Ständig erscheint Werbung im neuen Fenster

saaabsn · 05.10.2015, 15:06

Hallo =)
ich habe folgendes Problem. Bei mir öffnet ich ständig und in unregelmäßigen Abständen Werbung. Das nervt total. Ich kenne mich da jetzt null aus, hab halt einfach mal alle Browserdaten gelöscht und auch Google Chrome deinstalliert, da ich hauptsächlich mit dem Browser surfe.
Ein Logfile hab ich gemacht, so wie es beschrieben wurde. Ich hoffe es passt:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:00:40, on 05.10.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Users\sabsn2\AppData\Roaming\PolarisOfficeLink\POLink.exe
C:\Users\sabsn2\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Users\sabsn2\AppData\Roaming\PolarisOfficeLink\POLinkSync.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\Installer\chrmstp.exe
C:\Users\sabsn2\Downloads\HijackThis_2.0.5.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - mscoree.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\sabsn2\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\sabsn2\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Polaris Office Sync] C:\Users\sabsn2\AppData\Roaming\PolarisOfficeLink\POLinkLauncher.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\sabsn2\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-3540 Series"
O4 - Startup: Dropbox.lnk = sabsn2\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: WebBrowserMixVideoPlayer.lnk = C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe
O8 - Extra context menu item: &Citavi Picker... - file://C:\Program Files (x86)\Internet Explorer\Citavi Picker\ShowContextMenu.html
O8 - Extra context menu item: An OneNote s&enden - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @oem47.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Pine Tree - Unknown owner - C:\Program Files (x86)\Pine Tree\updatePineTree.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12436 bytes

Ich würde mich seeeehr über eure Hilfe freuen.

Viele Grüße
saaabsn

Deathkid535 · 05.10.2015, 15:14

Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen.

Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst.

Ich bedanke mich für deine Geduld

HJT ist veraltet, ich brauch FRST bitte

Schritt # 1: FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt # 2: Bitte Posten

Die FRST.txt
Die Addition.txt

Deathkid535 · 05.10.2015, 15:15

Ich war schneller

saaabsn · 05.10.2015, 15:24

Wow, vielen Dank für die super schnelle Antwort =)
Okay, hab ich gemacht. also einmal FRST.txt:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
durchgeführt von sabrina (Administrator) auf IDEA-PC (05-10-2015 16:19:47)
Gestartet von C:\Users\sabsn2\Downloads
Geladene Profile: sabrina (Verfügbare Profile: UpdatusUser & sabrina)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(MyBrowser 1.0.2V04.10) C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-6.exe
(MyBrowser 1.0.2V04.10) C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-1-6.exe
(MyBrowser 1.0.2V04.10) C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-10.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Infraware) C:\Users\sabsn2\AppData\Roaming\PolarisOfficeLink\POLink.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJHE.EXE
() C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe
(Dropbox, Inc.) C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Infraware) C:\Users\sabsn2\AppData\Roaming\PolarisOfficeLink\POLinkSync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\Installer\chrmstp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-10-13] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-10-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-10-01] (AVAST Software)
HKLM-x32\...\Run: [gmsd_de_004010105] => [X]
HKLM-x32\...\Run: [rec_en_77] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Run: [Facebook Update] => C:\Users\sabsn2\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-02] (Facebook Inc.)
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Run: [Dropbox Update] => C:\Users\sabsn2\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Run: [Polaris Office Sync] => C:\Users\sabsn2\AppData\Roaming\PolarisOfficeLink\POLinkLauncher.exe [805112 2015-08-21] (Infraware)
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE [283232 2015-01-19] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ 0POLinkIconDone] -> {4931EE43-90CB-4D46-A50F-474D7C5D97BE} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 1POLinkIconFailed] -> {828F1FF1-021C-4EC0-A4F8-B1BFF6390DD3} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 2POLinkIconIng] -> {8AE3CBEA-8E21-4883-BFD0-925F5513F190} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 3POLinkIconProhibited] -> {DED0F1AF-0505-4FB7-83AA-C2E51FA0721F} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-01] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk [2015-10-04]
ShortcutTarget: WebBrowserMixVideoPlayer.lnk -> C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe ()
Startup: C:\Users\sabsn2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{24c91061-0d0e-40ea-8c00-ab0d4c31f623}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{bf4280c7-ab38-45e7-87a3-0aa945d5bb20}: [DhcpNameServer] 192.168.100.254

