2014-03-20 15:54 - 2014-03-20 15:54 - 1108989 _____ () C:\ProgramData\1395320619.bdinstall.bin
2014-03-20 15:59 - 2014-03-20 15:59 - 0056385 _____ () C:\ProgramData\1395323941.bdinstall.bin
2014-03-20 16:31 - 2014-03-20 16:31 - 3180570 _____ () C:\ProgramData\1395324509.bdinstall.bin
2014-09-29 22:18 - 2014-09-29 22:18 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-12-24 01:00 - 2011-12-24 01:00 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-02-16 13:56 - 2014-06-25 20:24 - 10981376 _____ () C:\ProgramData\sandra.mda
2014-12-26 18:30 - 2014-12-26 18:30 - 0001534 _____ () C:\ProgramData\ss.ini
2011-02-16 14:03 - 2014-06-25 20:03 - 0000000 _____ () C:\ProgramData\xml3D4F.tmp
2011-02-16 14:03 - 2014-12-06 11:49 - 0015350 _____ () C:\ProgramData\xml4155.tmp
2011-02-16 14:03 - 2011-02-16 14:03 - 0001629 _____ () C:\ProgramData\xml428E.tmp
2014-12-06 11:49 - 2014-12-06 11:49 - 0006028 _____ () C:\ProgramData\xml4E12.tmp
Einige Dateien in TEMP:
====================
C:\Users\Doris\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ebling\AppData\Local\Temp\btins.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-03 10:45
==================== Ende vom raportu ============================
|
|
23.08.2015, 10:25
| #7 |
| | C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren und hier die Addition-Datei: FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-08-2015 03
durchgeführt von Ebling (2015-08-22 11:26:05)
Gestartet von C:\Users\Ebling\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1320190850-2687297852-4289220983-500 - Administrator - Disabled)
DHBW (S-1-5-21-1320190850-2687297852-4289220983-1007 - Limited - Enabled) => C:\Users\DHBW
Doris (S-1-5-21-1320190850-2687297852-4289220983-1002 - Limited - Enabled) => C:\Users\Doris
Ebling (S-1-5-21-1320190850-2687297852-4289220983-1001 - Administrator - Enabled) => C:\Users\Ebling
Gast (S-1-5-21-1320190850-2687297852-4289220983-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1320190850-2687297852-4289220983-1011 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1und1 Internet Explorer Add-On (Version: 1.0 - 1&1 Internet AG) Hidden
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
AntiBrowserSpy (HKLM\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
Anti-Twin (Installation 12/29/2011) (HKLM\...\Anti-Twin 2011-12-29 18.43.19) (Version: - Joerg Rosenthal, Germany)
AnyTrans 3.4.1 (HKLM\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 3.4.1 - iMobie Inc.)
Apple Application Support (32-Bit) (HKLM\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{992F7E6B-58D4-428A-B574-082C0884423E}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version: - AVM Berlin)
AVM FRITZ!Fernzugang (HKLM\...\{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}) (Version: 1.2.3 - AVM Berlin)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
ccc-core-static (Version: 2011.0316.116.298 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloneSpy 2.62 (HKLM\...\CloneSpy) (Version: - CloneSpy)
COMPUTERBILD-Abzockschutz (HKLM\...\{6F03FF16-24BF-4887-9EBA-280CF7657A54}) (Version: 1.0.42 - J3S)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Der grandiose Bildverkleinerer 1.7b (HKLM\...\Der grandiose Bildverkleinerer) (Version: 1.7b - )
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DirPrintOK (HKLM\...\DirPrintOK) (Version: - )
EaseUS Partition Master 10.5 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
Energy Star Digital Logo (HKLM\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Everything 1.2.1.371 (HKLM\...\Everything) (Version: - )
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video Flip and Rotate version 2.1.7.422 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.7.422 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.58.415 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
FreeRIP MP3 Converter 4.5.3 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.3 - GreenTree Applications SRL)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
FRITZ!Box-Fernzugang einrichten (HKLM\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
G Data InternetSecurity CBE (HKLM\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM\...\{15F02176-0D12-4FAF-B2CD-2767C7781427}) (Version: 3.0.4993 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google+ Auto Backup) (Version: 1.0.24.118 - Google, Inc.)
GoogleClean (HKLM\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
Hama Wireless LAN Adapter (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 10.6.0 - Hama)
Hama Wireless LAN Adapter (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama)
Handset WinDriver 1.02.03.00 (HKLM\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.)
HiSuite (HKLM\...\Hi Suite) (Version: 32.610.28.00.06 - Huawei Technologies Co.,Ltd)
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{C2686567-5A9A-4B6D-B965-7A5E26F73A25}) (Version: 1.1.3.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Setup (HKLM\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{DA200FDD-DE3D-4958-8465-C4FBC869544B}) (Version: 3.5.20.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0190 (HKLM\...\{5B0D9F1A-425E-46C4-B06D-2C0736C1E804}) (Version: 1.00.0000 - Hewlett-Packard)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.25.0 - Roxio)
HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50014.0 - Sonix)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackupBot 5.2.5 (HKLM\...\iBackupBot) (Version: 5.2.5 - VOWSoft, Ltd.)
iDevice Manager (HKLM\...\FE5AE7DC-7B01-4263-A94C-B4526C276550_is1) (Version: 5.0.0.0 - Marx Software)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
iFunbox (v2.95.2610.819), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.95.2610.819 - )
iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.)
Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Licensing Service Install (HKLM\...\{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}) (Version: 2.0.1.181 - Protexis Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.1 (HKLM\...\{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1) (Version: - MiniTool Solution Ltd.)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
miTracker 1.1.4 (HKLM\...\miTracker) (Version: 1.1.4 - Vitarsoft Co. Limited.)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mp3tag v2.53 (HKLM\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyMicroBalance (HKLM\...\{1AE1CCB0-DF19-44DF-B8C8-8E259F63B028}) (Version: 2.5.3 - Trusted Bytes Softwareentwicklung e.U.)
Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - )
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Festplatten Manager™ 2011 Kompakt (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.117 - PDF Complete, Inc)
PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
pdfsam (HKLM\...\pdfsam) (Version: 2.2.1 - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PhoneClean 2.1.6 (HKLM\...\{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1) (Version: 2.1.6 - iMobie Inc.)
PhotoFiltre (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre Studio X) (Version: - )
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
POP and IMAP Troubleshooter (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PopImapTroubleshooter) (Version: 0.1 - Google)
QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.39 - Piriform)
Revo Uninstaller 1.93 (HKLM\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3.56.20 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version: - )
SiSoftware Sandra Lite 2011.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 17.36.2011.2 - SiSoftware)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
SmartTools Office DDE-Fix (HKLM\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Snapfish Fotobuch (HKLM\...\Snapfish Fotobuch) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{F158CFB3-2C04-4138-9556-B9C3D5A89CF4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
System.Data.SQLite v1.0.81.0 (HKLM\...\{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1) (Version: 1.0.81.0 - System.Data.SQLite Team)
TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.13992 - TeamViewer GmbH)
TomTom HOME (HKLM\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trainingssoftware (HKLM\...\{7C33F907-7A81-48B8-BD2D-D851C5FA9EFC}) (Version: 1.0.0 - IKE Software Solutions)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (Version: 14.0.1000.275 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.7 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Wise Care 365 3.73 (HKLM\...\Wise Care 365_is1) (Version: 3.73 - WiseCleaner.com, Inc.)
WMV9/VC-1 Video Playback (Version: 1.0.60316.0158 - ATI Technologies Inc.) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0006F045-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AFACED1-E828-11D1-9187-B532F1E9575D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{71C3BF7F-682F-4B5E-9E47-5C25D3AC9458}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{8F170678-2A97-4D59-89A1-7A0A71C1B677}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> kein Dateipfad
==================== Wiederherstellungspunkte =========================
16-08-2015 13:24:16 Windows Update
17-08-2015 10:16:36 Installed TomTom HOME.
17-08-2015 10:30:13 Removed TomTom HOME.
19-08-2015 22:30:53 Windows Update
20-08-2015 13:36:19 Installed Bluetooth Software
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2013-11-09 04:23 - 00000893 ____N C:\windows\system32\Drivers\etc\hosts
127.0.0.1 www.google-analytics.com
127.0.0.1 google-analytics.com
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01979C6F-F3CD-4ADF-850A-D355D7DBF1E2} - System32\Tasks\{D7B22B5B-FEF4-45DD-BBD7-DDD4B3D3BD98} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {07BC50FA-DF6F-41CB-9167-7FC771DE5D0E} - System32\Tasks\{BF456A74-A282-4513-BE6C-DCEC0EDB9173} => pcalua.exe -a "C:\Program Files\SmartTools\SmartTools Office DDE-Fix.exe" -d "C:\Program Files\SmartTools"
Task: {0CD0B4DA-4EF0-4CEA-B9E6-E216CF647833} - System32\Tasks\{734BA5A5-D0D3-413C-A06E-1334EA7C253A} => pcalua.exe -a "H:\WISO\Steuersoftware 2015\WISOSteuersoftware2015 (1).exe" -d "H:\WISO\Steuersoftware 2015"
Task: {0D0F5B0A-9C80-49E0-ACF1-ED2D99D3963B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {133132F4-A462-4221-9918-D1E109459994} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-13] ()
Task: {1490F15A-500B-48F8-A1B6-CD708B60A869} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {231BF404-97D8-4B25-823E-2EEA520D3319} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {24F1B7B9-C2DA-4872-82DF-78F6957EA702} - System32\Tasks\{EAAA07BA-9CB7-4E2A-B8AB-9B51384CBF79} => pcalua.exe -a C:\windows\IsUn0407.exe -c -f"C:\Program Files\FRITZ!\Uninst.isu" -c"C:\Program Files\FRITZ!\UNINST.DLL"
Task: {295090DA-E78F-4DBC-9965-0937ACB7F00F} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files\AntiBrowserSpy\BrowserMask.exe [2014-01-13] ()
Task: {2A74942C-6BCB-4059-8646-F38427E9E926} - System32\Tasks\Google Updater and Installer => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {314EFBE2-4FB4-4363-BC33-95BD2D0C199D} - System32\Tasks\HPCeeScheduleForEbling => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {33EAEE3C-E0B9-46D9-A740-23FBC29BEA0E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {34D6170E-7F66-43DE-92AA-51121A2FB431} - System32\Tasks\One-Click Optimizer WO11 => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe [2015-01-05] (Ashampoo Development GmbH & Co. KG)
Task: {47C8A5FF-A6CA-49DB-A739-DD959BC47F21} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {5BF671C8-011A-460A-99B5-366A17D75C6E} - System32\Tasks\Wise Turbo Checker => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe [2015-05-12] (WiseCleaner.COM)
Task: {640420A2-1CD1-4541-91A8-2D13AEEF61A5} - System32\Tasks\{782CEE39-1246-4CF0-BF80-77CA87BA991F} => pcalua.exe -a H:\InstallTomTomHOME.exe -d H:\
Task: {6DD37970-9D6C-420D-A55B-205B563BB395} - System32\Tasks\{DAD58C6D-7B0D-449A-873D-CA8C01E5FDC1} => C:\Program Files\iMobie\AnyTrans\anytrans-setup.exe [2013-05-19] ()
Task: {70BFAB2A-6C59-4B2E-8435-4E319F28F7AE} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe [2015-07-01] (WiseCleaner.com)
Task: {71F4526D-6F16-446D-9F58-81D891E12DCD} - System32\Tasks\{890ED934-859F-4552-B0DC-F478B34CFB2F} => Chrome.exe hxxp://ui.skype.com/ui/0/5.0.0.152/de/go/help.faq.installer?LastError=1603
Task: {80F50AED-FAF1-4F20-94DD-E15F2C60E6E8} - System32\Tasks\{0B46AF53-A2FB-4098-BCB8-5E86A4457EB7} => pcalua.exe -a "C:\Program Files\SmartTools\Office DDE-Fix\uninstall.exe" -d "C:\Program Files\SmartTools\Office DDE-Fix"
Task: {80F9E998-4AB6-4377-9B91-521DD6141DE2} - System32\Tasks\{48C16FF1-F5E1-40A1-9BD6-EE8DA774B726} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {811A6051-40F0-4085-BB3B-6F577CCA5B7C} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {81A420AF-3DA2-462B-B3D8-796DF4E2C60A} - System32\Tasks\{E508F5B1-0FFE-4648-861C-C3B3A77109F3} => pcalua.exe -a "C:\Program Files\FRITZ!Box\FRITZ!fax_3.07.04.exe" -d "C:\Program Files\FRITZ!Box"
Task: {88D05C53-BF29-41FC-8A4F-B8209C8AB5A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8B11E630-046A-43CF-B73A-930B0CE305C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {8D02AB57-24BF-4370-9117-62250A647186} - System32\Tasks\{CDE98B08-CC91-4969-BD47-3D0DBF714EEF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {8E7BDED3-155B-4581-B97D-92DA9F8FE5C5} - System32\Tasks\ASC8_SkipUac_Ebling => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: {8F503074-A26D-4DEC-9EDC-E9416CBF32B6} - System32\Tasks\{48F2F052-31D6-4307-8BA0-EA9DB63FAFAF} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {904E8419-36B7-4F8D-B3DF-B43242CE78CB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {908D6E9A-4122-418D-AF2A-07C2F1DB3436} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
Task: {921512E0-3959-4FA8-BAA4-AE58DEA62E50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {95224B42-2574-4EA7-8C4C-BBA507E88A85} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {95946CEF-BBB5-44EA-B9F7-2B00B060CD98} - System32\Tasks\{40FAF4F9-93F5-4266-B1FF-0D111039189A} => pcalua.exe -a "C:\Program Files\iview430g_setup.exe" -d C:\Users\Ebling\Desktop
Task: {9A36F8F5-7717-472E-BCA6-85FC241B45CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {9B9B14A7-54D1-453C-AFEE-E91D118F3B31} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe
Task: {9CC38FA3-C263-44D3-9DEC-2D75EFD699BC} - System32\Tasks\{1D954EBB-64CB-4FBA-BF3A-20D806CCF871} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {B744F1FB-F29F-464E-AB93-9D81D3D2D28A} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-13] ()
Task: {B8AF33E7-CFDB-4410-A365-6593DC01A192} - System32\Tasks\Uninstaller_SkipUac_Ebling => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {C6136B4B-1487-4868-9914-75136056ABD1} - System32\Tasks\{DD71730C-F8FF-4900-86CE-BE6EEDFD9428} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -d C:\windows\system32 -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {CB1078AD-B5F2-4DC1-8562-52E51BB18B43} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {CCCDDC80-D966-4940-8B67-4187F134A4A9} - System32\Tasks\HPCeeScheduleForHP625$ => c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {CF723268-1BCF-454E-938C-2279828B9184} - System32\Tasks\{6EEE5437-4E2D-40EB-911F-A6C858C971FB} => pcalua.exe -a "C:\Program Files\Google\Picasa3\Uninstall.exe"
Task: {D8854C4B-75DA-4B07-BDE5-1424B67FF13C} - System32\Tasks\{E2634312-8A42-4EBF-A6EC-E194A5615141} => pcalua.exe -a "C:\Program Files\FRITZ!fax_3.07.04.exe" -d "C:\Program Files"
Task: {DA27E8F3-6587-46EF-AEFF-A1904A36D21A} - System32\Tasks\Wise Care 365 => C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2015-06-04] (WiseCleaner.com)
Task: {DB0E0E0B-036C-440E-8614-02291AC4A684} - System32\Tasks\{16FE68E3-8085-4DE4-BBB7-DB8ED9F20C62} => pcalua.exe -a "C:\Users\Ebling\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLQGS4AV\sp48591[1].exe" -d C:\Users\Ebling\Desktop
Task: {DF21E094-5EE5-4916-8AA8-5079BA6F1785} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {EAD8E160-4EB7-44C6-8388-7595B0CBBB11} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe
Task: {F037DEC8-361B-43FB-B03E-A9D31575BA3F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {F402D984-6BEC-4B64-AA36-D3C005440D04} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FBCE29B2-17E0-4A73-958C-838E5BBD1E89} - System32\Tasks\{49950F46-4A32-40C2-B8EB-8A7B7344E019} => pcalua.exe -a "D:\1-Wilfried\Nebentätigkeiten\0-Lehrauftrag-Baureferendare\Rheinland-Pfalz\Foliensatz für Baureferendare 2011\iview430g_setup.exe" -d C:\Users\Ebling\Desktop
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForEbling.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForHP625$.job => c:\program files\hewlett-packard\hp ceement\HPCEE.exe
Task: C:\windows\Tasks\One-Click Optimizer WO11.job => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe
Task: C:\windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe
Task: C:\windows\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe
Task: C:\windows\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-03-04 20:00 - 2001-10-28 17:42 - 00116224 _____ () C:\windows\System32\pdfcmnnt.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-18 14:52 - 2014-09-05 09:40 - 00117280 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
2015-07-18 14:52 - 2014-09-05 09:40 - 00180768 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
2015-05-15 19:04 - 2014-01-13 10:08 - 01136640 _____ () C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00778240 _____ () C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00823424 _____ () C:\Program Files\AntiBrowserSpy\BrowserMask.exe
2011-03-15 13:03 - 2011-03-15 13:03 - 01053848 ____N () C:\Windows\System32\ieconfig_1und1_svc.exe
2013-12-19 04:42 - 2013-12-19 04:42 - 00287864 ____N () C:\Program Files\Common Files\G Data\AVKProxy\PktIcpt2.dll
2011-02-15 17:38 - 2010-06-14 15:38 - 00984416 _____ () C:\Program Files\Hama\Common\RaWLAPI.dll
2011-03-14 14:20 - 2011-03-14 14:20 - 00098304 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-16 01:14 - 2011-03-16 01:14 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2015-08-16 12:22 - 2015-08-08 02:13 - 01405768 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-16 12:22 - 2015-08-08 02:13 - 00081224 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-16 12:22 - 2015-08-08 02:13 - 16393032 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ibackupbot_setup.exe:BDU
AlternateDataStreams: C:\wm2014xxl.exe:BDU
AlternateDataStreams: C:\Program Files\ashampoo_winoptimizer_2015_18590.exe:BDU
AlternateDataStreams: C:\Program Files\avira_pc_cleaner_de.exe:BDU
AlternateDataStreams: C:\Program Files\PDFX142Vwer.exe:BDU
AlternateDataStreams: C:\Program Files\revosetup193.exe:BDU
AlternateDataStreams: C:\Program Files\Setup_Migraene-Tagebuch.exe:BDU
AlternateDataStreams: C:\Program Files\tb_free_installer.exe:BDU
AlternateDataStreams: C:\Program Files\TomTomHOME2winlatest.exe:BDU
AlternateDataStreams: C:\Program Files\wmv2-1.9.8.exe:BDU
AlternateDataStreams: C:\windows\system32\atibtmon.exe:AGC
AlternateDataStreams: C:\Users\Ebling\OJ6500_E710n-z_1315-1.exe:BDU
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Classes\.exe: => <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4789 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.5 BD Edition.lnk => C:\windows\pss\PHOTOfunSTUDIO 6.5 BD Edition.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk => C:\windows\pss\Scanner Finder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TraXEx PC-Putzer.lnk => C:\windows\pss\TraXEx PC-Putzer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Ebling^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\windows\pss\Persbackup.lnk.Startup
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
MSCONFIG\startupreg: estar => C:\System.Sav\Util\HideDOS.EXE C:\System.Sav\util\estartwk\twk7.bat
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: iFunBox Fast App Install Handler => C:\Program Files\i-Funbox DevTeam\iFunBox.exe /tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => ~"C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: miTracker => C:\Program Files\miTracker\miTracker.exe
MSCONFIG\startupreg: Mobile Partner => C:\Program Files\HiSuite\HiSuite.exe -s
MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: UM => C:\Users\Ebling\AppData\Roaming\Update Manager\UM.EXE
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{1FB21EF4-B2D9-46D3-9143-81A824193170}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{DA70798B-6C74-4314-9E85-0AD7EA3FFA4D}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{D398DBA3-5B1A-4115-A443-1555995590FA}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C6E9E309-E04A-4465-AB54-A8C3BBD0D257}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{34A2C04A-52FD-4633-B7BB-E7E8B7B8E06E}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe
FirewallRules: [{35F1465C-4094-4338-B217-7DE418ECC2AA}] => (Allow) G:\fsetup.exe
FirewallRules: [{0771C26A-3465-4A63-A3FB-5DEB25174563}] => (Allow) G:\fsetup.exe
FirewallRules: [{9C8EEAC4-C79E-4645-A345-338396030737}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{D194DF3A-FFF0-4543-8EE4-2AF55A8E73F5}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{9AA67938-324E-4F9A-A3FD-09CE569F0070}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{7BA68422-AA22-4466-857F-D9E00534E399}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{70A20D15-4578-458B-B6F1-133FB02F5710}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5E420C5-9698-499C-B6CF-25C51A6B905A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{023C21EE-16A0-4373-9E02-AE44FC9F9843}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F2DE679E-9EA9-4C6F-B596-E6E80E9394BA}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{796FA458-B5B4-4C0D-913E-C5CDA12E37BC}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{912DA99B-4816-4BFF-9B2E-C88D8EFB0407}] => (Allow) C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C23F3B2D-F668-4510-ABC5-3AD89244CC22}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{98BA9B42-D287-4D0B-9C3A-D7200D181C49}] => (Allow) LPort=2869
FirewallRules: [{BAA9DC4F-E2C2-45A1-83FE-9E71AF8AD65D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{85D82E3B-5F42-4FE2-8993-64F99282E680}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [UDP Query User{C35FA939-86A0-4E6B-9AAF-B4DCD5E7102C}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [{3A9FC52B-A777-4ABC-ABAF-DF0880AD4A4E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{257885B6-6087-4E56-861F-72F48D255233}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{7D264A39-5051-4918-A99E-F3EBE90AD86F}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{F428979F-E951-4291-A592-369F7760DF42}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{4DA75E71-DD81-4198-B34A-64F14B9DA25E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{9033FD3A-8909-4C19-8130-4AF6CB8A2296}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E45CB4B1-E05C-4C78-9A1A-4B5AA6D03B9C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\RpcSandraSrv.exe
FirewallRules: [{27FF653E-2A0D-4C5D-8401-30DB0FB5BB27}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{B7891E7C-022C-47E0-AA42-FACA7E4B6B2E}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{4FFA83CB-C837-4B93-87FC-FE0FDAE91AC6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{DBBF42D8-C004-414B-B6D5-6819FC95219F}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe
FirewallRules: [UDP Query User{180E934D-78A8-4E31-BA12-CAE8FEF7D41D}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/16/2015 09:34:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14043.574, Zeitstempel: 0x52fb3224
Name des fehlerhaften Moduls: avkhttp.dll, Version: 25.0.14079.176, Zeitstempel: 0x532a4adc
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008cf92
ID des fehlerhaften Prozesses: 0x140
Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0
Pfad der fehlerhaften Anwendung: AVKProxy.exe1
Pfad des fehlerhaften Moduls: AVKProxy.exe2
Berichtskennung: AVKProxy.exe3
Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
Error: (08/16/2015 01:27:12 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
Error: (08/03/2015 09:18:10 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (08/03/2015 09:18:08 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (08/03/2015 09:18:05 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (08/03/2015 09:18:03 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Systemfehler:
=============
Error: (08/22/2015 10:57:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/21/2015 10:01:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/20/2015 09:29:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/20/2015 03:22:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Error: (08/20/2015 02:39:09 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (08/20/2015 02:27:02 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (08/20/2015 02:24:58 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (08/20/2015 02:24:58 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (08/20/2015 02:20:20 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (08:df:1f:24:d4:88) ist fehlgeschlagen.