Internet Explorer:
==================
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002 -> DefaultScope {DB3AE123-9657-4070-8E58-0C6F45B51DF5} URL = 
SearchScopes: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002 -> {DB3AE123-9657-4070-8E58-0C6F45B51DF5} URL = 
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-01] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\SysWOW64\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-01] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Keine Datei]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3210108916-3864258014-2341951935-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\sabsn2\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3210108916-3864258014-2341951935-1002: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-05]
CHR Extension: (Google Docs) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-05]
CHR Extension: (Google Drive) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-05]
CHR Extension: (YouTube) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Google-Suche) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-05]
CHR Extension: (avast! SafePrice) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-10-05]
CHR Extension: (Google Tabellen) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-05]
CHR Extension: (Google Docs Offline) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-05]
CHR Extension: (Avast Online Security) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-10-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-05]
CHR Extension: (Citavi Picker) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2015-10-05]
CHR Extension: (Google Mail) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-01] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-10-01] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135072 2015-08-20] (ELAN Microelectronics Corp.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 Update Pine Tree; "C:\Program Files (x86)\Pine Tree\updatePineTree.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-01] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-10-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-01] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-01] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 ppfd_vw_1_10_0_24; C:\Windows\System32\drivers\ppfd_vw_1_10_0_24.sys [57744 2015-09-02] (PhraseProfessor)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R1 {814b70f2-89de-4982-b4fb-8ca0819c757d}Gw64; C:\Windows\System32\drivers\{814b70f2-89de-4982-b4fb-8ca0819c757d}Gw64.sys [48776 2015-10-04] (StdLib)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 16:19 - 2015-10-05 16:20 - 00024155 _____ C:\Users\sabsn2\Downloads\FRST.txt
2015-10-05 16:19 - 2015-10-05 16:19 - 02193920 _____ (Farbar) C:\Users\sabsn2\Downloads\FRST64.exe
2015-10-05 16:19 - 2015-10-05 16:19 - 00000000 ____D C:\FRST
2015-10-05 16:18 - 2015-10-05 16:18 - 01697792 _____ (Farbar) C:\Users\sabsn2\Downloads\FRST.exe
2015-10-05 16:00 - 2015-10-05 16:00 - 00012438 _____ C:\Users\sabsn2\Documents\hijackthis.log
2015-10-05 15:57 - 2015-10-05 15:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\sabsn2\Downloads\HijackThis_2.0.5.exe
2015-10-05 15:46 - 2015-10-05 15:46 - 00002571 _____ C:\Users\sabsn2\Desktop\Reimage2.lnk
2015-10-05 15:46 - 2015-10-05 15:46 - 00002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-05 15:46 - 2015-10-05 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-05 15:45 - 2015-10-05 15:50 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-05 15:45 - 2015-10-05 15:50 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-05 15:45 - 2015-10-05 15:45 - 00929872 _____ (Google Inc.) C:\Users\sabsn2\Downloads\ChromeSetup.exe
2015-10-05 15:45 - 2015-10-05 15:45 - 00004186 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-05 15:45 - 2015-10-05 15:45 - 00003954 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-05 15:44 - 2015-10-05 15:44 - 00002038 _____ C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-10-05 15:44 - 2015-10-05 15:44 - 00001978 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-10-05 15:44 - 2015-10-05 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-05 15:41 - 2015-10-01 23:32 - 00448968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7447.tmp
2015-10-05 15:41 - 2015-10-01 23:32 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-10-05 15:41 - 2015-10-01 23:32 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7448.tmp
2015-10-05 15:41 - 2015-10-01 23:32 - 00153744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7449.tmp
2015-10-05 15:41 - 2015-10-01 23:32 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7424.tmp
2015-10-05 15:41 - 2015-10-01 23:32 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7436.tmp
2015-10-05 15:41 - 2015-10-01 23:32 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7437.tmp
2015-10-05 15:41 - 2015-10-01 23:32 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7435.tmp
2015-10-05 15:41 - 2015-10-01 23:30 - 01049880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7423.tmp
2015-10-05 15:41 - 2015-10-01 23:30 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7412.tmp
2015-10-05 15:38 - 2015-10-05 15:38 - 05656224 _____ (AVAST Software) C:\Users\sabsn2\Downloads\avast_internet_security_setup_online.exe
2015-10-05 15:17 - 2015-10-05 15:17 - 00016148 _____ C:\WINDOWS\system32\IDEA-PC_sabrina_HistoryPrediction.bin
2015-10-05 14:53 - 2015-10-05 14:53 - 00003350 _____ C:\WINDOWS\System32\Tasks\{64D3BB65-D716-488F-AA7E-AE28D09AD7A9}
2015-10-05 14:38 - 2015-10-05 14:38 - 00003386 _____ C:\WINDOWS\System32\Tasks\{380D76D0-3C40-4CDD-A6C1-97DCD41DBCC2}
2015-10-05 14:35 - 2015-10-05 14:35 - 00000008 _____ C:\END
2015-10-05 14:30 - 2015-10-05 14:30 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-10-05 14:30 - 2015-09-15 05:31 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-05 14:30 - 2015-09-15 05:31 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-05 14:24 - 2015-10-05 14:24 - 00004352 _____ C:\WINDOWS\System32\Tasks\PhraseProfessor Auto Updater 1.10.0.24 Pending Update
2015-10-05 14:24 - 2015-10-05 14:24 - 00004320 _____ C:\WINDOWS\System32\Tasks\PhraseProfessor Auto Updater 1.10.0.24 Core
2015-10-05 14:23 - 2015-10-05 14:23 - 00000000 ____D C:\Program Files (x86)\predm
2015-10-04 19:22 - 2015-10-04 19:26 - 00000000 _____ C:\WINDOWS\lhe.exe
2015-10-04 19:12 - 2015-10-04 19:31 - 00000000 _____ C:\WINDOWS\mlhe.exe
2015-10-04 18:31 - 2015-10-04 18:31 - 00631808 _____ C:\WINDOWS\lhe.dat
2015-10-04 18:24 - 2015-10-05 15:18 - 00001038 _____ C:\WINDOWS\Tasks\NU0TOMlbp7jjX1EL8Y2A6I.job
2015-10-04 18:24 - 2015-10-04 18:24 - 00004188 _____ C:\WINDOWS\System32\Tasks\NU0TOMlbp7jjX1EL8Y2A6I
2015-10-04 18:24 - 2015-10-04 18:24 - 00000000 ____D C:\Users\sabsn2\AppData\Local\com
2015-10-04 18:23 - 2015-10-05 15:23 - 00005538 _____ C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-6.job
2015-10-04 18:23 - 2015-10-05 15:23 - 00003158 _____ C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-6.job
2015-10-04 18:23 - 2015-10-05 15:23 - 00002132 _____ C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-10_user.job
2015-10-04 18:23 - 2015-10-05 15:18 - 00004178 _____ C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-3.job
2015-10-04 18:23 - 2015-10-05 15:18 - 00002466 _____ C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-5_user.job
2015-10-04 18:23 - 2015-10-05 15:18 - 00002466 _____ C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-5.job
2015-10-04 18:23 - 2015-10-05 15:17 - 00005202 _____ C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-7.job
2015-10-04 18:23 - 2015-10-05 15:17 - 00003158 _____ C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-7.job
2015-10-04 18:23 - 2015-10-05 15:17 - 00001014 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-10-04 18:23 - 2015-10-05 15:17 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-04 18:23 - 2015-10-05 14:54 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-10-04 18:23 - 2015-10-04 18:28 - 00001018 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-10-04 18:23 - 2015-10-04 18:24 - 00000000 ____D C:\Program Files (x86)\MyBrowser 1.0.2V04.10
2015-10-04 18:23 - 2015-10-04 18:23 - 00008654 _____ C:\WINDOWS\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-6
2015-10-04 18:23 - 2015-10-04 18:23 - 00008318 _____ C:\WINDOWS\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-7
2015-10-04 18:23 - 2015-10-04 18:23 - 00007294 _____ C:\WINDOWS\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-3
2015-10-04 18:23 - 2015-10-04 18:23 - 00006278 _____ C:\WINDOWS\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-7
2015-10-04 18:23 - 2015-10-04 18:23 - 00006278 _____ C:\WINDOWS\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-6
2015-10-04 18:23 - 2015-10-04 18:23 - 00005582 _____ C:\WINDOWS\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-5
2015-10-04 18:23 - 2015-10-04 18:23 - 00004088 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-10-04 18:23 - 2015-10-04 18:23 - 00003856 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-10-04 18:23 - 2015-10-04 18:23 - 00000000 ____D C:\Users\sabsn2\AppData\Local\globalUpdate
2015-10-04 18:23 - 2015-10-04 18:23 - 00000000 ____D C:\Program Files (x86)\dd360bc6-2e37-447d-98fa-b8d0040286e1
2015-10-04 18:23 - 2015-10-04 04:43 - 00048776 _____ (StdLib) C:\WINDOWS\system32\Drivers\{814b70f2-89de-4982-b4fb-8ca0819c757d}Gw64.sys
2015-10-04 18:22 - 2015-10-04 18:22 - 00003188 _____ C:\WINDOWS\System32\Tasks\MixVideoPlayer Update
2015-10-04 18:22 - 2015-10-04 18:22 - 00000000 ____D C:\Users\sabsn2\AppData\Local\mixvideoplayer
2015-10-04 18:22 - 2015-10-04 18:22 - 00000000 ____D C:\Users\sabsn2\AppData\Local\BrowserWeb
2015-10-04 18:22 - 2015-10-04 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer
2015-10-04 18:21 - 2015-10-05 14:43 - 00000000 ____D C:\Program Files (x86)\Pine Tree
2015-10-04 18:21 - 2015-10-04 18:22 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer
2015-10-04 18:20 - 2015-10-04 18:20 - 00654795 _____ C:\Users\sabsn2\Downloads\Setup.zip
2015-10-04 18:00 - 2015-10-04 18:00 - 00000000 ____D C:\Users\sabsn2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-02 00:13 - 2015-10-02 00:13 - 00001833 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-02 00:13 - 2015-10-02 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-02 00:12 - 2015-10-02 00:13 - 00000000 ____D C:\Program Files\iTunes
2015-10-02 00:12 - 2015-10-02 00:12 - 00000000 ____D C:\Program Files\iPod
2015-10-02 00:12 - 2015-10-02 00:12 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-02 00:10 - 2015-10-02 00:10 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-10-02 00:10 - 2015-10-02 00:10 - 00000000 ____D C:\Program Files\Bonjour
2015-10-02 00:10 - 2015-10-02 00:10 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-10-02 00:10 - 2015-10-02 00:10 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-10-01 23:57 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 23:57 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 23:57 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 23:57 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 23:57 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 23:57 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 23:57 - 2015-09-17 08:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 23:57 - 2015-09-17 08:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 23:57 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 23:57 - 2015-09-17 08:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-01 23:57 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 23:57 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 23:57 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 23:57 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 23:57 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-01 23:57 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 23:57 - 2015-09-17 07:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 23:57 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-01 23:57 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 23:57 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-01 23:57 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 23:57 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-01 23:56 - 2015-09-25 02:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 23:56 - 2015-09-25 02:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 23:56 - 2015-09-25 02:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 23:56 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-01 23:56 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-01 23:56 - 2015-09-25 01:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 23:56 - 2015-09-25 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 23:56 - 2015-09-25 01:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-01 23:56 - 2015-09-25 01:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 23:56 - 2015-09-25 01:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-01 23:56 - 2015-09-25 01:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 23:56 - 2015-09-25 01:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-01 23:56 - 2015-09-25 01:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 23:56 - 2015-09-25 01:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-01 23:56 - 2015-09-25 01:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 23:56 - 2015-09-25 01:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-01 23:56 - 2015-09-25 01:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 23:56 - 2015-09-25 01:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-01 23:56 - 2015-09-25 01:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 23:56 - 2015-09-25 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 23:56 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-01 23:56 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-01 23:56 - 2015-09-25 00:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 23:56 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-01 23:56 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-01 23:56 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-01 23:56 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-01 23:56 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-01 23:56 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-01 23:56 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-01 23:56 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 23:56 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 23:56 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 23:56 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 23:56 - 2015-09-17 08:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 23:56 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 23:56 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 23:56 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 23:56 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 23:56 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 23:56 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 23:56 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 23:56 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 23:56 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 23:56 - 2015-09-17 08:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 23:56 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 23:56 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 23:56 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 23:56 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 23:56 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 23:56 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 23:56 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 23:56 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 23:56 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 23:56 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 23:56 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 23:56 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 23:56 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 23:56 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 23:56 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 23:56 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 23:56 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 23:56 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 23:56 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 23:56 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 23:56 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 23:56 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 23:56 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 23:56 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 23:56 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 23:56 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 23:56 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 23:56 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 23:56 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 23:56 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 23:56 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 23:56 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 23:56 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 23:56 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 23:56 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 23:56 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 23:56 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 23:56 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 23:56 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 23:56 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 23:56 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 23:56 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 23:56 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 23:56 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 23:56 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 23:56 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 23:56 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 23:56 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 23:56 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 23:56 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 23:56 - 2015-09-17 07:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-10-01 23:56 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 23:56 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 23:56 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 23:56 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 23:56 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 23:56 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 23:56 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 23:56 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 23:56 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 23:56 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 23:56 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 23:56 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 23:56 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 23:56 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 23:56 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 23:56 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 23:56 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 23:56 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 23:56 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 23:56 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 23:56 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 23:56 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 23:56 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 23:56 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 23:56 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 23:56 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 23:56 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 23:56 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 23:56 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 23:56 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 23:56 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 23:56 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 23:56 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-01 23:56 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-01 23:56 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 23:56 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 23:56 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 23:56 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 23:56 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 23:56 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 23:56 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 23:56 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 23:56 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 23:56 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 23:56 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 23:56 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 23:56 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 23:56 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 23:32 - 2015-10-01 23:32 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-10-01 23:28 - 2015-10-01 23:28 - 00454528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-09-16 21:39 - 2015-09-16 21:39 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-09-16 21:22 - 2015-09-16 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2015-09-16 21:21 - 2015-04-18 10:26 - 00427224 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2015-09-16 21:21 - 2014-11-26 11:01 - 00004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.dat
2015-09-16 21:19 - 2015-10-05 15:15 - 00232572 _____ C:\Users\Public\CAFADEBUG.log
2015-09-16 21:19 - 2015-09-16 21:19 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2015-09-16 21:16 - 2015-09-16 21:16 - 07231400 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 03153264 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64A96.DLL
2015-09-16 21:16 - 2015-09-16 21:16 - 01991784 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 01052208 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64BP16.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 00431048 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CSpkExt64.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 00340656 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 00283928 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 00151791 _____ C:\WINDOWS\system32\Drivers\DS1Parm.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00071024 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxPageMaster64.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 00014718 _____ C:\WINDOWS\system32\Drivers\MicGain.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00011842 _____ C:\WINDOWS\system32\Drivers\EdgeEQ.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00010107 _____ C:\WINDOWS\system32\Drivers\MicEQ.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00008269 _____ C:\WINDOWS\system32\Drivers\AFA.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00006520 _____ C:\WINDOWS\system32\Drivers\ISAPSII.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00006312 _____ C:\WINDOWS\system32\Drivers\FXMisc.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00003657 _____ C:\WINDOWS\system32\Drivers\BIT_CLK.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00003027 _____ C:\WINDOWS\system32\Drivers\SPKVol.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00002171 _____ C:\WINDOWS\system32\Drivers\OrVerbs.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00001816 _____ C:\WINDOWS\system32\Drivers\ALTMIXER.INI
2015-09-16 21:13 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-16 21:13 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-16 21:13 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-16 21:12 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-16 21:12 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-16 21:12 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-16 21:12 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-16 21:12 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-16 21:12 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-16 21:12 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-16 21:12 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-16 21:12 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-16 21:12 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-16 21:12 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-16 21:12 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-16 21:12 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-16 21:12 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-16 21:12 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-16 21:12 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-16 21:12 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-16 21:12 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-16 21:12 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-16 21:12 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-16 21:12 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 16:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-05 15:58 - 2013-01-05 14:44 - 00000000 ____D C:\Users\sabsn2\AppData\Local\VirtualStore
2015-10-05 15:46 - 2013-01-05 17:27 - 00000000 ____D C:\Users\sabsn2\AppData\Local\Google
2015-10-05 15:46 - 2013-01-05 17:27 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-05 15:42 - 2013-07-31 20:08 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-10-05 15:32 - 2015-04-29 16:35 - 00000000 ____D C:\Users\sabsn2\AppData\Roaming\PolarisOfficeLink
2015-10-05 15:24 - 2015-08-17 05:47 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-05 15:24 - 2015-07-10 18:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-05 15:24 - 2015-07-10 18:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-05 15:22 - 2015-06-13 11:11 - 00001246 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA.job
2015-10-05 15:22 - 2015-04-29 16:36 - 00000000 ___RD C:\Users\sabsn2\Documents\Polaris Office
2015-10-05 15:22 - 2014-07-13 12:09 - 00000000 ___RD C:\Users\sabsn2\Dropbox
2015-10-05 15:22 - 2014-07-13 12:04 - 00000000 ____D C:\Users\sabsn2\AppData\Roaming\Dropbox
2015-10-05 15:18 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-05 15:18 - 2014-04-09 20:12 - 00000000 ____D C:\Users\sabsn2\AppData\Local\HTC MediaHub
2015-10-05 15:17 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-05 15:16 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-05 14:43 - 2015-08-17 05:12 - 00042142 _____ C:\WINDOWS\PFRO.log
2015-10-05 14:33 - 2012-07-26 07:26 - 00000218 _____ C:\WINDOWS\win.ini
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-05 14:22 - 2014-01-02 21:17 - 00000948 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA.job
2015-10-05 14:21 - 2014-02-15 21:46 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DBB5FBF8-2C7F-4F39-816B-FBC61A5C4C86}
2015-10-04 20:22 - 2014-01-02 21:17 - 00000926 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002Core.job
2015-10-04 19:23 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-10-04 18:27 - 2015-08-22 11:25 - 00000000 ____D C:\Users\sabsn2\AppData\Local\MicrosoftEdge
2015-10-04 18:23 - 2012-10-13 16:50 - 00000000 ____D C:\Program Files (x86)\Amazon
2015-10-04 18:17 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-04 18:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-04 17:55 - 2015-07-11 18:16 - 00000000 ____D C:\ProgramData\EPSON
2015-10-04 17:54 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-04 16:36 - 2015-07-10 14:20 - 00028885 _____ C:\WINDOWS\setupact.log
2015-10-02 00:12 - 2013-01-05 19:11 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-02 00:10 - 2013-01-05 19:12 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-01 23:32 - 2014-07-13 12:22 - 00153744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-10-01 23:32 - 2014-07-13 12:22 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-10-01 23:32 - 2013-07-31 20:09 - 00448968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-10-01 23:32 - 2013-07-31 20:09 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-10-01 23:32 - 2013-07-31 20:08 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-10-01 23:32 - 2013-07-31 20:08 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-10-01 23:32 - 2013-07-31 20:08 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-10-01 23:30 - 2014-12-10 17:52 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-10-01 23:30 - 2013-07-31 20:08 - 01049880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-10-01 23:25 - 2015-08-17 19:48 - 00002410 _____ C:\Users\sabsn2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-01 23:25 - 2015-08-17 19:48 - 00000000 ___RD C:\Users\sabsn2\OneDrive
2015-10-01 23:19 - 2015-07-10 14:20 - 00274160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-01 23:17 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-01 21:30 - 2015-08-17 06:07 - 00000000 ____D C:\Windows.old
2015-09-17 02:08 - 2014-07-14 14:49 - 00000000 ____D C:\Users\sabsn2\Desktop\Sabrina_
2015-09-16 21:59 - 2013-01-05 16:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-16 21:53 - 2015-05-28 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-16 21:39 - 2013-08-26 13:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-16 21:19 - 2015-08-17 05:19 - 00000000 ____D C:\Program Files\CONEXANT
2015-09-16 21:16 - 2012-10-13 16:27 - 00000000 ____D C:\ProgramData\Conexant
2015-09-16 21:16 - 2012-08-22 10:52 - 01317096 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\Drivers\CHDRT64.sys
2015-09-16 20:45 - 2013-01-05 14:44 - 00000000 ____D C:\Users\sabsn2\AppData\Local\Packages