Error: (08/20/2015 02:20:10 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (08:df:1f:24:d4:88) ist fehlgeschlagen.
Microsoft Office:
=========================
Error: (06/27/2015 03:38:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2068 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/02/2015 12:31:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2364 seconds with 2160 seconds of active time. This session ended with a crash.
Error: (12/07/2014 01:12:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8854 seconds with 1680 seconds of active time. This session ended with a crash.
Error: (11/06/2014 10:05:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 669 seconds with 0 seconds of active time. This session ended with a crash.
Error: (10/18/2014 11:01:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47515 seconds with 18060 seconds of active time. This session ended with a crash.
Error: (10/06/2014 10:23:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19835 seconds with 5880 seconds of active time. This session ended with a crash.
Error: (07/28/2014 04:11:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29534 seconds with 16380 seconds of active time. This session ended with a crash.
Error: (07/07/2014 08:46:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7323 seconds with 2940 seconds of active time. This session ended with a crash.
Error: (05/24/2014 11:03:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1296 seconds with 360 seconds of active time. This session ended with a crash.
Error: (03/15/2014 09:57:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7475 seconds with 300 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II P320 Dual-Core Processor
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 2812.56 MB
Verfügbarer physikalischer RAM: 1209.31 MB
Summe virtueller Speicher: 5923.43 MB
Verfügbarer virtueller Speicher: 3643.42 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:72.29 GB) (Free:4.73 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Daten) (Fixed) (Total:137 GB) (Free:10.48 GB) NTFS
Drive e: (Nebentätigkeit) (Fixed) (Total:71.5 GB) (Free:12.84 GB) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32
Drive g: (SH_SICHERHEIT2015) (CDROM) (Total:5.26 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
==================== Ende vom raportu ============================
Code:
ATTFilter Combofix Logfile: |
|
23.08.2015, 19:34
| #8 |
| /// the machine /// TB-Ausbilder | C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.08.2015, 21:38
| #9 |
| | C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren so, es folgen nun die Dateien: mbam.txt adwcleaner[C2].txt jrt.txt frst.txt. Wegen der Überlänge schicke ich addition.txt separat. Ich hoffe, dass es meinem Notebook jetzt wieder gut geht - und vorab schon einmal vielen Dank für die Unterstützung! webling Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 23.08.2015 Suchlaufzeit: 21:09 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.23.05 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Ebling Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 476449 Abgelaufene Zeit: 37 Min., 53 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 12 PUP.Optional.OpenCandy.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunAsStandardUserC62DE06E909C47CC912374409EB8AA04, Löschen bei Neustart, [3e03c94399f286b0f74478a5d62dcd33], PUP.Optional.OpenCandy.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnce51A4C5C9B3BA4157831D4FCC7F5D8A1A, Löschen bei Neustart, [ac9597757c0f0e28a3987e9fb54e9c64], PUP.Optional.Spigot.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, In Quarantäne, [8bb618f4701b5bdbbf4daaeb45bf6d93], PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{10FC8F81-E923-4DFC-A0DF-FFABC14D54A6}, In Quarantäne, [76cb1defbdce8fa70f690c19847fdb25], PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6C4B03E8-9DE0-4F32-9FED-DA4B3A10C431}, In Quarantäne, [be83ad5f7a110630a6d2a184659e9e62], PUP.Optional.DataMngr.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\Datamngr, In Quarantäne, [3e0365a7f19a41f5163cacce42c2e51b], PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, In Quarantäne, [380916f6c5c695a19775692c51b33ac6], PUP.Optional.SerachQU.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\APPDATALOW\SOFTWARE\searchqutoolbar, In Quarantäne, [5ce539d3c6c58da94f14e63b6f9417e9], PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C42B08C2-4800-4F66-A694-D959FAD2498C}, In Quarantäne, [1f22c646dab18aac285037eede25c53b], PUP.Optional.InstallBrain.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\WNLT, In Quarantäne, [e0612ddf2467ac8aca84d5aced1753ad], PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1007\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, In Quarantäne, [af92b4589fecb18518f44c49c4402ad6], PUP.Optional.SerachQU.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1007\SOFTWARE\APPDATALOW\SOFTWARE\searchqutoolbar, In Quarantäne, [c67b7894d4b76bcbca992df4a16211ef], Registrierungswerte: 7 PUP.Optional.SweetPacks.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{EEE6C35B-6118-11DC-9C72-001320C79847}, In Quarantäne, [57eac448ec9fb1854fd236628e74b24e], PUP.Optional.SweetPacks.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EEE6C35B-6118-11DC-9C72-001320C79847}, ????????, In Quarantäne, [57eac448ec9fb1854fd236628e74b24e] PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{10FC8F81-E923-4DFC-A0DF-FFABC14D54A6}|URL, https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}, In Quarantäne, [76cb1defbdce8fa70f690c19847fdb25] PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6C4B03E8-9DE0-4F32-9FED-DA4B3A10C431}|URL, hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}, In Quarantäne, [be83ad5f7a110630a6d2a184659e9e62] PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6C4B03E8-9DE0-4F32-9FED-DA4B3A10C431}|OSDFileURL, file:///C:/Program%20Files/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, In Quarantäne, [3c05a5672962d85ec7a7555454b06c94] PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C42B08C2-4800-4F66-A694-D959FAD2498C}|URL, hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}, In Quarantäne, [1f22c646dab18aac285037eede25c53b] PUP.Optional.InstallBrain.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\WNLT|URL, In Quarantäne, [e0612ddf2467ac8aca84d5aced1753ad], Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 4 PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], Dateien: 12 PUP.Optional.SweetIM, C:\Windows\Installer\9f9606.msi, In Quarantäne, [3110fc10f69550e6da2cd1ad8e775aa6], PUP.Optional.SweetIM, C:\Windows\Installer\9f9612.msi, In Quarantäne, [47faf21a701b4ee89a6c4539709559a7], PUP.Optional.SweetIM, C:\Windows\Installer\9f961e.msi, In Quarantäne, [9da4a26a870490a6e71f7b03cb3ac040], PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\473d5c007e793590a1db512a6ef4eb57.games2.png, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\53b597b55d8412d563b720d3585c1af8.facebook.png, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\7c1329c14e8f09f2e97e3522bcd7e126.toolbar46.xml, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\8d03c0783b1e34c2b403cee25e4f3d73.options_remote44b_no_fb.html, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\ccbd8b558f1d599e360b3dc00c89e1b1.facebook2.png, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\d7663980840977888075cdf06da9e63d.facebook2_hover.png, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\dda5971490977d5465f836a12522f1a1.games3.png, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], PUP.Optional.Spigot.A, C:\Users\Ebling\AppData\Roaming\Mozilla\Firefox\Profiles\2hjeq2vf.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=302398&ilc=12&p=");), Ersetzt,[cc7535d78efdff37fcbcdeb39d6816ea] PUP.Optional.Spigot.A, C:\Users\Ebling\AppData\Roaming\Mozilla\Firefox\Profiles\2hjeq2vf.default\prefs.js, Gut: (), Schlecht: (tp.sendRefererHeader", 2); user_pref("keyword.URL", "hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_), Ersetzt,[83be0c007d0e77bf63555e3394710af6] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.003 - Bericht erstellt 23/08/2015 um 22:02:29
# Aktualisiert 20/08/2015 von Xplode
# Datenbank : 2015-08-23.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Ebling - HP625
# Gestarted von : C:\Users\Ebling\Desktop\AdwCleaner_5.003.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files\FreeRIP
[-] Ordner Gelöscht : C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
[-] Ordner Gelöscht : C:\Users\Ebling\AppData\Roaming\Update Manager
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Wert Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FE5AE7DC-7B01-4263-A94C-B4526C276550_is1
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1769 Bytes] ##########
[/CODE] Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 7 Home Premium x86
Ran by Ebling on 23.08.2015 at 22:07:34,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Failed to delete: [Task] C:\windows\System32\tasks\Wise Care 365 PC Checkup Task
Successfully deleted: [Task] C:\windows\System32\tasks\Driver Booster Scan
Successfully deleted: [Task] C:\windows\System32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013
Successfully deleted: [Task] C:\windows\System32\tasks\Uninstaller_SkipUac_Administrator
Successfully deleted: [Task] C:\windows\System32\tasks\Uninstaller_SkipUac_Ebling
Successfully deleted: [Task] C:\windows\System32\tasks\Wise Care 365
Successfully deleted: [Task] C:\windows\System32\tasks\Wise Turbo Checker
Successfully deleted: [Task] C:\windows\Tasks\Wise Care 365 PC Checkup Task.job
Successfully deleted: [Task] C:\windows\Tasks\Wise Care 365.job
Successfully deleted: [Task] C:\windows\Tasks\Wise Turbo Checker.job
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Program Files\software4u
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\ProgramData\software4u
Successfully deleted: [Folder] C:\Users\Ebling\AppData\Roaming\iobit\driver booster
Successfully deleted: [Folder] C:\Users\Ebling\AppData\Roaming\productdata
Successfully deleted: [Folder] C:\Users\Ebling\AppData\Roaming\software4u
~~~ Chrome
[C:\Users\Ebling\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Ebling\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
fopdddcinljmpmioaklghcalngfhbaen
[C:\Users\Ebling\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Ebling\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
fopdddcinljmpmioaklghcalngfhbaen,
gkcefkcdkepgkpbgncjchhbjgoanleod
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.08.2015 at 22:11:26,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2015 03 durchgeführt von Ebling (Administrator) auf HP625 (23-08-2015 22:24:13) Gestartet von C:\Users\Ebling\Desktop Geladene Profile: Ebling (Verfügbare Profile: Ebling & Doris & DHBW) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe (AVM Berlin) C:\Program Files\1&1\IGDCTRL.EXE (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe (PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe (Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaRegistry.exe () C:\Windows\System32\ieconfig_1und1_svc.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe () C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe () C:\Program Files\AntiBrowserSpy\BrowserMask.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (AVM Berlin) C:\Program Files\1&1\Stcenter.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe (Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaUI.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Dr. J. Rathlev, D-24222 Schwentinental) C:\Program Files\Personal Backup 5\Persbackup.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-03-16] (Advanced Micro Devices, Inc.) HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2011-11-12] (IDT, Inc.) HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG) HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2009-05-28] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\1&1 FRITZ!Box starter.lnk [2011-03-15] ShortcutTarget: 1&1 FRITZ!Box starter.lnk -> C:\Windows\Installer\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}\Icon2457326B4.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-08-20] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hama Wireless LAN Utility.lnk [2011-02-15] ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Program Files\Hama\Common\RaUI.exe (Ralink Technology, Corp.) Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011-04-24] () Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk [2014-12-25] ShortcutTarget: Persbackup.lnk -> C:\Program Files\Personal Backup 5\Persbackup.exe (Dr. J. Rathlev, D-24222 Schwentinental) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {06090F73-779E-4FB6-BB0A-FF6807704AF7} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms} SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {417ACE4C-D557-454E-9A06-CE17AD599530} URL = hxxp://go.web.de/suchbox/google?q={searchTerms} SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {43D89E1D-8489-468F-B390-7D3F79E8C588} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms} SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {FC8A9B8F-BE3A-4BBF-82B2-C4427BE73C4B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms} BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\System32\ieconfig_1und1.dll [2011-03-15] (mquadr.at software engineering und consulting GmbH) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation) Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{666D63E0-1108-40D3-940A-9120699323D7}: [DhcpNameServer] 139.7.30.126 139.7.30.125 Tcpip\..\Interfaces\{8A574D06-DDF0-4179-92C5-EAA454D4C1FE}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{AE1DF2C2-266A-4B0D-840C-FBB55ACD6C7B}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{BBD08B48-9530-4B32-A8B9-41E57567D632}: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\windows\system32\npDeployJava1.dll [2012-09-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2012-01-02] FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2012-01-02] Chrome: ======= CHR Profile: C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Kein Name) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2015-08-23] CHR Extension: (Bitdefender Wallet) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-02-15] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12] CHR Extension: (Chrome Web Store Payments) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23] CHR Extension: (Kostenfinder) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfbgjcggeplmenpepddbemhcjfdapoh [2013-08-08] CHR Extension: (AntiBrowserSpy - SocialBlock) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd [2015-05-15] CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files\AntiBrowserSpy\Addons\Chrome.crx [2015-05-15] StartMenuInternet: Google Chrome.B4WUOD3OCN64G3KXDJYLCPUSZE - C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG) R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG) R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2159472 2014-03-25] (G Data Software AG) R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [254328 2010-03-30] (AVM Berlin) R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [121720 2010-03-30] (AVM Berlin) R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2409280 2014-01-30] (G Data Software AG) R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG) R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [117280 2014-09-05] () R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard) R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company) R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [180768 2014-09-05] () S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] R2 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2010-03-30] (AVM Berlin) R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc) R2 RalinkRegistryWriter; C:\Program Files\Hama\Common\RaRegistry.exe [193888 2010-06-01] (Ralink Technology, Corp.) S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [Datei ist nicht signiert] R2 serviceIEConfig; C:\Windows\System32\ieconfig_1und1_svc.exe [1053848 2011-03-15] () S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [Datei ist nicht signiert] R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [254034 2011-11-12] (IDT, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 avmaudio; C:\windows\System32\DRIVERS\avmaudio.sys [101248 2010-11-14] (AVM Berlin) R3 avmaura; C:\windows\System32\DRIVERS\avmaura.sys [101248 2010-09-12] (AVM Berlin) R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [297000 2010-07-14] (Broadcom Corporation.) S3 epmntdrv; C:\windows\system32\epmntdrv.sys [15968 2014-11-18] () S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10208 2014-11-18] () R0 GDBehave; C:\windows\System32\drivers\GDBehave.sys [44544 2015-03-29] (G Data Software AG) R1 GDMnIcpt; C:\windows\system32\drivers\MiniIcpt.sys [101504 2015-03-29] (G Data Software AG) R3 GDPkIcpt; C:\windows\system32\drivers\PktIcpt.sys [56832 2015-03-29] (G Data Software AG) R1 gdwfpcd; C:\windows\System32\drivers\gdwfpcd32.sys [53248 2015-03-29] (G Data Software AG) R1 GRD; C:\windows\system32\drivers\GRD.sys [29528 2015-03-29] (G Data Software) R1 HookCentre; C:\windows\system32\drivers\HookCentre.sys [50176 2015-03-29] (G Data Software AG) R0 hotcore3; C:\windows\System32\DRIVERS\hotcore3.sys [27464 2014-05-19] (Paragon Software Group) S3 HWHandSet; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.) R3 LVUSBSta; C:\windows\System32\drivers\lvusbsta.sys [22016 2005-01-31] (Logitech Inc.) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-23] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation) R3 NWIM; C:\windows\System32\DRIVERS\avmnwim.sys [335224 2010-03-30] (AVM Berlin) S3 PID_0928; C:\windows\System32\DRIVERS\LV561AV.SYS [211712 2005-01-31] (Logitech Inc.) S3 pwdrvio; C:\windows\system32\pwdrvio.sys [15688 2013-09-30] () S3 pwdspio; C:\windows\system32\pwdspio.sys [10320 2013-09-30] () S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware) R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-04-27] () R0 sptd; C:\windows\System32\Drivers\sptd.sys [473656 2012-02-04] (Duplex Secure Ltd.) R3 teamviewervpn; C:\windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-03-30] (TeamViewer GmbH) R1 UimBus; C:\windows\System32\DRIVERS\UimBus.sys [91016 2014-05-19] () R1 Uim_DEVIM; C:\windows\System32\DRIVERS\uim_devim.sys [20616 2014-05-19] () R1 Uim_IM; C:\windows\System32\Drivers\Uim_IM.sys [540040 2014-05-19] () S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert] S3 WiseHDInfo; C:\windows\WiseHDInfo32.dll [13264 2015-08-01] (wisecleaner.com) S3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.) U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S2 ASPI32; kein ImagePath S3 catchme; \??