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe
2012-10-13 16:29 - 2012-10-13 16:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\sabsn2\AppData\Local\Temp\3449.exe
C:\Users\sabsn2\AppData\Local\Temp\8779.exe
C:\Users\sabsn2\AppData\Local\Temp\beeeaegeij.exe
C:\Users\sabsn2\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa7t2h3.dll
C:\Users\sabsn2\AppData\Local\Temp\UninstallModule.exe


Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\lhe.exe
C:\Windows\mlhe.exe

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-04 18:11

==================== Ende von FRST.txt ============================

saaabsn · 05.10.2015, 15:25

Und als zweites des Addition.txt:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von sabrina (2015-10-05 16:21:04)
Gestartet von C:\Users\sabsn2\Downloads
Windows 10 Home (X64) (2015-08-17 17:42:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3210108916-3864258014-2341951935-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3210108916-3864258014-2341951935-503 - Limited - Disabled)
Gast (S-1-5-21-3210108916-3864258014-2341951935-501 - Limited - Disabled)
sabrina (S-1-5-21-3210108916-3864258014-2341951935-1002 - Administrator - Enabled) => C:\Users\sabsn2
UpdatusUser (S-1-5-21-3210108916-3864258014-2341951935-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-Bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Avast Internet Security (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software)
Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre 64bit (HKLM\...\{C5D7991D-5C4F-475D-BF58-89A068A2FF14}) (Version: 2.25.0 - Kovid Goyal)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
DMG Extractor (HKLM-x32\...\DMGExtractor) (Version: 1.1.1.1 - Reincubate Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version:  - SEIKO EPSON Corporation)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.1901 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}) (Version: 1.12.824.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{4041B18B-DE30-4D78-9D60-6ADC586C5E00}) (Version: 2.1.003.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5926 - Lenovo)
Media Go (HKLM-x32\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.110.06300 (HKLM-x32\...\{15023164-F226-9ECA-D0CB-59AB4B40D222}) (Version: 2.12.110.06300 - Sony)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mixxx 1.11.0 (HKLM-x32\...\Mixxx (1.11.0)) (Version: 1.11.0 - The Mixxx Development Team)
MyBrowser 1.0.2V04.10 (HKLM-x32\...\MyBrowser 1.0.2V04.10) (Version: 1.36.01.22 - MyBrowser 1.0.2V04.10)
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Polaris Office Sync (HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\InstallShield_{A4870391-70B1-45CA-A67E-55E481D3ABBF}) (Version: 2.000.002 - Infraware)
Polaris Office Sync (x32 Version: 2.000.002 - Infraware) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
VirtualDJ 8 (HKLM-x32\...\{85E12659-D3A1-4583-BA1C-95DF53C3C632}) (Version: 8.0.2087.0 - Atomix Productions)
Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version:  - )
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