\C:\Users\Ebling\AppData\Local\Temp\catchme.sys [X] U3 DfSdkS; kein ImagePath U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-23 22:21 - 2015-08-23 22:21 - 00056919 _____ C:\Users\Ebling\Desktop\FRST-23082015.txt 2015-08-23 22:11 - 2015-08-23 22:11 - 00002771 _____ C:\Users\Ebling\Desktop\JRT.txt 2015-08-23 22:06 - 2015-08-23 22:06 - 00001848 _____ C:\Users\Ebling\Desktop\AdwCleaner[C2].txt 2015-08-23 21:58 - 2015-08-23 21:58 - 00008180 _____ C:\Users\Ebling\Desktop\mbam.txt 2015-08-23 21:49 - 2015-08-23 21:49 - 00007758 _____ C:\Users\Ebling\Desktop\ergebnis-anti-malware-23.08.2015-21-49h.txt 2015-08-23 21:07 - 2015-08-23 22:18 - 00098520 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-23 21:07 - 2015-08-23 21:07 - 00001064 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-08-23 21:07 - 2015-08-23 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-08-23 21:06 - 2015-08-23 21:07 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2015-08-23 21:06 - 2015-08-23 21:06 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-08-23 21:06 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2015-08-23 21:06 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-08-23 21:06 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2015-08-23 21:03 - 2015-08-23 21:03 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Ebling\Desktop\JRT.exe 2015-08-23 21:02 - 2015-08-23 21:03 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Ebling\Desktop\mbam-setup-2.1.8.1057.exe 2015-08-23 21:02 - 2015-08-23 21:02 - 01605632 _____ C:\Users\Ebling\Desktop\AdwCleaner_5.003.exe 2015-08-23 21:01 - 2015-08-23 21:01 - 04798152 _____ (WinZip International LLC ) C:\Users\Ebling\Desktop\wzmp_10.exe 2015-08-23 19:39 - 2015-08-23 22:17 - 00000374 _____ C:\windows\system32\Drivers\etc\hosts.ics 2015-08-23 11:11 - 2015-08-23 11:11 - 00032637 _____ C:\ComboFix.txt 2015-08-23 10:24 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe 2015-08-23 10:24 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe 2015-08-23 10:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe 2015-08-23 10:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe 2015-08-23 10:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe 2015-08-23 10:24 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe 2015-08-23 10:24 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe 2015-08-23 10:24 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe 2015-08-23 10:22 - 2015-08-23 11:11 - 00000000 ____D C:\Qoobox 2015-08-23 10:21 - 2015-08-23 11:09 - 00000000 ____D C:\windows\erdnt 2015-08-23 10:16 - 2015-08-23 10:16 - 05635234 ____R (Swearware) C:\Users\Ebling\Desktop\ComboFix.exe 2015-08-22 11:26 - 2015-08-22 11:27 - 00065878 _____ C:\Users\Ebling\Desktop\Addition.txt 2015-08-22 11:22 - 2015-08-23 22:24 - 00022787 _____ C:\Users\Ebling\Desktop\FRST.txt 2015-08-22 11:21 - 2015-08-23 22:24 - 00000000 ____D C:\FRST 2015-08-22 11:20 - 2015-08-22 11:20 - 01677824 _____ (Farbar) C:\Users\Ebling\Desktop\FRST.exe 2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung.lnk 2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung (2).lnk 2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\Documents\Bluetooth-Exchange-Ordner 2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\AppData\Local\Broadcom 2015-08-20 13:43 - 2010-07-20 13:26 - 00111656 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwavdt.sys 2015-08-20 13:43 - 2010-07-20 13:26 - 00088616 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwaudio.sys 2015-08-20 13:43 - 2010-07-20 13:26 - 00018728 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwrchid.sys 2015-08-20 13:43 - 2010-07-14 06:25 - 00297000 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwampfl.sys 2015-08-20 13:43 - 2010-03-02 14:37 - 00033320 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwl2cap.sys 2015-08-19 22:31 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-08-19 22:31 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-08-19 14:10 - 2015-08-19 18:18 - 00000000 ____D C:\Program Files\Huawei 2015-08-19 14:10 - 2011-10-24 06:04 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_quusbmdm.sys 2015-08-19 14:10 - 2011-10-24 05:51 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_usbdev.sys 2015-08-16 13:25 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-16 11:43 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll 2015-08-16 11:42 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-08-16 11:42 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll 2015-08-16 11:42 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2015-08-16 11:42 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-08-16 11:42 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-08-16 11:42 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-08-16 11:42 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2015-08-16 11:42 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2015-08-16 11:42 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2015-08-16 11:42 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2015-08-16 11:42 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2015-08-16 11:42 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll 2015-08-16 11:42 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-08-16 11:42 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-08-16 11:42 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-08-16 11:42 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-08-16 11:42 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-08-16 11:42 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-08-16 11:42 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-08-16 11:42 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-08-16 11:42 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-08-16 11:42 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-08-16 11:42 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-08-16 11:42 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-08-16 11:42 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-08-16 11:42 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-08-16 11:42 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-08-16 11:42 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-08-16 11:42 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-08-16 11:42 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-08-16 11:42 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-08-16 11:42 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-08-16 11:42 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll 2015-08-16 11:42 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-08-16 11:42 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll 2015-08-16 11:42 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll 2015-08-16 11:42 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-08-16 11:42 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-08-16 11:42 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-08-16 11:42 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-08-16 11:42 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-08-16 11:42 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-08-16 11:42 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-08-16 11:42 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-08-16 11:42 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe 2015-08-16 11:42 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe 2015-08-16 11:42 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-08-16 11:42 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-08-16 11:42 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys 2015-08-16 11:42 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-08-16 11:42 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-08-16 11:42 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-08-16 11:42 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-08-16 11:42 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll 2015-08-16 11:42 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-08-16 11:42 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-08-16 11:42 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-08-16 11:42 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-08-16 11:42 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-08-16 11:42 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2015-08-16 11:42 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2015-08-16 11:42 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2015-08-16 11:42 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe 2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\notepad.exe 2015-08-16 11:42 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll 2015-08-16 11:42 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll 2015-08-16 11:41 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll 2015-08-16 11:41 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2015-08-16 11:41 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll 2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll 2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll 2015-08-16 11:29 - 2015-08-16 12:29 - 09284296 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerInstaller.exe 2015-08-03 13:48 - 2015-08-03 13:51 - 00000000 ____D C:\windows\rescache 2015-08-02 09:29 - 2015-08-02 09:29 - 02232320 _____ C:\windows\system32\config\DEFAULT.rhk 2015-08-02 09:29 - 2015-08-02 09:29 - 00094208 _____ C:\windows\system32\config\SAM.rhk 2015-08-02 09:29 - 2015-08-02 09:29 - 00028672 _____ C:\windows\system32\config\SECURITY.rhk 2015-08-02 09:25 - 2015-08-02 09:29 - 73924608 _____ C:\windows\system32\config\SOFTWARE.rhk 2015-08-01 16:09 - 2015-08-23 22:20 - 01246137 _____ C:\windows\WindowsUpdate.log 2015-08-01 16:08 - 2015-08-01 16:08 - 00133048 _____ C:\Users\Ebling\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-01 16:07 - 2015-08-23 22:16 - 00008292 _____ C:\windows\setupact.log 2015-08-01 16:07 - 2015-08-01 16:07 - 00000000 _____ C:\windows\setuperr.log 2015-08-01 16:06 - 2015-08-23 22:03 - 00007922 _____ C:\windows\PFRO.log 2015-08-01 16:06 - 2015-08-16 18:29 - 00467536 _____ C:\windows\system32\FNTCACHE.DAT 2015-08-01 10:27 - 2015-08-23 22:04 - 00002004 _____ C:\Users\Public\Desktop\Wise Care 365.lnk 2015-08-01 10:27 - 2015-08-23 10:17 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Wise Care 365 2015-08-01 10:27 - 2015-08-01 10:27 - 00013264 _____ (wisecleaner.com) C:\windows\WiseHDInfo32.dll 2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365 2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\Program Files\Wise 2015-08-01 10:23 - 2015-08-01 10:23 - 06043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe 2015-07-28 09:04 - 2015-07-28 09:04 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-07-28 09:04 - 2015-07-28 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-07-28 08:54 - 2015-07-28 08:54 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk 2015-07-25 17:20 - 2015-07-25 17:20 - 06962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-23 22:18 - 2010-09-25 11:38 - 00001094 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-23 22:16 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-08-23 22:15 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-23 22:15 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-23 22:12 - 2012-09-18 23:29 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job 2015-08-23 22:12 - 2010-09-25 11:38 - 00001098 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-23 22:10 - 2012-12-27 11:51 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\IObit 2015-08-23 22:10 - 2012-12-27 11:51 - 00000000 ____D C:\ProgramData\IObit 2015-08-23 22:02 - 2015-05-09 09:03 - 00000000 ____D C:\AdwCleaner 2015-08-23 21:59 - 2012-03-11 00:18 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForHP625$.job 2015-08-23 21:52 - 2009-07-14 04:37 - 00000000 ____D C:\windows\LiveKernelReports 2015-08-23 21:29 - 2012-08-23 19:54 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2015-08-23 20:12 - 2012-09-18 23:29 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job 2015-08-23 11:11 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default 2015-08-23 11:11 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public 2015-08-23 11:05 - 2009-07-14 04:04 - 00000215 _____ C:\windows\system.ini 2015-08-23 10:52 - 2009-07-14 04:03 - 78118912 _____ C:\windows\system32\config\SOFTWARE.bak 2015-08-23 10:52 - 2009-07-14 04:03 - 40632320 _____ C:\windows\system32\config\COMPON~1.bak 2015-08-23 10:52 - 2009-07-14 04:03 - 27525120 _____ C:\windows\system32\config\SYSTEM.bak 2015-08-23 10:52 - 2009-07-14 04:03 - 02359296 _____ C:\windows\system32\config\DEFAULT.bak 2015-08-23 10:52 - 2009-07-14 04:03 - 00262144 _____ C:\windows\system32\config\SECURITY.bak 2015-08-23 10:52 - 2009-07-14 04:03 - 00094208 _____ C:\windows\system32\config\SAM.bak 2015-08-23 10:24 - 2012-09-18 23:36 - 00002664 _____ C:\Users\Ebling\Desktop\Google Chrome.lnk 2015-08-23 10:00 - 2012-01-03 01:14 - 00000000 ____D C:\Program Files\AntiBrowserSpy 2015-08-23 10:00 - 2010-06-11 20:47 - 00000000 ____D C:\ProgramData\PDFC 2015-08-20 21:30 - 2014-11-11 20:35 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte 2015-08-20 13:50 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-20 13:35 - 2010-09-11 15:51 - 00000000 ____D C:\Users\Ebling 2015-08-20 13:35 - 2010-07-01 15:50 - 00000000 ____D C:\Program Files\Broadcom 2015-08-20 11:48 - 2010-09-18 11:50 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForEbling.job 2015-08-19 18:52 - 2010-06-11 20:30 - 01629212 _____ C:\windows\system32\PerfStringBackup.INI 2015-08-19 14:10 - 2014-02-02 15:03 - 00000764 _____ C:\NSI_DriverInstall.log 2015-08-19 14:09 - 2012-06-09 22:00 - 00000000 ____D C:\Program Files\Handset WinDriver 2015-08-17 10:32 - 2014-11-07 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2015-08-17 10:18 - 2014-11-07 00:01 - 00000000 ____D C:\Program Files\TomTom HOME 2 2015-08-17 10:15 - 2011-08-13 16:07 - 00000000 ____D C:\Users\Ebling\AppData\Local\Downloaded Installations 2015-08-16 19:45 - 2014-09-29 22:19 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\HpUpdate 2015-08-16 19:29 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET 2015-08-16 18:26 - 2014-12-10 04:15 - 00000000 ____D C:\windows\system32\appraiser 2015-08-16 18:26 - 2014-05-06 21:54 - 00000000 ___SD C:\windows\system32\CompatTel 2015-08-16 18:26 - 2010-06-11 20:42 - 00000000 ____D C:\windows\system32\Drivers\de-DE 2015-08-16 18:26 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\de-DE 2015-08-16 13:53 - 2010-09-11 18:03 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-08-16 13:52 - 2015-04-19 18:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-08-16 13:52 - 2011-05-04 06:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-16 13:47 - 2013-08-15 17:30 - 00000000 ____D C:\windows\system32\MRT 2015-08-16 13:30 - 2010-09-16 19:47 - 129304528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-08-16 12:29 - 2012-05-25 10:47 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2015-08-16 12:29 - 2011-06-04 12:20 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2015-08-01 10:46 - 2010-09-11 18:02 - 00000000 ___RD C:\MSOCache 2015-08-01 10:32 - 2015-03-12 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8 2015-08-01 10:32 - 2014-03-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3 2015-08-01 10:32 - 2012-05-27 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-08-01 10:32 - 2012-03-07 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager 2015-08-01 09:36 - 2013-05-09 22:58 - 00000000 ____D C:\Users\Ebling\AppData\Local\CrashDumps 2015-07-31 18:12 - 2015-03-29 18:16 - 00000400 _____ C:\windows\Tasks\One-Click Optimizer WO11.job 2015-07-29 21:26 - 2014-09-29 22:18 - 00000000 ____D C:\ProgramData\HP 2015-07-29 20:06 - 2010-09-11 15:55 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Hewlett-Packard 2015-07-28 09:04 - 2011-12-01 22:27 - 00000000 ____D C:\Program Files\iTunes 2015-07-28 09:03 - 2012-06-16 13:21 - 00000000 ____D C:\Program Files\iPod 2015-07-28 09:02 - 2015-04-17 16:42 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB 2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\Program Files\QuickTime 2015-07-27 11:02 - 2015-04-23 18:47 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\iFunbox_UserCache 2015-07-26 21:03 - 2015-01-21 23:40 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieBrowserModeList 2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieUserList 2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieSiteList 2015-07-25 18:07 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-07-25 09:08 - 2015-03-28 20:40 - 00000000 ___SD C:\windows\system32\GWX ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-05-09 09:02 - 2015-05-09 09:02 - 2204160 _____ () C:\Program Files\adwcleaner_4.203.exe 2015-05-03 22:35 - 2015-05-03 22:35 - 0891224 _____ (AMD) C:\Program Files\amddriverdownloader.exe 2014-02-27 18:57 - 2013-05-19 17:18 - 13431464 _____ () C:\Program Files\anytrans-setup.exe 2011-04-24 07:47 - 2011-04-24 07:47 - 0620972 _____ () C:\Program Files\Autoruns.zip 2012-07-17 22:53 - 2012-07-17 22:51 - 0883840 _____ () C:\Program Files\Avira-DE-Cleaner.exe 2015-03-06 15:20 - 2015-03-06 15:20 - 2314104 _____ () C:\Program Files\avira_pc_cleaner_de.exe 2013-10-08 13:20 - 2015-07-05 11:04 - 0027155 _____ () C:\Program Files\Changes.txt 2014-06-09 18:25 - 2014-06-09 18:24 - 0277107 _____ () C:\Program Files\clonepartition.rar 2013-05-29 15:04 - 2013-09-09 18:55 - 8334304 _____ (WindSolutions) C:\Program Files\CopyTransManager.exe 2010-08-29 15:08 - 2015-07-05 11:04 - 0000067 _____ () C:\Program Files\Core Temp Gadget & Addons.url 2013-10-08 13:22 - 2015-07-05 11:04 - 0794272 _____ () C:\Program Files\Core Temp.exe 2015-07-05 10:58 - 2015-07-05 10:58 - 0734473 _____ () C:\Program Files\CoreTemp_106.zip 2011-07-22 08:15 - 2011-07-22 08:15 - 0000000 _____ () C:\Program Files\ctapi_out_gr.txt 2011-02-22 13:48 - 2011-02-22 13:48 - 0175007 _____ () C:\Program Files\DirPrintOK292_Installer.zip 2012-05-02 15:44 - 2012-05-02 15:57 - 50449456 _____ (Microsoft Corporation) C:\Program Files\dotNetFx40_Full_x86_x64.exe 2012-07-17 22:06 - 2012-06-05 20:14 - 7207866 _____ (FreeDownloadManager.ORG ) C:\Program Files\fdminst.exe 2011-11-13 16:42 - 2011-11-13 16:45 - 14598944 _____ (Mozilla) C:\Program Files\Firefox Setup 8.0.exe 2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\FirstBackup.spg 2015-05-03 18:51 - 2015-05-03 18:51 - 30650288 _____ (DVDVideoSoft Ltd. ) C:\Program Files\FreeVideoToMP3Converter.exe 2014-02-27 18:57 - 2013-01-11 23:56 - 18291784 _____ (AVM Berlin ) C:\Program Files\FRITZ!fax_3.07.04 (1).exe 2013-01-06 21:34 - 2013-01-06 21:32 - 18291784 ____N (AVM Berlin ) C:\Program Files\FRITZ!fax_3.07.04.exe 2011-11-20 18:38 - 2011-09-08 07:23 - 0148923 _____ () C:\Program Files\FRITZ.Box Fon WLAN 7170 (UI) 29.04.80_08.09.11_0723.export 2012-08-27 20:20 - 2012-08-27 20:27 - 28952353 _____ () C:\Program Files\HiSuiteSetup V1.6.10.08.zip 2015-07-21 18:05 - 2015-07-21 18:05 - 5493352 _____ (Marx Software ) C:\Program Files\IDM05Setup.exe 2015-04-23 18:41 - 2015-04-23 18:41 - 21348024 _____ ( ) C:\Program Files\ifunbox_setup.exe 2014-02-27 18:57 - 2013-09-09 18:46 - 4279392 _____ (WindSolutions) C:\Program Files\Install_CopyTrans_Suite.exe 2014-02-27 18:57 - 2014-02-15 14:36 - 30796712 _____ (Oracle Corporation) C:\Program Files\jre-7u51-windows-x64.exe 2014-02-27 18:57 - 2013-05-08 20:44 - 4894912 _____ (Kaspersky Lab ZAO) C:\Program Files\kavremover.exe 2012-01-05 18:39 - 2013-09-09 18:55 - 0012943 _____ () C:\Program Files\License Agreement.rtf 2010-06-30 18:32 - 2015-07-05 11:04 - 0006594 _____ () C:\Program Files\License.txt 2014-04-18 08:42 - 2014-04-18 08:43 - 28875706 _____ () C:\Program Files\MediathekView_6.zip 2010-09-24 18:34 - 2010-09-24 18:34 - 0002120 _____ () C:\Program Files\mobile 2012-09-02 14:02 - 2012-09-02 14:02 - 0290154 _____ () C:\Program Files\mp3DirectCut2.16.exe 2011-03-06 14:48 - 2011-03-06 14:48 - 0417048 _____ (Yahoo! Inc.) C:\Program Files\msgr10de.exe 2014-04-16 09:26 - 2014-04-16 09:26 - 16587248 _____ (Tracker Software Products Ltd ) C:\Program Files\PDFX142Vwer.exe 2012-12-02 00:54 - 2012-12-02 00:59 - 15271824 _____ (Google Inc.) C:\Program Files\picasa39-setup.exe 2014-02-27 18:57 - 2013-05-20 14:16 - 15102976 _____ (MiniTool Solution Ltd. ) C:\Program Files\pwhe78.exe 2014-06-28 16:18 - 2014-06-28 16:18 - 2617176 _____ (VS Revo Group Ltd.) C:\Program Files\revosetup193.exe 2013-04-19 23:21 - 2013-04-19 23:23 - 6018162 _____ () C:\Program Files\Root_Y200_v5.zip 