16-09-2015 21:14:25 Windows Update
01-10-2015 21:26:02 Windows Update
05-10-2015 14:50:22 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0436C5EC-945F-4D0E-ACC1-CDAFDC122121} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ACHTUNG
Task: {0D48E675-33BF-4571-8566-A977E2F6BD2D} - System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-6 => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-1-6.exe [2015-10-04] (MyBrowser 1.0.2V04.10) <==== ACHTUNG
Task: {0DDE4E1A-1498-4E4E-95BE-71A9C4701A16} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-01] (AVAST Software)
Task: {1021FD29-0911-45C4-B197-632709EBF24A} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {11588F70-8A9B-4E40-8217-9D2FEA6EAD67} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-17] ()
Task: {2D7441B9-98BA-4FC3-92AE-49FF3D8DF7F8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {33B7B525-D98C-419A-8484-0C8F77A245C4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3547212E-8C13-42D9-9BEF-CB8BFE9BEB77} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {39317E5D-6F22-4FD4-A26B-14697B25917D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3CB8898E-5764-4F91-ACB9-A83CF97AF82E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {45D63B78-99E9-4F53-A32B-077DFF59AD84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {490CB0AD-129F-4F40-9512-E6E58F8E0FE4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo)
Task: {4E56180E-9FF6-4212-B119-ECC25B687BBA} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {4F0503AD-BBAE-4285-8C92-BDEE3166591A} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {526FF07A-3483-474E-84D3-42D520CAE183} - System32\Tasks\{380D76D0-3C40-4CDD-A6C1-97DCD41DBCC2} => pcalua.exe -a "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\39.5.2171.95\Installer\setup.exe" -c --uninstall --system-level
Task: {56037FF6-8EF5-48DA-B0C2-700831BAD194} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {59CBD501-694D-4149-85FA-79B176031EC2} - System32\Tasks\NU0TOMlbp7jjX1EL8Y2A6I => C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe [2015-04-20] () <==== ACHTUNG
Task: {650A47C9-A842-48CA-BCD4-6253EE112F28} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {66F238EA-7DCD-4573-BD14-CBFF22737F94} - System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-5_user => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-5.exe [2015-10-04] (MyBrowser 1.0.2V04.10) <==== ACHTUNG
Task: {7194DBCD-24BE-4C52-862C-AC3EC3D589F7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {77D0F98A-4B19-4B10-B676-8F31A002FD1A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7D892567-2B6D-4F77-B7A9-3A7B4BC8F12A} - System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-10_user => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-10.exe [2015-10-04] (MyBrowser 1.0.2V04.10) <==== ACHTUNG
Task: {84DF59E3-1A20-4047-B44E-80531901C77A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002Core => C:\Users\sabsn2\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-02] (Facebook Inc.)
Task: {889859D1-5298-4270-8F0F-63BE35ECF79A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {894598E7-9A63-43BC-9014-84F759417A4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.)
Task: {8C5C47F8-9B5C-4EB3-9C30-EAAEFEA7A18A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8CCAF32C-63B8-40B7-B5CA-EE63CC8E2F1B} - System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-3 => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-3.exe [2015-10-04] (MyBrowser 1.0.2V04.10) <==== ACHTUNG
Task: {8FE0AE77-E3AD-4B12-8BD6-5B22B947A01A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A250CB00-9627-4C0A-B911-C24BE122B567} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA => C:\Users\sabsn2\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {A9C890D4-9BDD-4890-8D2B-A92CB0911ECF} - System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-5 => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-5.exe [2015-10-04] (MyBrowser 1.0.2V04.10) <==== ACHTUNG
Task: {AACB71E6-5050-426B-AE58-9A4F99B6D817} - System32\Tasks\PhraseProfessor Auto Updater 1.10.0.24 Pending Update => C:\Program Files (x86)\PhraseProfessor_1.10.0.24\Update\PhraseProfessorAutoUpdateClient.exe <==== ACHTUNG
Task: {AB31DD10-5ECB-4906-BC5D-69025641AC5C} - System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-7 => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-1-7.exe [2015-10-04] (MyBrowser 1.0.2V04.10) <==== ACHTUNG
Task: {B25A98CD-E9F0-4E47-A3F1-ECCA64B373BA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {B358F2C0-EF1C-4DF9-83FC-9F62DD4949CE} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ACHTUNG
Task: {B6D68653-FAFB-48B5-A4B9-8A81B3B5CE43} - System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-7 => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-7.exe [2015-10-04] (MyBrowser 1.0.2V04.10) <==== ACHTUNG
Task: {B720BA1C-4A9F-487C-B198-2C5CF3AEF4A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.)
Task: {B7B454A0-98A6-48F7-A8E2-695499B5CE4B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {BB1F935A-5703-463F-9E01-FE63B59D743C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA => C:\Users\sabsn2\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-02] (Facebook Inc.)
Task: {C94F1395-32C1-4E5C-8BCE-BD45955801C3} - System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-6 => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-6.exe [2015-10-04] (MyBrowser 1.0.2V04.10) <==== ACHTUNG
Task: {C9BAA96C-8B0C-445C-A170-A2F3B23F57B5} - System32\Tasks\{64D3BB65-D716-488F-AA7E-AE28D09AD7A9} => pcalua.exe -a "C:\ProgramData\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe" -c  /uninstall
Task: {CDFAA8E1-57D2-4949-B072-501DA1314F00} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002Core => C:\Users\sabsn2\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {CF728EC6-2925-4F42-A1F5-D63072EEA13E} - System32\Tasks\PhraseProfessor Auto Updater 1.10.0.24 Core => C:\Program Files (x86)\PhraseProfessor_1.10.0.24\Update\PhraseProfessorAutoUpdateClient.exe <==== ACHTUNG
Task: {F3B44ECB-CF8C-4031-8E51-71B149FA7EEE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F8E09B88-FB2F-4E54-A770-0C216FA7E6A5} - System32\Tasks\MixVideoPlayer Update => C:\Program Files (x86)\MixVideoPlayer\mixUpdater.exe [2015-08-06] ()
Task: {FFC4CD42-D328-433C-A098-6737AE7C8470} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {FFD54620-26F0-4A2E-A540-9DB409DDDAE5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-6.job => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-1-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-7.job => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-1-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-10_user.job => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-10.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-3.job => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-3.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-5.job => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-5_user.job => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-6.job => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-7.job => C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002Core.job => C:\Users\sabsn2\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA.job => C:\Users\sabsn2\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002Core.job => C:\Users\sabsn2\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA.job => C:\Users\sabsn2\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\NU0TOMlbp7jjX1EL8Y2A6I.job => C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-17 06:06 - 2015-08-17 06:06 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-08-17 05:18 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-20 17:10 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-10-01 23:57 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 23:57 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-14 15:37 - 2015-07-14 15:37 - 00821240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2015-10-01 23:56 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-08-07 12:20 - 2015-08-07 12:20 - 00122536 _____ () C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe
2015-10-01 23:57 - 2015-09-17 07:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 23:56 - 2015-09-17 07:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 23:56 - 2015-09-17 07:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 23:57 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-10-01 23:32 - 2015-10-01 23:32 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-10-01 23:32 - 2015-10-01 23:32 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-04 17:54 - 2015-10-04 17:54 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15100401\algo.dll
2014-03-21 15:05 - 2014-03-21 15:05 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-07-14 15:35 - 2015-07-14 15:35 - 00607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-03-21 15:06 - 2014-03-21 15:06 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-03-21 15:06 - 2014-03-21 15:06 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-03-21 15:06 - 2014-03-21 15:06 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-03-21 15:08 - 2014-03-21 15:08 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-03-21 15:09 - 2014-03-21 15:09 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2012-10-13 16:18 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-04-22 17:43 - 2015-08-21 21:05 - 00911096 _____ () C:\Users\sabsn2\AppData\Roaming\PolarisOfficeLink\System.Data.SQLite.dll
2015-10-04 17:59 - 2015-10-02 01:07 - 00166416 _____ () C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2015-10-05 15:22 - 2015-10-05 15:22 - 00071168 _____ () c:\users\sabsn2\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa7t2h3.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00012800 _____ () C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00779776 _____ () C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-01 12:18 - 2015-09-24 01:07 - 00056320 _____ () C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00012288 _____ () C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-10-13 16:54 - 2012-07-12 14:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2015-10-01 23:32 - 2015-10-01 23:32 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-22 20:37 - 2015-04-22 20:37 - 00985600 _____ () C:\Program Files\AVAST Software\Avast\ffmpegsumo.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\sabsn2\SkyDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\sabsn2\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F8EB35CB-726A-420D-B30C-15E5BDCF67B9}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{79DC2D5E-8D3B-4128-B352-5D463F26EDBA}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{6E2CC710-1CB3-4A2C-8B35-31BA56485F70}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{BB52814F-4C76-4C6B-B28C-AEE0CF061C4A}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{BC4FB4FD-261F-48E5-8E36-B37DE35BD54C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4CE0AFD1-2F1A-4E79-AF25-5E27901B56C5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E504A362-E0D8-469F-A5AA-77569D98CA64}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{11AE146C-2725-427C-9F38-22FD21BD0DBE}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{6B625630-EE99-4DDD-AAE9-B600AC38F1B0}] => (Allow) C:\Users\sabsn2\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [UDP Query User{817E6AA6-544B-404B-82F5-F510EA136E56}C:\users\sabsn2\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sabsn2\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{6E8F6C63-E98B-46CF-BACA-B2A08FF3A8A8}C:\users\sabsn2\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sabsn2\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4D4EB4EA-FDD7-45C8-971A-39628C62FF48}] => (Allow) C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0CFE6BBD-32C4-4123-96C7-72E16A26AA8C}] => (Allow) C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3577A558-1BA4-460B-983C-ECE5BF62AE5C}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{7C8C1A7E-4432-4647-9FE0-EA286B23531A}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{64427EEA-E847-4818-B07E-2CF32307368E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8244FE76-8D14-44E2-843F-CA704E0A564A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B9D67807-CF92-4AF2-A442-B31540DFC600}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{2D429701-690A-45EF-AF40-C1D4852F97FD}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E2F7E1DD-2FCD-4C16-8404-978E14BE4697}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{2F56221F-36E3-4479-BEF0-86ECD9DAB3DB}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [TCP Query User{E098A345-8190-4880-B878-D3D6411C0B6F}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{D0593163-3959-4A88-BFE5-6D967AE5E225}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [TCP Query User{C1005CA9-B887-4120-84DD-E310469E0638}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{BA13C19D-35D8-423D-B7C3-8DBCDFFF4153}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [{4CE2452F-BCB1-4FBA-AC59-B98C7A35C3AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7173893C-7376-4005-A1A0-6AD4296D3060}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E6C87404-93BA-405F-BD4C-5BB35882BC55}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CC52DFA4-553E-44C5-88FC-2C11723D77DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D9280271-CC08-4CE1-B9F4-7C68916AF176}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C78AEF9E-9989-4834-9310-5AC4F6E72513}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe
FirewallRules: [{E7D00B7B-5416-4421-8A99-A631900E5B21}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/05/2015 03:22:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SearchUI.exe, Version: 10.0.10240.16515, Zeitstempel: 0x55fa5578
Name des fehlerhaften Moduls: CortanaApi.dll, Version: 0.0.0.0, Zeitstempel: 0x55fa5354
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000013e739
ID des fehlerhaften Prozesses: 0xe60
Startzeit der fehlerhaften Anwendung: 0xSearchUI.exe0
Pfad der fehlerhaften Anwendung: SearchUI.exe1
Pfad des fehlerhaften Moduls: SearchUI.exe2
Berichtskennung: SearchUI.exe3
Vollständiger Name des fehlerhaften Pakets: SearchUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SearchUI.exe5

Error: (10/05/2015 03:21:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11e4

Startzeit: 01d0ff7056849459

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Berichts-ID: fa994b9c-6b63-11e5-bf06-b888e38bddf2

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI

Error: (10/05/2015 03:21:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: idea-PC)
Description: Das Paket „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (10/05/2015 02:50:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/05/2015 02:40:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: beeeaegeij.exe, Version: 0.0.0.0, Zeitstempel: 0x5612664f
Name des fehlerhaften Moduls: beeeaegeij.exe, Version: 0.0.0.0, Zeitstempel: 0x5612664f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001c20
ID des fehlerhaften Prozesses: 0x444
Startzeit der fehlerhaften Anwendung: 0xbeeeaegeij.exe0
Pfad der fehlerhaften Anwendung: beeeaegeij.exe1
Pfad des fehlerhaften Moduls: beeeaegeij.exe2
Berichtskennung: beeeaegeij.exe3
Vollständiger Name des fehlerhaften Pakets: beeeaegeij.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: beeeaegeij.exe5

Error: (10/05/2015 02:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: beeeaegeij.exe, Version: 0.0.0.0, Zeitstempel: 0x5612664f
Name des fehlerhaften Moduls: beeeaegeij.exe, Version: 0.0.0.0, Zeitstempel: 0x5612664f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001c20
ID des fehlerhaften Prozesses: 0x1b50
Startzeit der fehlerhaften Anwendung: 0xbeeeaegeij.exe0
Pfad der fehlerhaften Anwendung: beeeaegeij.exe1
Pfad des fehlerhaften Moduls: beeeaegeij.exe2
Berichtskennung: beeeaegeij.exe3
Vollständiger Name des fehlerhaften Pakets: beeeaegeij.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: beeeaegeij.exe5

Error: (10/05/2015 02:38:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: beeeaegeij.exe, Version: 0.0.0.0, Zeitstempel: 0x5612664f
Name des fehlerhaften Moduls: beeeaegeij.exe, Version: 0.0.0.0, Zeitstempel: 0x5612664f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001c20
ID des fehlerhaften Prozesses: 0x6c0
Startzeit der fehlerhaften Anwendung: 0xbeeeaegeij.exe0
Pfad der fehlerhaften Anwendung: beeeaegeij.exe1
Pfad des fehlerhaften Moduls: beeeaegeij.exe2
Berichtskennung: beeeaegeij.exe3
Vollständiger Name des fehlerhaften Pakets: beeeaegeij.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: beeeaegeij.exe5

Error: (10/05/2015 02:36:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm 380.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2438

Startzeit: 01d0ff6a55ab97ec

Beendigungszeit: 4294967295

Anwendungspfad: C:\Users\sabsn2\AppData\Local\Temp\is-LTBBS.tmp\380.tmp

Berichts-ID: a1372de5-6b5d-11e5-bf04-b888e38bddf2

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (10/05/2015 02:25:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/04/2015 08:49:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (10/05/2015 03:52:50 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (10/05/2015 03:38:00 PM) (Source: DCOM) (EventID: 10016) (User: idea-PC)
Description: AnwendungsspezifischLokalAktivierung{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}idea-PCsabrinaS-1-5-21-3210108916-3864258014-2341951935-1002LocalHost (unter Verwendung von LRPC)Microsoft.MicrosoftEdge_20.10240.16384.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194

Error: (10/05/2015 03:21:10 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (10/05/2015 03:20:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (10/05/2015 03:20:32 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (10/05/2015 03:17:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Pine Tree" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/05/2015 03:17:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Conexant SmartAudio service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/05/2015 03:15:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/05/2015 02:49:09 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (10/05/2015 02:46:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8055.77 MB
Verfügbarer physikalischer RAM: 5207.77 MB
Summe virtueller Speicher: 9335.77 MB
Verfügbarer virtueller Speicher: 6277.39 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:418.09 GB) (Free:166.42 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.36 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DFDDBEBB)

Partition: GPT.

==================== Ende von Addition.txt ============================

Musste es auf zwei Einträge aufteilen.

Danke für die schnelle Hilfe =)

Deathkid535 · 05.10.2015, 17:42

Hi,

Schritt # 1: Programme deinstallieren

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

MyBrowser 1.0.2V04.10
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Schritt # 2: MBAM

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt # 3: AdwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt # 4: JRT

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt # 5: FRST

Bitte noch ein FRST-Log erstellen, mit Additions.txt angehakerlt.

Schritt # 6: Bitte Posten

Das Logfile von MBAM
Das Logfile von AdwCleaner
Das Logfile von JRT
Das Logfile von FRST

saaabsn · 05.10.2015, 20:50

Logfile MBAM
Der Rest ist noch am laufen =)

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 05.10.2015
Suchlaufzeit: 19:35
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.10.05.05
Rootkit-Datenbank: v2015.10.02.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: sabrina

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 465576
Abgelaufene Zeit: 42 Min., 36 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 4
PUP.Optional.MyBrowser, C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-6.exe, 4036, Löschen bei Neustart, [5801a3b07c0f47ef5c3110aa8f7613ed]
PUP.Optional.MyBrowser, C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-1-6.exe, 3096, Löschen bei Neustart, [2d2c2d261c6fcd6944496f4b59ac43bd]
PUP.Optional.MyBrowser, C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-10.exe, 3144, Löschen bei Neustart, [10499db6a3e82d09494468524eb7cb35]
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe, 5136, Löschen bei Neustart, [9bbeca89f794eb4b9379536809fbab55]