2013-02-17 17:48 - 2013-02-17 17:48 - 5193621 _____ () C:\Program Files\Samsung-PC-Editor.rar 2013-02-17 17:55 - 2013-02-17 17:55 - 6845297 _____ () C:\Program Files\Samsung_ChannelListPCEditor_1.09.zip 2014-02-27 18:57 - 2014-02-15 21:24 - 3930129 _____ () C:\Program Files\Setup_Migraene-Tagebuch.exe 2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\sg_backup_2010-09-23-2050.spg 2015-07-25 17:20 - 2015-07-25 17:20 - 6962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe 2013-04-20 12:43 - 2013-04-20 12:43 - 0627688 _____ () C:\Program Files\Superuser-3.0.7-efghi-signed.zip 2014-06-09 18:51 - 2014-06-09 18:51 - 0583496 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\tb_free_installer.exe 2010-09-23 20:46 - 2010-09-23 20:46 - 0655360 _____ (Speed Guide Inc.) C:\Program Files\TCPOptimizer.exe 2012-11-17 12:48 - 2012-11-17 12:49 - 3167176 _____ (TeamViewer) C:\Program Files\TeamViewerQS_de.exe 2009-10-20 00:43 - 2009-10-20 00:43 - 0047104 _____ () C:\Program Files\Thumbs.db 2014-11-06 23:57 - 2014-11-06 23:57 - 31119112 _____ () C:\Program Files\TomTomHOME2winlatest.exe 2015-08-01 10:23 - 2015-08-01 10:23 - 6043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe 2014-05-18 20:19 - 2014-05-18 20:19 - 0699943 _____ () C:\Program Files\wmv2-1.9.8.exe 2015-03-29 19:10 - 2015-03-29 19:10 - 0000000 _____ () C:\Users\Ebling\AppData\Roaming\gdfw.log 2015-03-29 19:10 - 2015-03-29 19:10 - 0000779 _____ () C:\Users\Ebling\AppData\Roaming\gdscan.log 2011-02-16 15:58 - 2011-05-21 20:59 - 0001849 _____ () C:\Users\Ebling\AppData\Roaming\GhostObjGAFix.xml 2011-07-02 21:02 - 2011-07-02 21:03 - 0038452 _____ () C:\Users\Ebling\AppData\Roaming\Microsoft Excel 97-2003.ADR 2011-08-13 19:00 - 2012-01-23 20:20 - 0001570 _____ () C:\Users\Ebling\AppData\Roaming\MyMicroBalanceConfig.ini 2012-09-02 14:21 - 2014-07-31 17:27 - 0004608 _____ () C:\Users\Ebling\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-03-06 14:44 - 2011-03-06 14:44 - 0000209 _____ () C:\Users\Ebling\AppData\Local\GLFEDA7.tmp 2014-03-15 10:27 - 2014-03-15 10:27 - 0004096 ____H () C:\Users\Ebling\AppData\Local\keyfile3.drm 2012-03-10 11:45 - 2012-03-10 11:45 - 0000017 _____ () C:\Users\Ebling\AppData\Local\resmon.resmoncfg 2012-11-25 03:31 - 2012-11-25 03:31 - 0017408 _____ () C:\Users\Ebling\AppData\Local\WebpageIcons.db 2014-09-29 22:18 - 2014-09-29 22:18 - 0000057 _____ () C:\ProgramData\Ament.ini 2011-12-24 01:00 - 2011-12-24 01:00 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2011-02-16 13:56 - 2014-06-25 20:24 - 10981376 _____ () C:\ProgramData\sandra.mda 2014-12-26 18:30 - 2014-12-26 18:30 - 0001534 _____ () C:\ProgramData\ss.ini Einige Dateien in TEMP: ==================== C:\Users\Ebling\AppData\Local\temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\windows\explorer.exe => Datei ist digital signiert C:\windows\system32\winlogon.exe => Datei ist digital signiert C:\windows\system32\wininit.exe => Datei ist digital signiert C:\windows\system32\svchost.exe => Datei ist digital signiert C:\windows\system32\services.exe => Datei ist digital signiert C:\windows\system32\User32.dll => Datei ist digital signiert C:\windows\system32\userinit.exe => Datei ist digital signiert C:\windows\system32\rpcss.dll => Datei ist digital signiert C:\windows\system32\dnsapi.dll => Datei ist digital signiert C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-03 10:45 ==================== Ende vom raportu ============================ |
|
23.08.2015, 21:39
| #10 |
| | C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren und nun die addition.txt-Datei: FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-08-2015 03
durchgeführt von Ebling (2015-08-23 22:24:58)
Gestartet von C:\Users\Ebling\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1320190850-2687297852-4289220983-500 - Administrator - Disabled)
DHBW (S-1-5-21-1320190850-2687297852-4289220983-1007 - Limited - Enabled) => C:\Users\DHBW
Doris (S-1-5-21-1320190850-2687297852-4289220983-1002 - Limited - Enabled) => C:\Users\Doris
Ebling (S-1-5-21-1320190850-2687297852-4289220983-1001 - Administrator - Enabled) => C:\Users\Ebling
Gast (S-1-5-21-1320190850-2687297852-4289220983-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1320190850-2687297852-4289220983-1011 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G Data InternetSecurity CBE (Disabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity CBE (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1und1 Internet Explorer Add-On (Version: 1.0 - 1&1 Internet AG) Hidden
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
AntiBrowserSpy (HKLM\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
Anti-Twin (Installation 12/29/2011) (HKLM\...\Anti-Twin 2011-12-29 18.43.19) (Version: - Joerg Rosenthal, Germany)
AnyTrans 3.4.1 (HKLM\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 3.4.1 - iMobie Inc.)
Apple Application Support (32-Bit) (HKLM\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{992F7E6B-58D4-428A-B574-082C0884423E}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version: - AVM Berlin)
AVM FRITZ!Fernzugang (HKLM\...\{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}) (Version: 1.2.3 - AVM Berlin)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
ccc-core-static (Version: 2011.0316.116.298 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloneSpy 2.62 (HKLM\...\CloneSpy) (Version: - CloneSpy)
COMPUTERBILD-Abzockschutz (HKLM\...\{6F03FF16-24BF-4887-9EBA-280CF7657A54}) (Version: 1.0.42 - J3S)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Der grandiose Bildverkleinerer 1.7b (HKLM\...\Der grandiose Bildverkleinerer) (Version: 1.7b - )
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DirPrintOK (HKLM\...\DirPrintOK) (Version: - )
EaseUS Partition Master 10.5 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
Energy Star Digital Logo (HKLM\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Everything 1.2.1.371 (HKLM\...\Everything) (Version: - )
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video Flip and Rotate version 2.1.7.422 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.7.422 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.58.415 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
FreeRIP MP3 Converter 4.5.3 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.3 - GreenTree Applications SRL)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
FRITZ!Box-Fernzugang einrichten (HKLM\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
G Data InternetSecurity CBE (HKLM\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM\...\{15F02176-0D12-4FAF-B2CD-2767C7781427}) (Version: 3.0.4993 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google+ Auto Backup) (Version: 1.0.24.118 - Google, Inc.)
GoogleClean (HKLM\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
Hama Wireless LAN Adapter (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 10.6.0 - Hama)
Hama Wireless LAN Adapter (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama)
Handset WinDriver 1.02.03.00 (HKLM\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.)
HiSuite (HKLM\...\Hi Suite) (Version: 32.610.28.00.06 - Huawei Technologies Co.,Ltd)
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{C2686567-5A9A-4B6D-B965-7A5E26F73A25}) (Version: 1.1.3.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Setup (HKLM\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{DA200FDD-DE3D-4958-8465-C4FBC869544B}) (Version: 3.5.20.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0190 (HKLM\...\{5B0D9F1A-425E-46C4-B06D-2C0736C1E804}) (Version: 1.00.0000 - Hewlett-Packard)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.25.0 - Roxio)
HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50014.0 - Sonix)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackupBot 5.2.5 (HKLM\...\iBackupBot) (Version: 5.2.5 - VOWSoft, Ltd.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
iFunbox (v2.95.2610.819), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.95.2610.819 - )
iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.)
Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Licensing Service Install (HKLM\...\{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}) (Version: 2.0.1.181 - Protexis Inc.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.1 (HKLM\...\{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1) (Version: - MiniTool Solution Ltd.)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
miTracker 1.1.4 (HKLM\...\miTracker) (Version: 1.1.4 - Vitarsoft Co. Limited.)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mp3tag v2.53 (HKLM\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyMicroBalance (HKLM\...\{1AE1CCB0-DF19-44DF-B8C8-8E259F63B028}) (Version: 2.5.3 - Trusted Bytes Softwareentwicklung e.U.)
Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - )
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Festplatten Manager™ 2011 Kompakt (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.117 - PDF Complete, Inc)
PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
pdfsam (HKLM\...\pdfsam) (Version: 2.2.1 - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PhoneClean 2.1.6 (HKLM\...\{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1) (Version: 2.1.6 - iMobie Inc.)
PhotoFiltre (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre Studio X) (Version: - )
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
POP and IMAP Troubleshooter (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PopImapTroubleshooter) (Version: 0.1 - Google)
QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.39 - Piriform)
Revo Uninstaller 1.93 (HKLM\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3.56.20 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version: - )
SiSoftware Sandra Lite 2011.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 17.36.2011.2 - SiSoftware)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
SmartTools Office DDE-Fix (HKLM\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Snapfish Fotobuch (HKLM\...\Snapfish Fotobuch) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{F158CFB3-2C04-4138-9556-B9C3D5A89CF4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
System.Data.SQLite v1.0.81.0 (HKLM\...\{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1) (Version: 1.0.81.0 - System.Data.SQLite Team)
TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.13992 - TeamViewer GmbH)
TomTom HOME (HKLM\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trainingssoftware (HKLM\...\{7C33F907-7A81-48B8-BD2D-D851C5FA9EFC}) (Version: 1.0.0 - IKE Software Solutions)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (Version: 14.0.1000.275 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.7 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Wise Care 365 3.73 (HKLM\...\Wise Care 365_is1) (Version: 3.73 - WiseCleaner.com, Inc.)
WMV9/VC-1 Video Playback (Version: 1.0.60316.0158 - ATI Technologies Inc.) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0006F045-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AFACED1-E828-11D1-9187-B532F1E9575D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{71C3BF7F-682F-4B5E-9E47-5C25D3AC9458}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{8F170678-2A97-4D59-89A1-7A0A71C1B677}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> kein Dateipfad
==================== Wiederherstellungspunkte =========================
16-08-2015 13:24:16 Windows Update
17-08-2015 10:16:36 Installed TomTom HOME.
17-08-2015 10:30:13 Removed TomTom HOME.
19-08-2015 22:30:53 Windows Update
20-08-2015 13:36:19 Installed Bluetooth Software
23-08-2015 10:24:31 ComboFix created restore point
23-08-2015 22:07:39 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2015-08-23 11:05 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01979C6F-F3CD-4ADF-850A-D355D7DBF1E2} - System32\Tasks\{D7B22B5B-FEF4-45DD-BBD7-DDD4B3D3BD98} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {07BC50FA-DF6F-41CB-9167-7FC771DE5D0E} - System32\Tasks\{BF456A74-A282-4513-BE6C-DCEC0EDB9173} => pcalua.exe -a "C:\Program Files\SmartTools\SmartTools Office DDE-Fix.exe" -d "C:\Program Files\SmartTools"
Task: {0CD0B4DA-4EF0-4CEA-B9E6-E216CF647833} - System32\Tasks\{734BA5A5-D0D3-413C-A06E-1334EA7C253A} => pcalua.exe -a "H:\WISO\Steuersoftware 2015\WISOSteuersoftware2015 (1).exe" -d "H:\WISO\Steuersoftware 2015"
Task: {0D0F5B0A-9C80-49E0-ACF1-ED2D99D3963B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {133132F4-A462-4221-9918-D1E109459994} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-13] ()
Task: {1490F15A-500B-48F8-A1B6-CD708B60A869} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {231BF404-97D8-4B25-823E-2EEA520D3319} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {24F1B7B9-C2DA-4872-82DF-78F6957EA702} - System32\Tasks\{EAAA07BA-9CB7-4E2A-B8AB-9B51384CBF79} => pcalua.exe -a C:\windows\IsUn0407.exe -c -f"C:\Program Files\FRITZ!\Uninst.isu" -c"C:\Program Files\FRITZ!\UNINST.DLL"
Task: {295090DA-E78F-4DBC-9965-0937ACB7F00F} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files\AntiBrowserSpy\BrowserMask.exe [2014-01-13] ()
Task: {2A74942C-6BCB-4059-8646-F38427E9E926} - System32\Tasks\Google Updater and Installer => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {314EFBE2-4FB4-4363-BC33-95BD2D0C199D} - System32\Tasks\HPCeeScheduleForEbling => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {33EAEE3C-E0B9-46D9-A740-23FBC29BEA0E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {34D6170E-7F66-43DE-92AA-51121A2FB431} - System32\Tasks\One-Click Optimizer WO11 => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe [2015-01-05] (Ashampoo Development GmbH & Co. KG)
Task: {47C8A5FF-A6CA-49DB-A739-DD959BC47F21} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {640420A2-1CD1-4541-91A8-2D13AEEF61A5} - System32\Tasks\{782CEE39-1246-4CF0-BF80-77CA87BA991F} => pcalua.exe -a H:\InstallTomTomHOME.exe -d H:\
Task: {6DD37970-9D6C-420D-A55B-205B563BB395} - System32\Tasks\{DAD58C6D-7B0D-449A-873D-CA8C01E5FDC1} => C:\Program Files\iMobie\AnyTrans\anytrans-setup.exe [2013-05-19] ()
Task: {71F4526D-6F16-446D-9F58-81D891E12DCD} - System32\Tasks\{890ED934-859F-4552-B0DC-F478B34CFB2F} => Chrome.exe hxxp://ui.skype.com/ui/0/5.0.0.152/de/go/help.faq.installer?LastError=1603
Task: {80F50AED-FAF1-4F20-94DD-E15F2C60E6E8} - System32\Tasks\{0B46AF53-A2FB-4098-BCB8-5E86A4457EB7} => pcalua.exe -a "C:\Program Files\SmartTools\Office DDE-Fix\uninstall.exe" -d "C:\Program Files\SmartTools\Office DDE-Fix"
Task: {80F9E998-4AB6-4377-9B91-521DD6141DE2} - System32\Tasks\{48C16FF1-F5E1-40A1-9BD6-EE8DA774B726} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {811A6051-40F0-4085-BB3B-6F577CCA5B7C} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {81A420AF-3DA2-462B-B3D8-796DF4E2C60A} - System32\Tasks\{E508F5B1-0FFE-4648-861C-C3B3A77109F3} => pcalua.exe -a "C:\Program Files\FRITZ!Box\FRITZ!fax_3.07.04.exe" -d "C:\Program Files\FRITZ!Box"
Task: {88D05C53-BF29-41FC-8A4F-B8209C8AB5A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8B11E630-046A-43CF-B73A-930B0CE305C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {8D02AB57-24BF-4370-9117-62250A647186} - System32\Tasks\{CDE98B08-CC91-4969-BD47-3D0DBF714EEF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {8E7BDED3-155B-4581-B97D-92DA9F8FE5C5} - System32\Tasks\ASC8_SkipUac_Ebling => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: {8F503074-A26D-4DEC-9EDC-E9416CBF32B6} - System32\Tasks\{48F2F052-31D6-4307-8BA0-EA9DB63FAFAF} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {904E8419-36B7-4F8D-B3DF-B43242CE78CB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {908D6E9A-4122-418D-AF2A-07C2F1DB3436} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
Task: {921512E0-3959-4FA8-BAA4-AE58DEA62E50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {95224B42-2574-4EA7-8C4C-BBA507E88A85} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {95946CEF-BBB5-44EA-B9F7-2B00B060CD98} - System32\Tasks\{40FAF4F9-93F5-4266-B1FF-0D111039189A} => pcalua.exe -a "C:\Program Files\iview430g_setup.exe" -d C:\Users\Ebling\Desktop
Task: {9A36F8F5-7717-472E-BCA6-85FC241B45CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {9CC38FA3-C263-44D3-9DEC-2D75EFD699BC} - System32\Tasks\{1D954EBB-64CB-4FBA-BF3A-20D806CCF871} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {B744F1FB-F29F-464E-AB93-9D81D3D2D28A} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-13] ()
Task: {C6136B4B-1487-4868-9914-75136056ABD1} - System32\Tasks\{DD71730C-F8FF-4900-86CE-BE6EEDFD9428} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -d C:\windows\system32 -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {CCCDDC80-D966-4940-8B67-4187F134A4A9} - System32\Tasks\HPCeeScheduleForHP625$ => c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {CF723268-1BCF-454E-938C-2279828B9184} - System32\Tasks\{6EEE5437-4E2D-40EB-911F-A6C858C971FB} => pcalua.exe -a "C:\Program Files\Google\Picasa3\Uninstall.exe"
Task: {D8854C4B-75DA-4B07-BDE5-1424B67FF13C} - System32\Tasks\{E2634312-8A42-4EBF-A6EC-E194A5615141} => pcalua.exe -a "C:\Program Files\FRITZ!fax_3.07.04.exe" -d "C:\Program Files"
Task: {DB0E0E0B-036C-440E-8614-02291AC4A684} - System32\Tasks\{16FE68E3-8085-4DE4-BBB7-DB8ED9F20C62} => pcalua.exe -a "C:\Users\Ebling\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLQGS4AV\sp48591[1].exe" -d C:\Users\Ebling\Desktop
Task: {DF21E094-5EE5-4916-8AA8-5079BA6F1785} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {F037DEC8-361B-43FB-B03E-A9D31575BA3F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {F402D984-6BEC-4B64-AA36-D3C005440D04} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FBCE29B2-17E0-4A73-958C-838E5BBD1E89} - System32\Tasks\{49950F46-4A32-40C2-B8EB-8A7B7344E019} => pcalua.exe -a "D:\1-Wilfried\Nebentätigkeiten\0-Lehrauftrag-Baureferendare\Rheinland-Pfalz\Foliensatz für Baureferendare 2011\iview430g_setup.exe" -d C:\Users\Ebling\Desktop
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForEbling.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForHP625$.job => c:\program files\hewlett-packard\hp ceement\HPCEE.exe
Task: C:\windows\Tasks\One-Click Optimizer WO11.job => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-03-04 20:00 - 2001-10-28 17:42 - 00116224 _____ () C:\windows\System32\pdfcmnnt.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-18 14:52 - 2014-09-05 09:40 - 00117280 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
2015-07-18 14:52 - 2014-09-05 09:40 - 00180768 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
2011-03-15 13:03 - 2011-03-15 13:03 - 01053848 ____N () C:\Windows\System32\ieconfig_1und1_svc.exe
2013-12-19 04:42 - 2013-12-19 04:42 - 00287864 ____N () C:\Program Files\Common Files\G Data\AVKProxy\PktIcpt2.dll
2015-05-15 19:04 - 2014-01-13 10:08 - 01136640 _____ () C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00778240 _____ () C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00823424 _____ () C:\Program Files\AntiBrowserSpy\BrowserMask.exe
2011-02-15 17:38 - 2010-06-14 15:38 - 00984416 _____ () C:\Program Files\Hama\Common\RaWLAPI.dll
2015-08-22 11:16 - 2015-08-18 07:23 - 01405768 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-22 11:16 - 2015-08-18 07:23 - 00081224 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\libegl.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2011-03-14 14:20 - 2011-03-14 14:20 - 00098304 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-16 01:14 - 2011-03-16 01:14 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-08-22 11:16 - 2015-08-18 07:23 - 16393032 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ibackupbot_setup.exe:BDU
AlternateDataStreams: C:\wm2014xxl.exe:BDU
AlternateDataStreams: C:\Program Files\avira_pc_cleaner_de.exe:BDU