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 118
PUP.Optional.PhraseProfessor, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ppfd_vw_1_10_0_24, In Quarantäne, [d6835ef559321c1a3597239a0005ba46], 
PUP.Optional.PineTree, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{814b70f2-89de-4982-b4fb-8ca0819c757d}Gw64, In Quarantäne, [a2b7b89b1f6cf442c20b5568768f8977], 
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, In Quarantäne, [5207ca89cdbe94a2c9687505a85925db], 
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, In Quarantäne, [5207ca89cdbe94a2c9687505a85925db], 
PUP.Optional.HighDefAction, HKLM\SOFTWARE\HighDefAction, In Quarantäne, [be9bc48fd0bbf244b62ad4da7094fa06], 
PUP.Optional.YorkNewCin, HKLM\SOFTWARE\YorkNewCin, In Quarantäne, [4316f95ac8c30c2a374829af63a19967], 
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\ARENAHD, In Quarantäne, [c891a2b1c4c7b581ec0debb10bf9847c], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [b9a0aba8d0bb41f57c67921ac044e31d], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, In Quarantäne, [f0697fd4305b4aec42a1ac004cb89f61], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, In Quarantäne, [3425e46fb1da45f123c08f1d63a129d7], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync, In Quarantäne, [b5a4054ec7c40b2b4f950d9f798b3cc4], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, In Quarantäne, [d584074ca7e447eff4f0b5f721e38f71], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass, In Quarantäne, [a1b8bf94d5b636002eb68f1da95b21df], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass.1, In Quarantäne, [b2a7f65d0289ec4a687c317b47bd38c8], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass, In Quarantäne, [cd8c98bb5f2cdc5a8064a4084bb9d62a], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, In Quarantäne, [b0a9d87b99f27db9f9eb5e4ef50f5da3], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, In Quarantäne, [43165cf7800b67cf83615e4e9c682dd3], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, In Quarantäne, [1c3de07362299a9c0cd8525aba4a5ca4], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, In Quarantäne, [adac3f14b7d4cd694d977f2d0ef6ed13], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [99c0fe552962fc3a9252b5f7c83cd32d], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [5306322159320234954fe0cc21e37090], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [9cbdc48f15760630b232dad2ab59c937], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, In Quarantäne, [9fba2132e3a8ea4c8c58cae26a9a4bb5], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [2336f162f794989e588c644862a23dc3], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher, In Quarantäne, [84d5d77cf19aae88f4f0aa022cd8f60a], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, In Quarantäne, [4a0fb3a0bccf3105df056349b0548f71], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService, In Quarantäne, [e1782b28ef9c1e18d2121d8f6d979f61], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, In Quarantäne, [5108a7acc4c7fc3a0fd56f3d8a7af60a], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine, In Quarantäne, [a2b7bd96e3a856e09252ddcf52b218e8], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, In Quarantäne, [f36683d0dab16ec83fa5426a07fd48b8], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, In Quarantäne, [b4a565eef7943303a53f901c4fb55fa1], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [bb9ed3803259a690964ed6d661a360a0], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc, In Quarantäne, [4811d77c03886dc921c3c1ebc63e629e], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, In Quarantäne, [e9707dd69eedaa8c598bf8b48b7922de], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE, In Quarantäne, [60f969ea7714ed49bd25b3f9a460c13f], 
PUP.Optional.MixVideoPlayer, HKLM\SOFTWARE\CLASSES\APPLICATIONS\MixVideoPlayer.exe, In Quarantäne, [4415aaa968232a0c69a8992236ced927], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE, In Quarantäne, [d980da7979121f1730b22b81b153d927], 
PUP.Optional.MixVideoPlayer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPLICATIONS\MixVideoPlayer.exe, In Quarantäne, [f3669eb5b4d7d165df3209b23acad12f], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [d188b79ca4e78fa79c35c4df8e76e11f], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\797f0bc9-059d-44f8-99ad-697050651e58-1-6, Löschen bei Neustart, [da7f044fa5e63402c70f3f64709460a0], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\797f0bc9-059d-44f8-99ad-697050651e58-1-7, Löschen bei Neustart, [e27790c3078467cfb422b9eaf60eba46], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\797f0bc9-059d-44f8-99ad-697050651e58-10_user, Löschen bei Neustart, [b0a9ea691f6cf5412ea83f6438ccda26], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\797f0bc9-059d-44f8-99ad-697050651e58-3, Löschen bei Neustart, [85d4d083414a43f39442b7ec58ac9c64], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\797f0bc9-059d-44f8-99ad-697050651e58-5, Löschen bei Neustart, [2d2c2d26c9c2f4426a6c851edb29ce32], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\797f0bc9-059d-44f8-99ad-697050651e58-5_user, Löschen bei Neustart, [035694bf2665ca6c0dc9f0b360a44fb1], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\797f0bc9-059d-44f8-99ad-697050651e58-6, Löschen bei Neustart, [1643f45f6823a492e7efb3f0bf457888], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\797f0bc9-059d-44f8-99ad-697050651e58-7, Löschen bei Neustart, [ef6a30237219b87e5b7bb9ea3acab14f], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineCore, Löschen bei Neustart, [ea6f2f24deadf5418364d7d5e61e6d93], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineUA, Löschen bei Neustart, [a4b5f360cebd73c392569b11a16358a8], 
PUP.Optional.MixVideoPlayer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MixVideoPlayer Update, Löschen bei Neustart, [d881b3a06a2148ee1ef5982310f428d8], 
PUP.Optional.PhraseProfessor, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PhraseProfessor Auto Updater 1.10.0.24 Core, Löschen bei Neustart, [cb8e73e0d2b980b69dc15f6119eb14ec], 
PUP.Optional.PhraseProfessor, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PhraseProfessor Auto Updater 1.10.0.24 Pending Update, Löschen bei Neustart, [b9a0520188033ef86af4328e18ec3dc3], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\Crossbrowse, In Quarantäne, [2435371c98f32016834a029e3bc9926e], 
PUP.Optional.HighDefAction, HKLM\SOFTWARE\WOW6432NODE\HighDefAction, In Quarantäne, [62f76fe4a0eb8babb8289e1020e4aa56], 
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MyBrowser, In Quarantäne, [f66342112f5c05310a54598627dd7d83], 
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MyBrowser 1.0.2V04.10-nv, In Quarantäne, [a9b05ef572197cba3feefac2e61e6997], 
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MyBrowser 1.0.2V04.10-nv-ie, In Quarantäne, [86d34f04cebd75c16cc19b219e6608f8], 
PUP.Optional.PhraseProfessor, HKLM\SOFTWARE\WOW6432NODE\PhraseProfessor_1.10.0.24, In Quarantäne, [3722da790586c373dc842c94669e946c], 
PUP.Optional.YorkNewCin, HKLM\SOFTWARE\WOW6432NODE\YorkNewCin, In Quarantäne, [09501b38a7e40b2b047bc61222e2738d], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [afaa84cf6328cb6bc701752e739147b9], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, In Quarantäne, [aeab490aee9d1e181ed112d15da79b65], 
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\ARENAHD, In Quarantäne, [98c10a49513ac5713dbcabf161a3c937], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [b2a74a09d0bbd066925183298b79fd03], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, In Quarantäne, [91c868ebe4a70630b52ed0dc6d97e51b], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, In Quarantäne, [2930cc8798f355e1f8eb5b518e7627d9], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync, In Quarantäne, [b9a095be7b10072fc024208cde26ad53], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, In Quarantäne, [95c4c78ce5a6c0766d77812bc0447090], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass, In Quarantäne, [fb5e7bd817748babcb19f8b463a157a9], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass.1, In Quarantäne, [3b1e440f474452e4954f02aa6a9ad62a], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass, In Quarantäne, [c990de752d5ea78fc61e0aa240c4669a], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, In Quarantäne, [fd5c9eb5b1dab2840cd88725c63e06fa], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, In Quarantäne, [89d04d06eaa12610c222d6d6eb196b95], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, In Quarantäne, [253433201477b87eba2a6b4116eee818], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, In Quarantäne, [401955fe3457181e499b8428c63eaa56], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [a0b98ac9d9b2979f42a2d2da41c334cc], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [1e3b82d16c1ff44211d387259371ae52], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [e475a3b0a7e494a2b2324666b0540af6], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, In Quarantäne, [bd9c1b388efd78beaf355d4fc1436997], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [80d9cd86f398a78fcd172f7d0df7659b], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher, In Quarantäne, [4514b79c79121323984c1d8f9272758b], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, In Quarantäne, [85d4b89b4546bf771acabbf190746d93], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService, In Quarantäne, [3d1c80d3aedd0135a63e8527d133d52b], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, In Quarantäne, [3821fa591a71ba7c22c2109cd92bcd33], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine, In Quarantäne, [f168351e94f7d6606a7a901c64a07f81], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, In Quarantäne, [cd8c302329620234e1039319fd0751af], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, In Quarantäne, [d386ff54098259dd667eebc13ec6f10f], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [82d7cf844546e650687cc2ead52fff01], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc, In Quarantäne, [bd9c74dfd1ba43f35a8adad2848034cc], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, In Quarantäne, [b4a577dcb7d42610eafa1c9005ff847c], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE, In Quarantäne, [2534e3709af175c110d213992bd9aa56], 
PUP.Optional.MixVideoPlayer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPLICATIONS\MixVideoPlayer.exe, In Quarantäne, [332662f1ddae1422d53ce2d95ba9ca36], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, In Quarantäne, [fe5be56e8407b97d05e1e1cbce36ea16], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [0b4efc57a2e9999ddcf5346fab59cd33], 
PUP.Optional.MixVideoPlayer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\MixVideoPlayer_RASAPI32, In Quarantäne, [4f0a1043afdc3006aa10964e62a20df3], 
PUP.Optional.MixVideoPlayer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\MixVideoPlayer_RASMANCS, In Quarantäne, [4d0cba993d4e8da94773c12312f235cb], 
PUP.Optional.PhraseProfessor, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PhraseProfessorAutoUpdateClient_RASAPI32, In Quarantäne, [a0b9f261d6b5a393f488737105ff36ca], 
PUP.Optional.PhraseProfessor, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PhraseProfessorAutoUpdateClient_RASMANCS, In Quarantäne, [bc9da0b3abe0d5612953974d7e8625db], 
PUP.Optional.MixVideoPlayer, HKLM\SOFTWARE\WOW6432NODE\MIXVIDEOPLAYER\MIXVIDEOPLAYER, In Quarantäne, [a0b92033305b0432e13304b7d034a35d], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [fc5db69d5536ea4c8862b3f9f70d2ed2], 
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [ce8b8bc8c4c770c62bbe6646f31124dc], 
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, In Quarantäne, [68f1064d9fec73c35165fed4a4606d93], 
PUP.Optional.PineTree, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Pine Tree, In Quarantäne, [a8b1e76c414a51e5b6ccb70945bf21df], 
PUP.Optional.MyBrowser, HKU\S-1-5-18\SOFTWARE\MyBrowser 1.0.2V04.10-nv, In Quarantäne, [e0797dd66a21280e7fad536963a1c23e], 
PUP.Optional.MyBrowser, HKU\S-1-5-18\SOFTWARE\MyBrowser 1.0.2V04.10-nv-ie, In Quarantäne, [d9800b480883b97d3cf04f6dd0345ba5], 
PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, In Quarantäne, [fc5d74df79122313a5deffa30bf9bc44], 
PUP.Optional.CrossBrowse, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\Crossbrowse, In Quarantäne, [47128ac96c1f13239236f7a98c78c43c], 
PUP.Optional.HighDefAction, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\HighDefAction, In Quarantäne, [8bce71e2dcafda5cd708614d29dbfa06], 
PUP.Optional.InstallCore, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\InstallCore, In Quarantäne, [3821a4af860592a406eead0453b11fe1], 
PUP.Optional.MaxDriverUpdater, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\maxdriverupdater, In Quarantäne, [3e1ba3b09dee1026d0517f640ef65aa6], 
PUP.Optional.MyBrowser, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\MyBrowser, In Quarantäne, [89d090c38cffa294279f39a6c341a55b], 
PUP.Optional.MyBrowser, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\MyBrowser 1.0.2V04.10, In Quarantäne, [5207d77c1675280e0e1eb507f70d13ed], 
PUP.Optional.MyBrowser, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\MyBrowser 1.0.2V04.10-nv, In Quarantäne, [b9a022311b70ad89121a8834cd371ee2], 
PUP.Optional.MyBrowser, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\MyBrowser 1.0.2V04.10-nv-ie, In Quarantäne, [065367ecd9b21a1c1616427afd074cb4], 
PUP.Optional.YorkNewCin, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\YorkNewCin, In Quarantäne, [cb8eb89ba0eb171f5e2015c3f80c8e72], 
PUP.Optional.CrossRider, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [63f63221d4b7f046d0b3bfe305ff4cb4], 
PUP.Optional.CinemaPlus, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\ARENAHD, In Quarantäne, [9ebbca89c8c322148b4f3b61788c659b], 
PUP.Optional.GlobalUpdate, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, In Quarantäne, [154461f20e7d79bdbf26b5f76a9af808], 
PUP.Optional.CrossRider, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [abae262dacdf5bdbf99f2b77f90bde22], 