AlternateDataStreams: C:\Program Files\PDFX142Vwer.exe:BDU
AlternateDataStreams: C:\Program Files\revosetup193.exe:BDU
AlternateDataStreams: C:\Program Files\Setup_Migraene-Tagebuch.exe:BDU
AlternateDataStreams: C:\Program Files\tb_free_installer.exe:BDU
AlternateDataStreams: C:\Program Files\TomTomHOME2winlatest.exe:BDU
AlternateDataStreams: C:\Program Files\wmv2-1.9.8.exe:BDU
AlternateDataStreams: C:\windows\system32\atibtmon.exe:AGC
AlternateDataStreams: C:\Users\Ebling\OJ6500_E710n-z_1315-1.exe:BDU
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4789 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.5 BD Edition.lnk => C:\windows\pss\PHOTOfunSTUDIO 6.5 BD Edition.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk => C:\windows\pss\Scanner Finder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TraXEx PC-Putzer.lnk => C:\windows\pss\TraXEx PC-Putzer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Ebling^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\windows\pss\Persbackup.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
MSCONFIG\startupreg: estar => C:\System.Sav\Util\HideDOS.EXE C:\System.Sav\util\estartwk\twk7.bat
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: iFunBox Fast App Install Handler => C:\Program Files\i-Funbox DevTeam\iFunBox.exe /tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: miTracker => C:\Program Files\miTracker\miTracker.exe
MSCONFIG\startupreg: Mobile Partner => C:\Program Files\HiSuite\HiSuite.exe -s
MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: UM => C:\Users\Ebling\AppData\Roaming\Update Manager\UM.EXE
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{1FB21EF4-B2D9-46D3-9143-81A824193170}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{DA70798B-6C74-4314-9E85-0AD7EA3FFA4D}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{D398DBA3-5B1A-4115-A443-1555995590FA}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C6E9E309-E04A-4465-AB54-A8C3BBD0D257}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{34A2C04A-52FD-4633-B7BB-E7E8B7B8E06E}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe
FirewallRules: [{35F1465C-4094-4338-B217-7DE418ECC2AA}] => (Allow) G:\fsetup.exe
FirewallRules: [{0771C26A-3465-4A63-A3FB-5DEB25174563}] => (Allow) G:\fsetup.exe
FirewallRules: [{9C8EEAC4-C79E-4645-A345-338396030737}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{D194DF3A-FFF0-4543-8EE4-2AF55A8E73F5}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{9AA67938-324E-4F9A-A3FD-09CE569F0070}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{7BA68422-AA22-4466-857F-D9E00534E399}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{70A20D15-4578-458B-B6F1-133FB02F5710}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5E420C5-9698-499C-B6CF-25C51A6B905A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{023C21EE-16A0-4373-9E02-AE44FC9F9843}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F2DE679E-9EA9-4C6F-B596-E6E80E9394BA}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{796FA458-B5B4-4C0D-913E-C5CDA12E37BC}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{912DA99B-4816-4BFF-9B2E-C88D8EFB0407}] => (Allow) C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C23F3B2D-F668-4510-ABC5-3AD89244CC22}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{98BA9B42-D287-4D0B-9C3A-D7200D181C49}] => (Allow) LPort=2869
FirewallRules: [{BAA9DC4F-E2C2-45A1-83FE-9E71AF8AD65D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{85D82E3B-5F42-4FE2-8993-64F99282E680}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [UDP Query User{C35FA939-86A0-4E6B-9AAF-B4DCD5E7102C}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [{3A9FC52B-A777-4ABC-ABAF-DF0880AD4A4E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{257885B6-6087-4E56-861F-72F48D255233}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{7D264A39-5051-4918-A99E-F3EBE90AD86F}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{F428979F-E951-4291-A592-369F7760DF42}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{4DA75E71-DD81-4198-B34A-64F14B9DA25E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{9033FD3A-8909-4C19-8130-4AF6CB8A2296}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E45CB4B1-E05C-4C78-9A1A-4B5AA6D03B9C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\RpcSandraSrv.exe
FirewallRules: [{27FF653E-2A0D-4C5D-8401-30DB0FB5BB27}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{B7891E7C-022C-47E0-AA42-FACA7E4B6B2E}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{4FFA83CB-C837-4B93-87FC-FE0FDAE91AC6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{DBBF42D8-C004-414B-B6D5-6819FC95219F}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe
FirewallRules: [UDP Query User{180E934D-78A8-4E31-BA12-CAE8FEF7D41D}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/22/2015 03:41:40 PM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Crawlbereich befindet (Fehler=0x80010108).
Error: (08/22/2015 03:41:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SnippingTool.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1bcc
Startzeit: 01d0dcbae9081514
Endzeit: 312
Anwendungspfad: C:\windows\system32\SnippingTool.exe
Berichts-ID: 71b49f35-48d3-11e5-b821-70f39553e7b7
Error: (08/16/2015 09:34:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14043.574, Zeitstempel: 0x52fb3224
Name des fehlerhaften Moduls: avkhttp.dll, Version: 25.0.14079.176, Zeitstempel: 0x532a4adc
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008cf92
ID des fehlerhaften Prozesses: 0x140
Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0
Pfad der fehlerhaften Anwendung: AVKProxy.exe1
Pfad des fehlerhaften Moduls: AVKProxy.exe2
Berichtskennung: AVKProxy.exe3
Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
Error: (08/16/2015 01:27:12 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
Error: (08/03/2015 09:18:10 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (08/03/2015 09:18:08 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Systemfehler:
=============
Error: (08/23/2015 10:16:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/23/2015 10:15:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv.dll
Error: (08/23/2015 10:15:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv.dll
Error: (08/23/2015 10:15:48 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst G Data Personal Firewall konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (08/23/2015 10:15:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv.dll
Error: (08/23/2015 10:09:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Wireless Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/23/2015 10:09:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/23/2015 10:09:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/23/2015 10:09:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/23/2015 10:09:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Software Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (06/27/2015 03:38:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2068 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/02/2015 12:31:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2364 seconds with 2160 seconds of active time. This session ended with a crash.
Error: (12/07/2014 01:12:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8854 seconds with 1680 seconds of active time. This session ended with a crash.
Error: (11/06/2014 10:05:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 669 seconds with 0 seconds of active time. This session ended with a crash.
Error: (10/18/2014 11:01:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47515 seconds with 18060 seconds of active time. This session ended with a crash.
Error: (10/06/2014 10:23:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19835 seconds with 5880 seconds of active time. This session ended with a crash.
Error: (07/28/2014 04:11:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29534 seconds with 16380 seconds of active time. This session ended with a crash.
Error: (07/07/2014 08:46:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7323 seconds with 2940 seconds of active time. This session ended with a crash.
Error: (05/24/2014 11:03:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1296 seconds with 360 seconds of active time. This session ended with a crash.
Error: (03/15/2014 09:57:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7475 seconds with 300 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II P320 Dual-Core Processor
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 2812.56 MB
Verfügbarer physikalischer RAM: 1086.73 MB
Summe virtueller Speicher: 5923.43 MB
Verfügbarer virtueller Speicher: 3620.82 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:72.29 GB) (Free:1.47 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Daten) (Fixed) (Total:137 GB) (Free:11.48 GB) NTFS
Drive e: (Nebentätigkeit) (Fixed) (Total:71.5 GB) (Free:12.84 GB) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32
Drive g: (SH_SICHERHEIT2015) (CDROM) (Total:5.26 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 57E5C010)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=300 MB) - (Type=42)
Partition 3: (Not Active) - (Size=72.3 GB) - (Type=42)
Partition 4: (Not Active) - (Size=225.5 GB) - (Type=42)
==================== Ende vom raportu ============================
|
|
24.08.2015, 15:17
| #11 |
| /// the machine /// TB-Ausbilder | C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren Noch Kontrollscans  ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.08.2015, 05:54
| #12 |
| | C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim HochfahrenCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ef1858f21e046841b58aeacb5963c45b
# end=init
# utc_time=2015-08-24 04:51:19
# local_time=2015-08-24 06:51:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41217
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Finalize
Updated modules version: 25424
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 25424
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ef1858f21e046841b58aeacb5963c45b
# end=updated
# utc_time=2015-08-24 05:03:40
# local_time=2015-08-24 07:03:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ef1858f21e046841b58aeacb5963c45b
# engine=25424
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-25 02:26:51
# local_time=2015-08-25 04:26:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 45149233 192100802 0 0
# scanned=713532
# found=16
# cleaned=0
# scan_time=33790
sh=E1C99225C4C16710DE3AF3D52300E1E943F7C84F ft=1 fh=f891ef12b7700e02 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe.vir"
sh=2D3BDDC407B3FF4AE8DF623DC4972935FEDDD248 ft=0 fh=0000000000000000 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\application.xap.vir"
sh=91D630DCFDD64919F6E0B008A02B5DC3F8E4B629 ft=1 fh=adda622f7a9601d7 vn="Variante von Win32/Toolbar.Widgi.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\BrowserExtensions\Button.exe.vir"
sh=B46CB3B745D5C97899CB8F243527C230B49F2DA4 ft=1 fh=8479965fa92c6ae8 vn="Variante von Win32/Toolbar.Widgi.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\BrowserExtensions\ButtonWrap.dll.vir"
sh=EDDFB1C2033C2A4442895A914463D5D73BB7672A ft=0 fh=0000000000000000 vn="JS/Adware.Spigot.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\BrowserExtensions\coupons.xpi.vir"
sh=1FA9BFCDB4156C1C95DC03D7D837B361647C5118 ft=0 fh=0000000000000000 vn="JS/Adware.Spigot.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\BrowserExtensions\saebay.xpi.vir"
sh=6227C03AA54DAFB071DFEDB7712E7F6970776611 ft=1 fh=7ea30c95f8f12db7 vn="Win32/Toolbar.Widgi.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\BrowserExtensions\Uninstall.exe.vir"
sh=829D808C091045F45C513A6E4AB17055A52A9320 ft=1 fh=282fb76e1825b814 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\OpenCandy\DCF7A0DE01DE479DB814941CF805EB81\DeltaTB.exe.vir"
sh=1064AF96E61893022C70C33C1E0FCE515EA5A272 ft=1 fh=cfb404f47ea9baab vn="Variante von Win32/Toolbar.Widgi.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\Settings Manager\SettingsManager.exe.vir"
sh=C25C5A6F5303D1716F66FA34E6BA91953DE4F253 ft=1 fh=1b0689a68f6e8b42 vn="Variante von Win32/Toolbar.Widgi.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\Settings Manager\Uninstall.exe.vir"
sh=9E77E1D2FD7B77B0FD8A71A70C35DD5A16836CF3 ft=1 fh=b241df9fafd25e77 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=852A6B778F5BAE9050B6FD3C7AA59792C7B128DA ft=1 fh=38ab496ee63627e4 vn="Variante von Win32/Toolbar.Widgi.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\Update Manager\OldForDeletion~spAE48.tmp.vir"
sh=68BA42E06A7CB7C9B2C85BD821362977AF5AB8A6 ft=1 fh=947b8f139e97bd70 vn="Win32/SweetIM.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\windows\system32\ARFC\wrtc.exe.vir"
sh=6CF8A9F031B45F70BE3E66E7ACC7449CDA15FA34 ft=1 fh=2de4b6f517306153 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\PDFCreator\PDFCreator-1_2_3_setup.exe"
sh=95ADC7925C2BB20FACE637E7031972F8E208FA33 ft=0 fh=0000000000000000 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx"
sh=2D44DFDC38A6DDE1D93656451D5996F29F9DCD27 ft=1 fh=7c272d3303659065 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ebling\Desktop\wzmp_10.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.006 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` G Data InternetSecurity CBE Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` CloneSpy 2.62 AntiBrowserSpy TuneUp Utilities 2014 (de-DE) TuneUp Utilities 2014 CCleaner JavaFX 2.1.1 Java 7 Update 9 Java version 32-bit out of Date! Adobe Flash Player 18.0.0.232 Adobe Reader 10.1.13 Adobe Reader out of Date! Google Chrome (44.0.2403.155) Google Chrome (44.0.2403.157) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe ESET ESET Online Scanner OnlineScannerApp.exe Malwarebytes Anti-Malware mbamscheduler.exe G Data InternetSecurity Firewall GDFwSvc.exe G Data InternetSecurity Firewall GDFirewallTray.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:24-08-2015 durchgeführt von Ebling (Administrator) auf HP625 (25-08-2015 06:35:31) Gestartet von C:\Users\Ebling\Desktop Geladene Profile: Ebling (Verfügbare Profile: Ebling & Doris & DHBW) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe (AVM Berlin) C:\Program Files\1&1\IGDCTRL.EXE (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe (PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe (Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaRegistry.exe () C:\Windows\System32\ieconfig_1und1_svc.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe () C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe () C:\Program Files\AntiBrowserSpy\BrowserMask.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (AVM Berlin) C:\Program Files\1&1\Stcenter.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaUI.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Dr. J. Rathlev, D-24222 Schwentinental) C:\Program Files\Personal Backup 5\Persbackup.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\GUI\GDSC.exe (ESET) C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-03-16] (Advanced Micro Devices, Inc.) HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2011-11-12] (IDT, Inc.) HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG) HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2009-05-28] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\1&1 FRITZ!Box starter.lnk [2011-03-15] ShortcutTarget: 1&1 FRITZ!Box starter.lnk -> C:\Windows\Installer\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}\Icon2457326B4.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-08-20] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hama Wireless LAN Utility.lnk [2011-02-15] ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Program Files\Hama\Common\RaUI.exe (Ralink Technology, Corp.) Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011-04-24] () Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk [2014-12-25] ShortcutTarget: Persbackup.lnk -> C:\Program Files\Personal Backup 5\Persbackup.exe (Dr. J. Rathlev, D-24222 Schwentinental) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {06090F73-779E-4FB6-BB0A-FF6807704AF7} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms} SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {417ACE4C-D557-454E-9A06-CE17AD599530} URL = hxxp://go.web.de/suchbox/google?q={searchTerms} SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {43D89E1D-8489-468F-B390-7D3F79E8C588} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms} SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {FC8A9B8F-BE3A-4BBF-82B2-C4427BE73C4B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms} BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\System32\ieconfig_1und1.dll [2011-03-15] (mquadr.at software engineering und consulting GmbH) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation) Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{666D63E0-1108-40D3-940A-9120699323D7}: [DhcpNameServer] 139.7.30.126 139.7.30.125 Tcpip\..\Interfaces\{8A574D06-DDF0-4179-92C5-EAA454D4C1FE}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{AE1DF2C2-266A-4B0D-840C-FBB55ACD6C7B}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{BBD08B48-9530-4B32-A8B9-41E57567D632}: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\windows\system32\npDeployJava1.dll [2012-09-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2012-01-02] FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2012-01-02] Chrome: ======= CHR Profile: C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Kein Name) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2015-08-23] CHR Extension: (Bitdefender Wallet) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-02-15] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12] CHR Extension: (Chrome Web Store Payments) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23] CHR Extension: (Kostenfinder) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfbgjcggeplmenpepddbemhcjfdapoh [2013-08-08] CHR Extension: (AntiBrowserSpy - SocialBlock) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd [2015-05-15] CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files\AntiBrowserSpy\Addons\Chrome.crx [2015-05-15] StartMenuInternet: Google Chrome.B4WUOD3OCN64G3KXDJYLCPUSZE - C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG) R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG) R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2159472 2014-03-25] (G Data Software AG) R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [254328 2010-03-30] (AVM Berlin) R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [121720 2010-03-30] (AVM Berlin) R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2409280 2014-01-30] (G Data Software AG) R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG) R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [117280 2014-09-05] () R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard) R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company) R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [180768 2014-09-05] () S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] R2 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2010-03-30] (AVM Berlin) R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc) R2 RalinkRegistryWriter; C:\Program Files\Hama\Common\RaRegistry.exe [193888 2010-06-01] (Ralink Technology, Corp.) S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [Datei ist nicht signiert] R2 serviceIEConfig; C:\Windows\System32\ieconfig_1und1_svc.exe [1053848 2011-03-15] () S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [Datei ist nicht signiert] R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [254034 2011-11-12] (IDT, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 avmaudio; C:\windows\System32\DRIVERS\avmaudio.sys [101248 2010-11-14] (AVM Berlin) R3 avmaura; C:\windows\System32\DRIVERS\avmaura.sys [101248 2010-09-12] (AVM Berlin) R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [297000 2010-07-14] (Broadcom Corporation.) S3 epmntdrv; C:\windows\system32\epmntdrv.sys [15968 2014-11-18] () S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10208 2014-11-18] () R0 GDBehave; C:\windows\System32\drivers\GDBehave.sys [44544 2015-03-29] (G Data Software AG) R1 GDMnIcpt; C:\windows\system32\drivers\MiniIcpt.sys [101504 2015-03-29] (G Data Software AG) R3 GDPkIcpt; C:\windows\system32\drivers\PktIcpt.sys [56832 2015-03-29] (G Data Software AG) R1 gdwfpcd; C:\windows\System32\drivers\gdwfpcd32.sys [53248 2015-03-29] (G Data Software AG) R1 GRD; C:\windows\system32\drivers\GRD.sys [29528 2015-03-29] (G Data Software) R1 HookCentre; C:\windows\system32\drivers\HookCentre.sys [50176 2015-03-29] (G Data Software AG) R0 hotcore3; C:\windows\System32\DRIVERS\hotcore3.sys [27464 2014-05-19] (Paragon Software Group) S3 HWHandSet; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.) R3 LVUSBSta; C:\windows\System32\drivers\lvusbsta.sys [22016 2005-01-31] (Logitech Inc.) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-24] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation) R3 NWIM; C:\windows\System32\DRIVERS\avmnwim.sys [335224 2010-03-30] (AVM Berlin) S3 PID_0928; C:\windows\System32\DRIVERS\LV561AV.SYS [211712 2005-01-31] (Logitech Inc.) S3 pwdrvio; C:\windows\system32\pwdrvio.sys [15688 2013-09-30] () S3 pwdspio; C:\windows\system32\pwdspio.sys [10320 2013-09-30] () S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware) R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-04-27] () R0 sptd; C:\windows\System32\Drivers\sptd.sys [473656 2012-02-04] (Duplex Secure Ltd.) R3 teamviewervpn; C:\windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-03-30] (TeamViewer GmbH) R1 UimBus; C:\windows\System32\DRIVERS\UimBus.sys [91016 2014-05-19] () R1 Uim_DEVIM; C:\windows\System32\DRIVERS\uim_devim.sys [20616 2014-05-19] () R1 Uim_IM; C:\windows\System32\Drivers\Uim_IM.sys [540040 2014-05-19] () S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert] S3 WiseHDInfo; C:\windows\WiseHDInfo32.dll [13264 2015-08-01] (wisecleaner.com) S3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.) U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S2 ASPI32; kein ImagePath S3 catchme; \??\C:\Users\Ebling\AppData\Local\Temp\catchme.sys [X] U3 DfSdkS; kein ImagePath U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-25 06:35 - 2015-08-25 06:35 - 00000000 ____D C:\Users\Ebling\Desktop\FRST-OlderVersion 2015-08-24 18:51 - 2015-08-24 18:51 - 00000000 ____D C:\Program Files\ESET 2015-08-24 18:10 - 2015-08-24 18:10 - 02870984 _____ (ESET) C:\Users\Ebling\Desktop\esetsmartinstaller_deu.exe 2015-08-24 18:09 - 2015-08-24 18:09 - 00852684 _____ C:\Users\Ebling\Desktop\SecurityCheck.exe 2015-08-23 22:26 - 2015-08-23 22:26 - 00065590 _____ C:\Users\Ebling\Desktop\Addition-23082015.txt 2015-08-23 22:21 - 2015-08-23 22:26 - 00056926 _____ C:\Users\Ebling\Desktop\FRST-23082015.txt 2015-08-23 22:11 - 2015-08-23 22:11 - 00002771 _____ C:\Users\Ebling\Desktop\JRT.txt 2015-08-23 22:06 - 2015-08-23 22:06 - 00001848 _____ C:\Users\Ebling\Desktop\AdwCleaner[C2].txt 2015-08-23 21:58 - 2015-08-23 21:58 - 00008180 _____ C:\Users\Ebling\Desktop\mbam.txt 2015-08-23 21:49 - 2015-08-23 21:49 - 00007758 _____ C:\Users\Ebling\Desktop\ergebnis-anti-malware-23.08.2015-21-49h.txt 2015-08-23 21:07 - 2015-08-24 21:30 - 00098520 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-23 21:07 - 2015-08-23 21:07 - 00001064 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-08-23 21:07 - 2015-08-23 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-08-23 21:06 - 2015-08-23 21:07 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2015-08-23 21:06 - 2015-08-23 21:06 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-08-23 21:06 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2015-08-23 21:06 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-08-23 21:06 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2015-08-23 21:03 - 2015-08-23 21:03 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Ebling\Desktop\JRT.exe 2015-08-23 21:02 - 2015-08-23 21:03 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Ebling\Desktop\mbam-setup-2.1.8.1057.exe 2015-08-23 21:02 - 2015-08-23 21:02 - 01605632 _____ C:\Users\Ebling\Desktop\AdwCleaner_5.003.exe 2015-08-23 21:01 - 2015-08-23 21:01 - 04798152 _____ (WinZip International LLC ) C:\Users\Ebling\Desktop\wzmp_10.exe 2015-08-23 19:39 - 2015-08-24 18:05 - 00000374 _____ C:\windows\system32\Drivers\etc\hosts.ics 2015-08-23 11:11 - 2015-08-23 11:11 - 00032637 _____ C:\ComboFix.txt 2015-08-23 10:24 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe 2015-08-23 10:24 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe 2015-08-23 10:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe 2015-08-23 10:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe 2015-08-23 10:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe 2015-08-23 10:24 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe 2015-08-23 10:24 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe 2015-08-23 10:24 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe 2015-08-23 10:22 - 2015-08-23 11:11 - 00000000 ____D C:\Qoobox 2015-08-23 10:21 - 2015-08-23 11:09 - 00000000 ____D C:\windows\erdnt 2015-08-23 10:16 - 2015-08-23 10:16 - 05635234 ____R (Swearware) C:\Users\Ebling\Desktop\ComboFix.exe 2015-08-22 11:26 - 2015-08-23 22:26 - 00065590 _____ C:\Users\Ebling\Desktop\Addition.txt 2015-08-22 11:22 - 2015-08-25 06:35 - 00023176 _____ C:\Users\Ebling\Desktop\FRST.txt 2015-08-22 11:21 - 2015-08-25 06:35 - 00000000 ____D C:\FRST 2015-08-22 11:20 - 2015-08-25 06:35 - 01690112 _____ (Farbar) C:\Users\Ebling\Desktop\FRST.exe 2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung.lnk 2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung (2).lnk 2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\Documents\Bluetooth-Exchange-Ordner 2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\AppData\Local\Broadcom 2015-08-20 13:43 - 2010-07-20 13:26 - 00111656 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwavdt.sys 2015-08-20 13:43 - 2010-07-20 13:26 - 00088616 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwaudio.sys 2015-08-20 13:43 - 2010-07-20 13:26 - 00018728 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwrchid.sys 2015-08-20 13:43 - 2010-07-14 06:25 - 00297000 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwampfl.sys 2015-08-20 13:43 - 2010-03-02 14:37 - 00033320 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwl2cap.sys 2015-08-19 22:31 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-08-19 22:31 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-08-19 14:10 - 2015-08-19 18:18 - 00000000 ____D C:\Program Files\Huawei 2015-08-19 14:10 - 2011-10-24 06:04 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_quusbmdm.sys 2015-08-19 14:10 - 2011-10-24 05:51 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_usbdev.sys 2015-08-16 13:25 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-16 11:43 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll 2015-08-16 11:42 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll 2015-08-16 11:42 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-08-16 11:42 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll 2015-08-16 11:42 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2015-08-16 11:42 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-08-16 11:42 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-08-16 11:42 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-08-16 11:42 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2015-08-16 11:42 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2015-08-16 11:42 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2015-08-16 11:42 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2015-08-16 11:42 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2015-08-16 11:42 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll 2015-08-16 11:42 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll 2015-08-16 11:42 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-08-16 11:42 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-08-16 11:42 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-08-16 11:42 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-08-16 11:42 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-08-16 11:42 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-08-16 11:42 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-08-16 11:42 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-08-16 11:42 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-08-16 11:42 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-08-16 11:42 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-08-16 11:42 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-08-16 11:42 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-08-16 11:42 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-08-16 11:42 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-08-16 11:42 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-08-16 11:42 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-08-16 11:42 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-08-16 11:42 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-08-16 11:42 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-08-16 11:42 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll 2015-08-16 11:42 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-08-16 11:42 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll 2015-08-16 11:42 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll 2015-08-16 11:42 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-08-16 11:42 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-08-16 11:42 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-08-16 11:42 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-08-16 11:42 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-08-16 11:42 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-08-16 11:42 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-08-16 11:42 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-08-16 11:42 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe 2015-08-16 11:42 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe 2015-08-16 11:42 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-08-16 11:42 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-08-16 11:42 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys 2015-08-16 11:42 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-08-16 11:42 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-08-16 11:42 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-08-16 11:42 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-08-16 11:42 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-08-16 11:42 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-08-16 11:42 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll 2015-08-16 11:42 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-08-16 11:42 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-08-16 11:42 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-08-16 11:42 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-08-16 11:42 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-08-16 11:42 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2015-08-16 11:42 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2015-08-16 11:42 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2015-08-16 11:42 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe 2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\notepad.exe 2015-08-16 11:42 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll 2015-08-16 11:42 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll 2015-08-16 11:41 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll 2015-08-16 11:41 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2015-08-16 11:41 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll 2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll 2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll 2015-08-16 11:29 - 2015-08-16 12:29 - 09284296 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerInstaller.exe 2015-08-03 13:48 - 2015-08-25 04:52 - 00000000 ____D C:\windows\rescache 2015-08-02 09:29 - 2015-08-02 09:29 - 02232320 _____ C:\windows\system32\config\DEFAULT.rhk 2015-08-02 09:29 - 2015-08-02 09:29 - 00094208 _____ C:\windows\system32\config\SAM.rhk 2015-08-02 09:29 - 2015-08-02 09:29 - 00028672 _____ C:\windows\system32\config\SECURITY.rhk 2015-08-02 09:25 - 2015-08-02 09:29 - 73924608 _____ C:\windows\system32\config\SOFTWARE.rhk 2015-08-01 16:09 - 2015-08-25 06:12 - 01296552 _____ C:\windows\WindowsUpdate.log 2015-08-01 16:08 - 2015-08-01 16:08 - 00133048 _____ C:\Users\Ebling\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-01 16:07 - 2015-08-24 18:04 - 00008348 _____ C:\windows\setupact.log 2015-08-01 16:07 - 2015-08-01 16:07 - 00000000 _____ C:\windows\setuperr.log 2015-08-01 16:06 - 2015-08-23 22:03 - 00007922 _____ C:\windows\PFRO.log 2015-08-01 16:06 - 2015-08-16 18:29 - 00467536 _____ C:\windows\system32\FNTCACHE.DAT 2015-08-01 10:27 - 2015-08-23 22:04 - 00002004 _____ C:\Users\Public\Desktop\Wise Care 365.lnk 2015-08-01 10:27 - 2015-08-23 10:17 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Wise Care 365 2015-08-01 10:27 - 2015-08-01 10:27 - 00013264 _____ (wisecleaner.com) C:\windows\WiseHDInfo32.dll 2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365 2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\Program Files\Wise 2015-08-01 10:23 - 2015-08-01 10:23 - 06043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe 2015-07-28 09:04 - 2015-07-28 09:04 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-07-28 09:04 - 2015-07-28 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-07-28 08:54 - 2015-07-28 08:54 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-25 06:12 - 2012-09-18 23:29 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job 2015-08-25 06:12 - 2010-09-25 11:38 - 00001098 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-25 03:10 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-25 03:10 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-24 23:48 - 2010-09-18 11:50 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForEbling.job 2015-08-24 20:12 - 2012-09-18 23:29 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job 2015-08-24 20:12 - 2010-09-25 11:38 - 00001094 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-24 19:21 - 2014-09-29 22:19 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\HpUpdate 2015-08-24 18:50 - 2010-06-11 20:30 - 01629212 _____ C:\windows\system32\PerfStringBackup.INI 2015-08-24 18:04 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-08-23 23:06 - 2012-09-18 23:36 - 00002362 _____ C:\Users\Ebling\Desktop\Google Chrome.lnk 2015-08-23 22:29 - 2012-08-23 19:54 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2015-08-23 22:10 - 2012-12-27 11:51 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\IObit 2015-08-23 22:10 - 2012-12-27 11:51 - 00000000 ____D C:\ProgramData\IObit 2015-08-23 22:02 - 2015-05-09 09:03 - 00000000 ____D C:\AdwCleaner 2015-08-23 21:59 - 2012-03-11 00:18 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForHP625$.job 2015-08-23 21:52 - 2009-07-14 04:37 - 00000000 ____D C:\windows\LiveKernelReports 2015-08-23 11:11 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default 2015-08-23 11:11 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public 2015-08-23 11:05 - 2009-07-14 04:04 - 00000215 _____ C:\windows\system.ini 2015-08-23 10:52 - 2009-07-14 04:03 - 78118912 _____ C:\windows\system32\config\SOFTWARE.bak 2015-08-23 10:52 - 2009-07-14 04:03 - 40632320 _____ C:\windows\system32\config\COMPON~1.bak 2015-08-23 10:52 - 2009-07-14 04:03 - 27525120 _____ C:\windows\system32\config\SYSTEM.bak 2015-08-23 10:52 - 2009-07-14 04:03 - 02359296 _____ C:\windows\system32\config\DEFAULT.bak 2015-08-23 10:52 - 2009-07-14 04:03 - 00262144 _____ C:\windows\system32\config\SECURITY.bak 2015-08-23 10:52 - 2009-07-14 04:03 - 00094208 _____ C:\windows\system32\config\SAM.bak 2015-08-23 10:00 - 2012-01-03 01:14 - 00000000 ____D C:\Program Files\AntiBrowserSpy 2015-08-23 10:00 - 2010-06-11 20:47 - 00000000 ____D C:\ProgramData\PDFC 2015-08-20 21:30 - 2014-11-11 20:35 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte 2015-08-20 13:50 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-20 13:35 - 2010-09-11 15:51 - 00000000 ____D C:\Users\Ebling 2015-08-20 13:35 - 2010-07-01 15:50 - 00000000 ____D C:\Program Files\Broadcom 2015-08-19 14:10 - 2014-02-02 15:03 - 00000764 _____ C:\NSI_DriverInstall.log 2015-08-19 14:09 - 2012-06-09 22:00 - 00000000 ____D C:\Program Files\Handset WinDriver 2015-08-17 10:32 - 2014-11-07 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2015-08-17 10:18 - 2014-11-07 00:01 - 00000000 ____D C:\Program Files\TomTom HOME 2 2015-08-17 10:15 - 2011-08-13 16:07 - 00000000 ____D C:\Users\Ebling\AppData\Local\Downloaded Installations 2015-08-16 19:29 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET 2015-08-16 18:26 - 2014-12-10 04:15 - 00000000 ____D C:\windows\system32\appraiser 2015-08-16 18:26 - 2014-05-06 21:54 - 00000000 ___SD C:\windows\system32\CompatTel 2015-08-16 18:26 - 2010-06-11 20:42 - 00000000 ____D C:\windows\system32\Drivers\de-DE 2015-08-16 18:26 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\de-DE 2015-08-16 13:53 - 2010-09-11 18:03 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-08-16 13:52 - 2015-04-19 18:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-08-16 13:52 - 2011-05-04 06:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-16 13:47 - 2013-08-15 17:30 - 00000000 ____D C:\windows\system32\MRT 2015-08-16 13:30 - 2010-09-16 19:47 - 129304528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-08-16 12:29 - 2012-05-25 10:47 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2015-08-16 12:29 - 2011-06-04 12:20 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2015-08-01 10:46 - 2010-09-11 18:02 - 00000000 ___RD C:\MSOCache 2015-08-01 10:32 - 2015-03-12 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8 2015-08-01 10:32 - 2014-03-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3 2015-08-01 10:32 - 2012-05-27 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-08-01 10:32 - 2012-03-07 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager 2015-08-01 09:36 - 2013-05-09 22:58 - 00000000 ____D C:\Users\Ebling\AppData\Local\CrashDumps 2015-07-31 18:12 - 2015-03-29 18:16 - 00000400 _____ C:\windows\Tasks\One-Click Optimizer WO11.job 2015-07-29 21:26 - 2014-09-29 22:18 - 00000000 ____D C:\ProgramData\HP 2015-07-29 20:06 - 2010-09-11 15:55 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Hewlett-Packard 2015-07-28 09:04 - 2011-12-01 22:27 - 00000000 ____D C:\Program Files\iTunes 2015-07-28 09:03 - 2012-06-16 13:21 - 00000000 ____D C:\Program Files\iPod 2015-07-28 09:02 - 2015-04-17 16:42 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB 2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\Program Files\QuickTime 2015-07-27 11:02 - 2015-04-23 18:47 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\iFunbox_UserCache 2015-07-26 21:03 - 2015-01-21 23:40 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieBrowserModeList 2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieUserList 2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieSiteList ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-05-09 09:02 - 2015-05-09 09:02 - 2204160 _____ () C:\Program Files\adwcleaner_4.203.exe 2015-05-03 22:35 - 2015-05-03 22:35 - 0891224 _____ (AMD) C:\Program Files\amddriverdownloader.exe 2014-02-27 18:57 - 2013-05-19 17:18 - 13431464 _____ () C:\Program Files\anytrans-setup.exe 2011-04-24 07:47 - 2011-04-24 07:47 - 0620972 _____ () C:\Program Files\Autoruns.zip 2012-07-17 22:53 - 2012-07-17 22:51 - 0883840 _____ () C:\Program Files\Avira-DE-Cleaner.exe 2015-03-06 15:20 - 2015-03-06 15:20 - 2314104 _____ () C:\Program Files\avira_pc_cleaner_de.exe 2013-10-08 13:20 - 2015-07-05 11:04 - 0027155 _____ () C:\Program Files\Changes.txt 2014-06-09 18:25 - 2014-06-09 18:24 - 0277107 _____ () C:\Program Files\clonepartition.rar 2013-05-29 15:04 - 2013-09-09 18:55 - 8334304 _____ (WindSolutions) C:\Program Files\CopyTransManager.exe 2010-08-29 15:08 - 2015-07-05 11:04 - 0000067 _____ () C:\Program Files\Core Temp Gadget & Addons.url 2013-10-08 13:22 - 2015-07-05 11:04 - 0794272 _____ () C:\Program Files\Core Temp.exe 2015-07-05 10:58 - 2015-07-05 10:58 - 0734473 _____ () C:\Program Files\CoreTemp_106.zip 2011-07-22 08:15 - 2011-07-22 08:15 - 0000000 _____ () C:\Program Files\ctapi_out_gr.txt 2011-02-22 13:48 - 2011-02-22 13:48 - 0175007 _____ () C:\Program Files\DirPrintOK292_Installer.zip 2012-05-02 15:44 - 2012-05-02 15:57 - 50449456 _____ (Microsoft Corporation) C:\Program Files\dotNetFx40_Full_x86_x64.exe 2012-07-17 22:06 - 2012-06-05 20:14 - 7207866 _____ (FreeDownloadManager.ORG ) C:\Program Files\fdminst.exe 2011-11-13 16:42 - 2011-11-13 16:45 - 14598944 _____ (Mozilla) C:\Program Files\Firefox Setup 8.0.exe 2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\FirstBackup.spg 2015-05-03 18:51 - 2015-05-03 18:51 - 30650288 _____ (DVDVideoSoft Ltd. ) C:\Program Files\FreeVideoToMP3Converter.exe 2014-02-27 18:57 - 2013-01-11 23:56 - 18291784 _____ (AVM Berlin ) C:\Program Files\FRITZ!fax_3.07.04 (1).exe 2013-01-06 21:34 - 2013-01-06 21:32 - 18291784 ____N (AVM Berlin ) C:\Program Files\FRITZ!fax_3.07.04.exe 2011-11-20 18:38 - 2011-09-08 07:23 - 0148923 _____ () C:\Program Files\FRITZ.Box Fon WLAN 7170 (UI) 29.04.80_08.09.11_0723.export 2012-08-27 20:20 - 2012-08-27 20:27 - 28952353 _____ () C:\Program Files\HiSuiteSetup V1.6.10.08.zip 2015-07-21 18:05 - 2015-07-21 18:05 - 5493352 _____ (Marx Software ) C:\Program Files\IDM05Setup.exe 2015-04-23 18:41 - 2015-04-23 18:41 - 21348024 _____ ( ) C:\Program Files\ifunbox_setup.exe 2014-02-27 18:57 - 2013-09-09 18:46 - 4279392 _____ (WindSolutions) C:\Program Files\Install_CopyTrans_Suite.exe 2014-02-27 18:57 - 2014-02-15 14:36 - 30796712 _____ (Oracle Corporation) C:\Program Files\jre-7u51-windows-x64.exe 2014-02-27 18:57 - 2013-05-08 20:44 - 4894912 _____ (Kaspersky Lab ZAO) C:\Program Files\kavremover.exe 2012-01-05 18:39 - 2013-09-09 18:55 - 0012943 _____ () C:\Program Files\License Agreement.rtf 2010-06-30 18:32 - 2015-07-05 11:04 - 0006594 _____ () C:\Program Files\License.txt 2014-04-18 08:42 - 2014-04-18 08:43 - 28875706 _____ () C:\Program Files\MediathekView_6.zip 2010-09-24 18:34 - 2010-09-24 18:34 - 0002120 _____ () C:\Program Files\mobile 2012-09-02 14:02 - 2012-09-02 14:02 - 0290154 _____ () C:\Program Files\mp3DirectCut2.16.exe 2011-03-06 14:48 - 2011-03-06 14:48 - 0417048 _____ (Yahoo! Inc.) C:\Program Files\msgr10de.exe 2014-04-16 09:26 - 2014-04-16 09:26 - 16587248 _____ (Tracker Software Products Ltd ) C:\Program Files\PDFX142Vwer.exe 2012-12-02 00:54 - 2012-12-02 00:59 - 15271824 _____ (Google Inc.) C:\Program Files\picasa39-setup.exe 2014-02-27 18:57 - 2013-05-20 14:16 - 15102976 _____ (MiniTool Solution Ltd. ) C:\Program Files\pwhe78.exe 2014-06-28 16:18 - 2014-06-28 16:18 - 2617176 _____ (VS Revo Group Ltd.) C:\Program Files\revosetup193.exe 2013-04-19 23:21 - 2013-04-19 23:23 - 6018162 _____ () C:\Program Files\Root_Y200_v5.zip 2013-02-17 17:48 - 2013-02-17 17:48 - 5193621 _____ () C:\Program Files\Samsung-PC-Editor.rar 2013-02-17 17:55 - 2013-02-17 17:55 - 6845297 _____ () C:\Program Files\Samsung_ChannelListPCEditor_1.09.zip 2014-02-27 18:57 - 2014-02-15 21:24 - 3930129 _____ () C:\Program Files\Setup_Migraene-Tagebuch.exe 2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\sg_backup_2010-09-23-2050.spg 2015-07-25 17:20 - 2015-07-25 17:20 - 6962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe 2013-04-20 12:43 - 2013-04-20 12:43 - 0627688 _____ () C:\Program Files\Superuser-3.0.7-efghi-signed.zip 2014-06-09 18:51 - 2014-06-09 18:51 - 0583496 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\tb_free_installer.exe 2010-09-23 20:46 - 2010-09-23 20:46 - 0655360 _____ (Speed Guide Inc.) C:\Program Files\TCPOptimizer.exe 2012-11-17 12:48 - 2012-11-17 12:49 - 3167176 _____ (TeamViewer) C:\Program Files\TeamViewerQS_de.exe 2009-10-20 00:43 - 2009-10-20 00:43 - 0047104 _____ () C:\Program Files\Thumbs.db 2014-11-06 23:57 - 2014-11-06 23:57 - 31119112 _____ () C:\Program Files\TomTomHOME2winlatest.exe 2015-08-01 10:23 - 2015-08-01 10:23 - 6043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe 2014-05-18 20:19 - 2014-05-18 20:19 - 0699943 _____ () C:\Program Files\wmv2-1.9.8.exe 2015-03-29 19:10 - 2015-03-29 19:10 - 0000000 _____ () C:\Users\Ebling\AppData\Roaming\gdfw.log 2015-03-29 19:10 - 2015-03-29 19:10 - 0000779 _____ () C:\Users\Ebling\AppData\Roaming\gdscan.log 2011-02-16 15:58 - 2011-05-21 20:59 - 0001849 _____ () C:\Users\Ebling\AppData\Roaming\GhostObjGAFix.xml 2011-07-02 21:02 - 2011-07-02 21:03 - 0038452 _____ () C:\Users\Ebling\AppData\Roaming\Microsoft Excel 97-2003.ADR 2011-08-13 19:00 - 2012-01-23 20:20 - 0001570 _____ () C:\Users\Ebling\AppData\Roaming\MyMicroBalanceConfig.ini 2012-09-02 14:21 - 2014-07-31 17:27 - 0004608 _____ () C:\Users\Ebling\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-03-06 14:44 - 2011-03-06 14:44 - 0000209 _____ () C:\Users\Ebling\AppData\Local\GLFEDA7.tmp 2014-03-15 10:27 - 2014-03-15 10:27 - 0004096 ____H () C:\Users\Ebling\AppData\Local\keyfile3.drm 2012-03-10 11:45 - 2012-03-10 11:45 - 0000017 _____ () C:\Users\Ebling\AppData\Local\resmon.resmoncfg 2012-11-25 03:31 - 2012-11-25 03:31 - 0017408 _____ () C:\Users\Ebling\AppData\Local\WebpageIcons.db 2014-09-29 22:18 - 2014-09-29 22:18 - 0000057 _____ () C:\ProgramData\Ament.ini 2011-12-24 01:00 - 2011-12-24 01:00 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2011-02-16 13:56 - 2014-06-25 20:24 - 10981376 _____ () C:\ProgramData\sandra.mda 2014-12-26 18:30 - 2014-12-26 18:30 - 0001534 _____ () C:\ProgramData\ss.ini Einige Dateien in TEMP: ==================== C:\Users\Ebling\AppData\Local\temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\windows\explorer.exe => Datei ist digital signiert C:\windows\system32\winlogon.exe => Datei ist digital signiert C:\windows\system32\wininit.exe => Datei ist digital signiert C:\windows\system32\svchost.exe => Datei ist digital signiert C:\windows\system32\services.exe => Datei ist digital signiert C:\windows\system32\User32.dll => Datei ist digital signiert C:\windows\system32\userinit.exe => Datei ist digital signiert C:\windows\system32\rpcss.dll => Datei ist digital signiert C:\windows\system32\dnsapi.dll => Datei ist digital signiert C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-25 04:44 ==================== Ende vom FRST.txt ============================ |
|
25.08.2015, 06:02
| #13 |
| | C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren [CODE]Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:24-08-2015 durchgeführt von Ebling (2015-08-25 06:56:09) Gestartet von C:\Users\Ebling\Desktop Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1320190850-2687297852-4289220983-500 - Administrator - Disabled) DHBW (S-1-5-21-1320190850-2687297852-4289220983-1007 - Limited - Enabled) => C:\Users\DHBW Doris (S-1-5-21-1320190850-2687297852-4289220983-1002 - Limited - Enabled) => C:\Users\Doris Ebling (S-1-5-21-1320190850-2687297852-4289220983-1001 - Administrator - Enabled) => C:\Users\Ebling Gast (S-1-5-21-1320190850-2687297852-4289220983-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1320190850-2687297852-4289220983-1011 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: G Data InternetSecurity CBE (Disabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AS: G Data InternetSecurity CBE (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G Data Personal Firewall (Disabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 1und1 Internet Explorer Add-On (Version: 1.0 - 1&1 Internet AG) Hidden 7-Zip 4.65 (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated) Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit) AntiBrowserSpy (HKLM\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft) Anti-Twin (Installation 12/29/2011) (HKLM\...\Anti-Twin 2011-12-29 18.43.19) (Version: - Joerg Rosenthal, Germany) AnyTrans 3.4.1 (HKLM\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 3.4.1 - iMobie Inc.) Apple Application Support (32-Bit) (HKLM\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG) ATI Catalyst Install Manager (HKLM\...\{992F7E6B-58D4-428A-B574-082C0884423E}) (Version: 3.0.778.0 - ATI Technologies, Inc.) AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version: - AVM Berlin) AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version: - AVM Berlin) AVM FRITZ!Fernzugang (HKLM\...\{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}) (Version: 1.2.3 - AVM Berlin) BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - ) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation) Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation) ccc-core-static (Version: 2011.0316.116.298 - Ihr Firmenname) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP) Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) CloneSpy 2.62 (HKLM\...\CloneSpy) (Version: - CloneSpy) COMPUTERBILD-Abzockschutz (HKLM\...\{6F03FF16-24BF-4887-9EBA-280CF7657A54}) (Version: 1.0.42 - J3S) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Der grandiose Bildverkleinerer 1.7b (HKLM\...\Der grandiose Bildverkleinerer) (Version: 1.7b - ) DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden DirPrintOK (HKLM\...\DirPrintOK) (Version: - ) EaseUS Partition Master 10.5 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS) ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen) Energy Star Digital Logo (HKLM\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) Everything 1.2.1.371 (HKLM\...\Everything) (Version: - ) Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) Free Video Flip and Rotate version 2.1.7.422 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.7.422 - DVDVideoSoft Ltd.) Free Video to MP3 Converter version 5.0.58.415 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.20.1230 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.) FreeRIP MP3 Converter 4.5.3 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.3 - GreenTree Applications SRL) FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin) FRITZ!Box-Fernzugang einrichten (HKLM\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin) G Data InternetSecurity CBE (HKLM\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG) Google Chrome (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google SketchUp 8 (HKLM\...\{15F02176-0D12-4FAF-B2CD-2767C7781427}) (Version: 3.0.4993 - Google, Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden Google+ Auto Backup (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google+ Auto Backup) (Version: 1.0.24.118 - Google, Inc.) GoogleClean (HKLM\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft) Hama Wireless LAN Adapter (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 10.6.0 - Hama) Hama Wireless LAN Adapter (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama) Handset WinDriver 1.02.03.00 (HKLM\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.) HiSuite (HKLM\...\Hi Suite) (Version: 32.610.28.00.06 - Huawei Technologies Co.,Ltd) HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard) HP ESU for Microsoft Windows 7 (HKLM\...\{C2686567-5A9A-4B6D-B965-7A5E26F73A25}) (Version: 1.1.3.1 - Hewlett-Packard Company) HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company) HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet 6500 E710n-z Hilfe (HKLM\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard) HP Setup (HKLM\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company) HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company) HP Software Framework (HKLM\...\{DA200FDD-DE3D-4958-8465-C4FBC869544B}) (Version: 3.5.20.1 - Hewlett-Packard Company) HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company) HP Support Assistant (HKLM\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP User Guides 0190 (HKLM\...\{5B0D9F1A-425E-46C4-B06D-2C0736C1E804}) (Version: 1.00.0000 - Hewlett-Packard) HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.25.0 - Roxio) HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50014.0 - Sonix) HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard) I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iBackupBot 5.2.5 (HKLM\...\iBackupBot) (Version: 5.2.5 - VOWSoft, Ltd.) IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT) iFunbox (v2.95.2610.819), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.95.2610.819 - ) iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.) Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle) JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Licensing Service Install (HKLM\...\{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}) (Version: 2.0.1.181 - Protexis Inc.) Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) MiniTool Partition Wizard Home Edition 7.1 (HKLM\...\{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1) (Version: - MiniTool Solution Ltd.) MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) miTracker 1.1.4 (HKLM\...\miTracker) (Version: 1.1.4 - Vitarsoft Co. Limited.) Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mp3tag v2.53 (HKLM\...\Mp3tag) (Version: v2.53 - Florian Heidenreich) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyMicroBalance (HKLM\...\{1AE1CCB0-DF19-44DF-B8C8-8E259F63B028}) (Version: 2.5.3 - Trusted Bytes Softwareentwicklung e.U.) Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - ) Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions) Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software) Paragon Festplatten Manager™ 2011 Kompakt (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software) PC Connectivity Solution (HKLM\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia) PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.117 - PDF Complete, Inc) PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery) pdfsam (HKLM\...\pdfsam) (Version: 2.2.1 - ) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd) Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev) PhoneClean 2.1.6 (HKLM\...\{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1) (Version: 2.1.6 - iMobie Inc.) PhotoFiltre (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre) (Version: - ) PhotoFiltre Studio X (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre Studio X) (Version: - ) PhotoScape (HKLM\...\PhotoScape) (Version: - ) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) POP and IMAP Troubleshooter (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PopImapTroubleshooter) (Version: 0.1 - Google) QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek) Recuva (HKLM\...\Recuva) (Version: 1.39 - Piriform) Revo Uninstaller 1.93 (HKLM\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group) Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3.56.20 - Roxio) Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version: - ) SiSoftware Sandra Lite 2011.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 17.36.2011.2 - SiSoftware) Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit) SmartTools Office DDE-Fix (HKLM\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing) Snapfish Fotobuch (HKLM\...\Snapfish Fotobuch) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG) Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{F158CFB3-2C04-4138-9556-B9C3D5A89CF4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated) System.Data.SQLite v1.0.81.0 (HKLM\...\{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1) (Version: 1.0.81.0 - System.Data.SQLite Team) TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.13992 - TeamViewer GmbH) TomTom HOME (HKLM\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname) TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Trainingssoftware (HKLM\...\{7C33F907-7A81-48B8-BD2D-D851C5FA9EFC}) (Version: 1.0.0 - IKE Software Solutions) TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation) TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden TuneUp Utilities 2014 (Version: 14.0.1000.275 - TuneUp Software) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN) Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.7 - Hewlett-Packard Company) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom) Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia) Wise Care 365 3.73 (HKLM\...\Wise Care 365_is1) (Version: 3.73 - WiseCleaner.com, Inc.) WMV9/VC-1 Video Playback (Version: 1.0.60316.0158 - ATI Technologies Inc.) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0006F045-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AFACED1-E828-11D1-9187-B532F1E9575D}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{71C3BF7F-682F-4B5E-9E47-5C25D3AC9458}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\windows\system32\urlmon.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{8F170678-2A97-4D59-89A1-7A0A71C1B677}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\windows\system32\actxprxy.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> kein Dateipfad CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> kein Dateipfad ==================== Wiederherstellungspunkte ========================= 23-08-2015 10:24:31 ComboFix created restore point 23-08-2015 22:07:39 JRT Pre-Junkware Removal ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:04 - 2015-08-23 11:05 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01979C6F-F3CD-4ADF-850A-D355D7DBF1E2} - System32\Tasks\{D7B22B5B-FEF4-45DD-BBD7-DDD4B3D3BD98} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -c /x {537BF16E-7412-448C-95D8-846E85A1D817} Task: {07BC50FA-DF6F-41CB-9167-7FC771DE5D0E} - System32\Tasks\{BF456A74-A282-4513-BE6C-DCEC0EDB9173} => pcalua.exe -a "C:\Program Files\SmartTools\SmartTools Office DDE-Fix.exe" -d "C:\Program Files\SmartTools" Task: {0CD0B4DA-4EF0-4CEA-B9E6-E216CF647833} - System32\Tasks\{734BA5A5-D0D3-413C-A06E-1334EA7C253A} => pcalua.exe -a "H:\WISO\Steuersoftware 2015\WISOSteuersoftware2015 (1).exe" -d "H:\WISO\Steuersoftware 2015" Task: {0D0F5B0A-9C80-49E0-ACF1-ED2D99D3963B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {133132F4-A462-4221-9918-D1E109459994} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-13] () Task: {1490F15A-500B-48F8-A1B6-CD708B60A869} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.) Task: {231BF404-97D8-4B25-823E-2EEA520D3319} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {24F1B7B9-C2DA-4872-82DF-78F6957EA702} - System32\Tasks\{EAAA07BA-9CB7-4E2A-B8AB-9B51384CBF79} => pcalua.exe -a C:\windows\IsUn0407.exe -c -f"C:\Program Files\FRITZ!\Uninst.isu" -c"C:\Program Files\FRITZ!\UNINST.DLL" Task: {295090DA-E78F-4DBC-9965-0937ACB7F00F} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files\AntiBrowserSpy\BrowserMask.exe [2014-01-13] () Task: {2A74942C-6BCB-4059-8646-F38427E9E926} - System32\Tasks\Google Updater and Installer => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {314EFBE2-4FB4-4363-BC33-95BD2D0C199D} - System32\Tasks\HPCeeScheduleForEbling => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard) Task: {33EAEE3C-E0B9-46D9-A740-23FBC29BEA0E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {34D6170E-7F66-43DE-92AA-51121A2FB431} - System32\Tasks\One-Click Optimizer WO11 => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe [2015-01-05] (Ashampoo Development GmbH & Co. KG) Task: {47C8A5FF-A6CA-49DB-A739-DD959BC47F21} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard) Task: {640420A2-1CD1-4541-91A8-2D13AEEF61A5} - System32\Tasks\{782CEE39-1246-4CF0-BF80-77CA87BA991F} => pcalua.exe -a H:\InstallTomTomHOME.exe -d H:\ Task: {6DD37970-9D6C-420D-A55B-205B563BB395} - System32\Tasks\{DAD58C6D-7B0D-449A-873D-CA8C01E5FDC1} => C:\Program Files\iMobie\AnyTrans\anytrans-setup.exe [2013-05-19] () Task: {71F4526D-6F16-446D-9F58-81D891E12DCD} - System32\Tasks\{890ED934-859F-4552-B0DC-F478B34CFB2F} => Chrome.exe hxxp://ui.skype.com/ui/0/5.0.0.152/de/go/help.faq.installer?LastError=1603 Task: {80F50AED-FAF1-4F20-94DD-E15F2C60E6E8} - System32\Tasks\{0B46AF53-A2FB-4098-BCB8-5E86A4457EB7} => pcalua.exe -a "C:\Program Files\SmartTools\Office DDE-Fix\uninstall.exe" -d "C:\Program Files\SmartTools\Office DDE-Fix" Task: {80F9E998-4AB6-4377-9B91-521DD6141DE2} - System32\Tasks\{48C16FF1-F5E1-40A1-9BD6-EE8DA774B726} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental) Task: {811A6051-40F0-4085-BB3B-6F577CCA5B7C} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {81A420AF-3DA2-462B-B3D8-796DF4E2C60A} - System32\Tasks\{E508F5B1-0FFE-4648-861C-C3B3A77109F3} => pcalua.exe -a "C:\Program Files\FRITZ!Box\FRITZ!fax_3.07.04.exe" -d "C:\Program Files\FRITZ!Box" Task: {88D05C53-BF29-41FC-8A4F-B8209C8AB5A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {8B11E630-046A-43CF-B73A-930B0CE305C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {8D02AB57-24BF-4370-9117-62250A647186} - System32\Tasks\{CDE98B08-CC91-4969-BD47-3D0DBF714EEF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603 Task: {8E7BDED3-155B-4581-B97D-92DA9F8FE5C5} - System32\Tasks\ASC8_SkipUac_Ebling => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe Task: {8F503074-A26D-4DEC-9EDC-E9416CBF32B6} - System32\Tasks\{48F2F052-31D6-4307-8BA0-EA9DB63FAFAF} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental) Task: {904E8419-36B7-4F8D-B3DF-B43242CE78CB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.) Task: {908D6E9A-4122-418D-AF2A-07C2F1DB3436} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe Task: {921512E0-3959-4FA8-BAA4-AE58DEA62E50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.) Task: {95224B42-2574-4EA7-8C4C-BBA507E88A85} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {95946CEF-BBB5-44EA-B9F7-2B00B060CD98} - System32\Tasks\{40FAF4F9-93F5-4266-B1FF-0D111039189A} => pcalua.exe -a "C:\Program Files\iview430g_setup.exe" -d C:\Users\Ebling\Desktop Task: {9A36F8F5-7717-472E-BCA6-85FC241B45CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd) Task: {9CC38FA3-C263-44D3-9DEC-2D75EFD699BC} - System32\Tasks\{1D954EBB-64CB-4FBA-BF3A-20D806CCF871} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603 Task: {B744F1FB-F29F-464E-AB93-9D81D3D2D28A} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-13] () Task: {C6136B4B-1487-4868-9914-75136056ABD1} - System32\Tasks\{DD71730C-F8FF-4900-86CE-BE6EEDFD9428} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -d C:\windows\system32 -c /x {537BF16E-7412-448C-95D8-846E85A1D817} Task: {CCCDDC80-D966-4940-8B67-4187F134A4A9} - System32\Tasks\HPCeeScheduleForHP625$ => c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard) Task: {CF723268-1BCF-454E-938C-2279828B9184} - System32\Tasks\{6EEE5437-4E2D-40EB-911F-A6C858C971FB} => pcalua.exe -a "C:\Program Files\Google\Picasa3\Uninstall.exe" Task: {D8854C4B-75DA-4B07-BDE5-1424B67FF13C} - System32\Tasks\{E2634312-8A42-4EBF-A6EC-E194A5615141} => pcalua.exe -a "C:\Program Files\FRITZ!fax_3.07.04.exe" -d "C:\Program Files" Task: {DB0E0E0B-036C-440E-8614-02291AC4A684} - System32\Tasks\{16FE68E3-8085-4DE4-BBB7-DB8ED9F20C62} => pcalua.exe -a "C:\Users\Ebling\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLQGS4AV\sp48591[1].exe" -d C:\Users\Ebling\Desktop Task: {DF21E094-5EE5-4916-8AA8-5079BA6F1785} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated) Task: {F037DEC8-361B-43FB-B03E-A9D31575BA3F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation) Task: {F402D984-6BEC-4B64-AA36-D3C005440D04} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {FBCE29B2-17E0-4A73-958C-838E5BBD1E89} - System32\Tasks\{49950F46-4A32-40C2-B8EB-8A7B7344E019} => pcalua.exe -a "D:\1-Wilfried\Nebentätigkeiten\0-Lehrauftrag-Baureferendare\Rheinland-Pfalz\Foliensatz für Baureferendare 2011\iview430g_setup.exe" -d C:\Users\Ebling\Desktop (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\HPCeeScheduleForEbling.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\windows\Tasks\HPCeeScheduleForHP625$.job => c:\program files\hewlett-packard\hp ceement\HPCEE.exe Task: C:\windows\Tasks\One-Click Optimizer WO11.job => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2011-03-04 20:00 - 2001-10-28 17:42 - 00116224 _____ () C:\windows\System32\pdfcmnnt.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-18 14:52 - 2014-09-05 09:40 - 00117280 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe 2015-07-18 14:52 - 2014-09-05 09:40 - 00180768 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe 2011-03-15 13:03 - 2011-03-15 13:03 - 01053848 ____N () C:\Windows\System32\ieconfig_1und1_svc.exe 2013-12-19 04:42 - 2013-12-19 04:42 - 00287864 ____N () C:\Program Files\Common Files\G Data\AVKProxy\PktIcpt2.dll 2015-05-15 19:04 - 2014-01-13 10:08 - 01136640 _____ () C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe 2015-05-15 19:04 - 2014-01-13 10:15 - 00778240 _____ () C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe 2015-05-15 19:04 - 2014-01-13 10:15 - 00823424 _____ () C:\Program Files\AntiBrowserSpy\BrowserMask.exe 2011-02-15 17:38 - 2010-06-14 15:38 - 00984416 _____ () C:\Program Files\Hama\Common\RaWLAPI.dll 2011-03-14 14:20 - 2011-03-14 14:20 - 00098304 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-03-16 01:14 - 2011-03-16 01:14 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll 2015-08-22 11:16 - 2015-08-18 07:23 - 01405768 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\libglesv2.dll 2015-08-22 11:16 - 2015-08-18 07:23 - 00081224 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\libegl.dll 2015-08-22 11:16 - 2015-08-18 07:23 - 16393032 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ibackupbot_setup.exe:BDU AlternateDataStreams: C:\wm2014xxl.exe:BDU AlternateDataStreams: C:\Program Files\avira_pc_cleaner_de.exe:BDU AlternateDataStreams: C:\Program Files\PDFX142Vwer.exe:BDU AlternateDataStreams: C:\Program Files\revosetup193.exe:BDU AlternateDataStreams: C:\Program Files\Setup_Migraene-Tagebuch.exe:BDU AlternateDataStreams: C:\Program Files\tb_free_installer.exe:BDU AlternateDataStreams: C:\Program Files\TomTomHOME2winlatest.exe:BDU AlternateDataStreams: C:\Program Files\wmv2-1.9.8.exe:BDU AlternateDataStreams: C:\windows\system32\atibtmon.exe:AGC AlternateDataStreams: C:\Users\Ebling\OJ6500_E710n-z_1315-1.exe:BDU ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com Da befinden sich 4789 mehr eingeschränkte Seiten. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.5 BD Edition.lnk => C:\windows\pss\PHOTOfunSTUDIO 6.5 BD Edition.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk => C:\windows\pss\Scanner Finder.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TraXEx PC-Putzer.lnk => C:\windows\pss\TraXEx PC-Putzer.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Ebling^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\windows\pss\Persbackup.lnk.Startup MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe MSCONFIG\startupreg: estar => C:\System.Sav\Util\HideDOS.EXE C:\System.Sav\util\estartwk\twk7.bat MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden MSCONFIG\startupreg: iFunBox Fast App Install Handler => C:\Program Files\i-Funbox DevTeam\iFunBox.exe /tray MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: miTracker => C:\Program Files\miTracker\miTracker.exe MSCONFIG\startupreg: Mobile Partner => C:\Program Files\HiSuite\HiSuite.exe -s MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: UM => C:\Users\Ebling\AppData\Roaming\Update Manager\UM.EXE ==================== FirewallRules (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{1FB21EF4-B2D9-46D3-9143-81A824193170}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe FirewallRules: [{DA70798B-6C74-4314-9E85-0AD7EA3FFA4D}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe FirewallRules: [{D398DBA3-5B1A-4115-A443-1555995590FA}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe FirewallRules: [{C6E9E309-E04A-4465-AB54-A8C3BBD0D257}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe FirewallRules: [{34A2C04A-52FD-4633-B7BB-E7E8B7B8E06E}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe FirewallRules: [{35F1465C-4094-4338-B217-7DE418ECC2AA}] => (Allow) G:\fsetup.exe FirewallRules: [{0771C26A-3465-4A63-A3FB-5DEB25174563}] => (Allow) G:\fsetup.exe FirewallRules: [{9C8EEAC4-C79E-4645-A345-338396030737}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe FirewallRules: [{D194DF3A-FFF0-4543-8EE4-2AF55A8E73F5}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe FirewallRules: [{9AA67938-324E-4F9A-A3FD-09CE569F0070}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe FirewallRules: [{7BA68422-AA22-4466-857F-D9E00534E399}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe FirewallRules: [{70A20D15-4578-458B-B6F1-133FB02F5710}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F5E420C5-9698-499C-B6CF-25C51A6B905A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{023C21EE-16A0-4373-9E02-AE44FC9F9843}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{F2DE679E-9EA9-4C6F-B596-E6E80E9394BA}] => (Allow) C:\Windows\System32\msiexec.exe FirewallRules: [{796FA458-B5B4-4C0D-913E-C5CDA12E37BC}] => (Allow) C:\Windows\System32\msiexec.exe FirewallRules: [{912DA99B-4816-4BFF-9B2E-C88D8EFB0407}] => (Allow) C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{C23F3B2D-F668-4510-ABC5-3AD89244CC22}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{98BA9B42-D287-4D0B-9C3A-D7200D181C49}] => (Allow) LPort=2869 FirewallRules: [{BAA9DC4F-E2C2-45A1-83FE-9E71AF8AD65D}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{85D82E3B-5F42-4FE2-8993-64F99282E680}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe FirewallRules: [UDP Query User{C35FA939-86A0-4E6B-9AAF-B4DCD5E7102C}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe FirewallRules: [{3A9FC52B-A777-4ABC-ABAF-DF0880AD4A4E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe FirewallRules: [{257885B6-6087-4E56-861F-72F48D255233}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe FirewallRules: [{7D264A39-5051-4918-A99E-F3EBE90AD86F}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe FirewallRules: [{F428979F-E951-4291-A592-369F7760DF42}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe FirewallRules: [{4DA75E71-DD81-4198-B34A-64F14B9DA25E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe FirewallRules: [{9033FD3A-8909-4C19-8130-4AF6CB8A2296}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{E45CB4B1-E05C-4C78-9A1A-4B5AA6D03B9C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\RpcSandraSrv.exe FirewallRules: [{27FF653E-2A0D-4C5D-8401-30DB0FB5BB27}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe FirewallRules: [{B7891E7C-022C-47E0-AA42-FACA7E4B6B2E}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe FirewallRules: [{4FFA83CB-C837-4B93-87FC-FE0FDAE91AC6}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{DBBF42D8-C004-414B-B6D5-6819FC95219F}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe FirewallRules: [UDP Query User{180E934D-78A8-4E31-BA12-CAE8FEF7D41D}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/25/2015 03:14:19 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm SoftwareUpdate.exe, Version 2.1.3.127 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: fac Startzeit: 01d0deac169c70a2 Endzeit: 249 Anwendungspfad: C:\Program Files\Apple Software Update\SoftwareUpdate.exe Berichts-ID: 85c62676-4ac6-11e5-a630-70f39553e7b7 Error: (08/24/2015 06:16:02 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT) Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\. Error: (08/24/2015 06:16:02 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT) Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\. Error: (08/22/2015 03:41:40 PM) (Source: Outlook) (EventID: 35) (User: ) Description: Fehler beim Bestimmen, ob sich der Speicher im Crawlbereich befindet (Fehler=0x80010108). Error: (08/22/2015 03:41:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm SnippingTool.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1bcc Startzeit: 01d0dcbae9081514 Endzeit: 312 Anwendungspfad: C:\windows\system32\SnippingTool.exe Berichts-ID: 71b49f35-48d3-11e5-b821-70f39553e7b7 Error: (08/16/2015 09:34:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14043.574, Zeitstempel: 0x52fb3224 Name des fehlerhaften Moduls: avkhttp.dll, Version: 25.0.14079.176, Zeitstempel: 0x532a4adc Ausnahmecode: 0xc0000417 Fehleroffset: 0x0008cf92 ID des fehlerhaften Prozesses: 0x140 Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0 Pfad der fehlerhaften Anwendung: AVKProxy.exe1 Pfad des fehlerhaften Moduls: AVKProxy.exe2 Berichtskennung: AVKProxy.exe3 Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT) Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\. Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT) Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\. Error: (08/16/2015 01:27:12 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Kontext: Anwendung, SystemIndex Katalog Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT) Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\. Systemfehler: ============= Error: (08/24/2015 06:46:58 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: Auf dem Volume "S:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten. Error: (08/24/2015 06:04:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/23/2015 11:06:08 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/23/2015 10:16:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/23/2015 10:15:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\windows\System32\bcmihvsrv.dll Error: (08/23/2015 10:15:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\windows\System32\bcmihvsrv.dll Error: (08/23/2015 10:15:48 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Der Dienst G Data Personal Firewall konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error: (08/23/2015 10:15:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\windows\System32\bcmihvsrv.dll Error: (08/23/2015 10:09:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "HP Wireless Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/23/2015 10:09:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office: ========================= Error: (06/27/2015 03:38:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2068 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/02/2015 12:31:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2364 seconds with 2160 seconds of active time. This session ended with a crash. Error: (12/07/2014 01:12:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8854 seconds with 1680 seconds of active time. This session ended with a crash. Error: (11/06/2014 10:05:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 669 seconds with 0 seconds of active time. This session ended with a crash. Error: (10/18/2014 11:01:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47515 seconds with 18060 seconds of active time. This session ended with a crash. Error: (10/06/2014 10:23:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19835 seconds with 5880 seconds of active time. This session ended with a crash. Error: (07/28/2014 04:11:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29534 seconds with 16380 seconds of active time. This session ended with a crash. Error: (07/07/2014 08:46:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7323 seconds with 2940 seconds of active time. This session ended with a crash. Error: (05/24/2014 11:03:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1296 seconds with 360 seconds of active time. This session ended with a crash. Error: (03/15/2014 09:57:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7475 seconds with 300 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: AMD Athlon(tm) II P320 Dual-Core Processor Prozentuale Nutzung des RAM: 47% Installierter physikalischer RAM: 2812.56 MB Verfügbarer physikalischer RAM: 1474.49 MB Summe virtueller Speicher: 5923.43 MB Verfügbarer virtueller Speicher: 3397.91 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:72.29 GB) (Free:1.93 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)] Drive d: (Daten) (Fixed) (Total:137 GB) (Free:11.48 GB) NTFS Drive e: (Nebentätigkeit) (Fixed) (Total:71.5 GB) (Free:12.84 GB) NTFS Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32 Drive g: (SH_SICHERHEIT2015) (CDROM) (Total:5.26 GB) (Free:0 GB) UDF Drive k: (Alice) (Fixed) (Total:140.39 GB) (Free:136.15 GB) NTFS Drive l: (Doris) (Fixed) (Total:140.34 GB) (Free:135.54 GB) NTFS Drive m: (Medien) (Fixed) (Total:1002.22 GB) (Free:573.51 GB) NTFS Drive n: (Nicolas) (Fixed) (Total:290.12 GB) (Free:223.53 GB) NTFS Drive o: (Wilfried) (Fixed) (Total:289.95 GB) (Free:235.65 GB) NTFS Drive s: (Spiegel HP625-C) (Fixed) (Total:74.79 GB) (Free:0 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)] Drive u: (Datensicherung) (Fixed) (Total:856.72 GB) (Free:294.17 GB) NTFS Drive w: (EBLING-ExtFP) (Fixed) (Total:135.02 GB) (Free:4.06 GB) NTFS Drive x: (Alice-ExtFP) (Fixed) (Total:89.25 GB) (Free:12.09 GB) NTFS Drive y: (Nicolas-ExtFP) (Fixed) (Total:134.62 GB) (Free:16.54 GB) NTFS Drive z: (Medien-ExtFP) (Fixed) (Total:572.62 GB) (Free:144.52 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 57E5C010) Partition 1: (Not Active) - (Size=993 KB) - (Type=42) Partition 2: (Active) - (Size=300 MB) - (Type=42) Partition 3: (Not Active) - (Size=72.3 GB) - (Type=42) Partition 4: (Not Active) - (Size=225.5 GB) - (Type=42) ======================================================== Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 1612BA47) Partition 1: (Not Active) - (Size=74.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=856.7 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 000DEB38) Partition 1: (Active) - (Size=135 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=134.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=89.2 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=572.6 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 1863 GB) (Disk ID: 0A0BD758) Partition 1: (Active) - (Size=140.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1722.6 GB) - (Type=OF Extended) ==================== Ende vom FRST.txt ============================[CODE] |
|
25.08.2015, 10:47
| #14 |
| /// the machine /// TB-Ausbilder | C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren Java und Adobe updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Program Files\PDFCreator\PDFCreator-1_2_3_setup.exe
C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
C:\Users\Ebling\Desktop\wzmp_10.exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren |
| appdata, bildschirm, bli, blink, blinkt, ebook, fenster, folge, folgendes, guten, handel, hinweis, hochfahren, notebook, roaming, stelle, tagen, users, users\name\appdata\roaming\update-1\um.exe, windows, windows 7, wissen, würde, zusammen, öffnet |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