Registrierungswerte: 15
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\ARENAHD|value, 1, In Quarantäne, [c891a2b1c4c7b581ec0debb10bf9847c]
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, In Quarantäne, [60f969ea7714ed49bd25b3f9a460c13f]
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, In Quarantäne, [d980da7979121f1730b22b81b153d927]
PUP.Optional.PCTuner, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, In Quarantäne, [a6b3f65df695e4522ff5c8f84eb62ad6]
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\ARENAHD|value, 1, In Quarantäne, [98c10a49513ac5713dbcabf161a3c937]
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, In Quarantäne, [2534e3709af175c110d213992bd9aa56]
PUP.Optional.PCTuner, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, In Quarantäne, [8bce163dafdcf34343e1c5fbe420d32d]
PUP.Optional.GamesDesktop, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_de_004010105, In Quarantäne, [88d16de61a7185b1c932a9021ce8e719], 
PUP.Optional.Recover, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|rec_en_77, In Quarantäne, [bf9a9bb8b4d7f640da8fd8eca95b3dc3], 
PUP.Optional.MixVideoPlayer, HKLM\SOFTWARE\WOW6432NODE\MIXVIDEOPLAYER\MIXVIDEOPLAYER|InstallDir, C:\Program Files (x86)\MixVideoPlayer, In Quarantäne, [a0b92033305b0432e13304b7d034a35d]
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, BE4DD925-70B6-4C17-B87B-F2DFA1CCF815, In Quarantäne, [68f1064d9fec73c35165fed4a4606d93]
PUP.Optional.Vitruvian, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ppfd_vw_1_10_0_24|ImagePath, system32\drivers\ppfd_vw_1_10_0_24.sys, In Quarantäne, [6eeb76dda9e23ef8525c4b89f60eec14]
PUP.Optional.CinemaPlus, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\ARENAHD|value, 1, In Quarantäne, [9ebbca89c8c322148b4f3b61788c659b]
PUP.Optional.GlobalUpdate, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, In Quarantäne, [154461f20e7d79bdbf26b5f76a9af808]
PUP.Optional.PCTuner, HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\HIGHDEFACTION|value, 1, In Quarantäne, [75e487cc1d6e7eb85ec21da348bc38c8]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 33
PUP.Optional.IOProtect, C:\Users\sabsn2\AppData\Local\Temp\WIZZ, In Quarantäne, [c3967cd73457f04650f8dfd3ed1717e9], 
PUP.Optional.MixVideoPlayer, C:\Users\sabsn2\AppData\Local\mixvideoplayer, In Quarantäne, [b7a21d363655b87e64a7dfdc669e7090], 
PUP.Optional.MixVideoPlayer, C:\Users\sabsn2\AppData\Local\mixvideoplayer\config, In Quarantäne, [b7a21d363655b87e64a7dfdc669e7090], 
PUP.Optional.MixVideoPlayer, C:\Users\sabsn2\AppData\Local\mixvideoplayer\Playlists, In Quarantäne, [b7a21d363655b87e64a7dfdc669e7090], 
PUP.Optional.MixVideoPlayer, C:\Users\sabsn2\AppData\Local\mixvideoplayer\Snap, In Quarantäne, [b7a21d363655b87e64a7dfdc669e7090], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer, Löschen bei Neustart, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Controls, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Windows, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer, In Quarantäne, [cd8ce76cf497e84e58b5dfdc54b0b848], 
PUP.Optional.WebBar, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, In Quarantäne, [24359ab9e2a9ab8b4662dcf9828242be], 
PUP.Optional.OpenCandy, C:\Users\sabsn2\AppData\Roaming\OpenCandy, In Quarantäne, [db7eba998209f14596b4ab5f39ca7789], 
PUP.Optional.OpenCandy, C:\Users\sabsn2\AppData\Roaming\OpenCandy\A2524C7C2B2D43DEAA56C237CAD0CDF0, In Quarantäne, [db7eba998209f14596b4ab5f39ca7789], 
PUP.Optional.OpenCandy, C:\Users\sabsn2\AppData\Roaming\OpenCandy\OpenCandy_A2524C7C2B2D43DEAA56C237CAD0CDF0, In Quarantäne, [db7eba998209f14596b4ab5f39ca7789], 
PUP.Optional.BrowserWeb, C:\Users\sabsn2\AppData\Local\BrowserWeb, In Quarantäne, [6beeec67a1ea181e077e21f6f2118a76], 
PUP.Optional.GlobalUpdate, C:\Users\sabsn2\AppData\Local\Temp\comh.495724, In Quarantäne, [2039a7ac315a55e17ff1b2747b88966a], 
PUP.Optional.MaxDriverUpdater, C:\Users\sabsn2\AppData\Local\Temp\MAXDriverUpdater, In Quarantäne, [96c3a8ab26659b9b2db39694a55eed13], 
PUP.Optional.MixVideoPlayer, C:\Users\sabsn2\AppData\Local\com\MixVideoPlayer.exe_Url_0uxwaewrhelcgghll0o5cintgfcbqdxr, In Quarantäne, [b3a6480b414ad85ed8357cb2b35039c7], 
PUP.Optional.MixVideoPlayer, C:\Users\sabsn2\AppData\Local\com\MixVideoPlayer.exe_Url_0uxwaewrhelcgghll0o5cintgfcbqdxr\1.0.0.25, In Quarantäne, [b3a6480b414ad85ed8357cb2b35039c7], 
PUP.Optional.MyBrowser, C:\Program Files (x86)\MyBrowser 1.0.2V04.10, Löschen bei Neustart, [1b3e2c274a4132049ef368c63bc8ec14], 
PUP.Optional.PineTree, C:\Program Files (x86)\Pine Tree, In Quarantäne, [4019da79048746f02b25c66a2dd6f907], 
PUP.Optional.PineTree, C:\Users\sabsn2\AppData\Local\Temp\Pine Tree, In Quarantäne, [a6b38dc6810aa1950051e848020125db], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\api, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\popupResource, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\userCode, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\icons, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\icons\actions, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 

Dateien: 260
PUP.Optional.MyBrowser, C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-6.exe, Löschen bei Neustart, [5801a3b07c0f47ef5c3110aa8f7613ed], 
PUP.Optional.MyBrowser, C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-1-6.exe, Löschen bei Neustart, [2d2c2d261c6fcd6944496f4b59ac43bd], 
PUP.Optional.MyBrowser, C:\Program Files (x86)\MyBrowser 1.0.2V04.10\797f0bc9-059d-44f8-99ad-697050651e58-10.exe, Löschen bei Neustart, [10499db6a3e82d09494468524eb7cb35], 
PUP.Optional.PhraseProfessor, C:\Windows\System32\drivers\ppfd_vw_1_10_0_24.sys, Löschen bei Neustart, [d6835ef559321c1a3597239a0005ba46], 
PUP.Optional.PineTree, C:\Windows\System32\drivers\{814b70f2-89de-4982-b4fb-8ca0819c757d}Gw64.sys, Löschen bei Neustart, [a2b7b89b1f6cf442c20b5568768f8977], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe, In Quarantäne, [0752c48f0a81dd59d2dd1aa348b9649c], 
PUP.Optional.Nova, C:\Program Files (x86)\Amazon\7fc7854f-f1be-4d86-86fd-36f8f6067a9e.dll, In Quarantäne, [f3668fc4672461d54ee1b011629f19e7], 
PUP.Optional.CrossRider, C:\Program Files (x86)\Amazon\dd360bc6-2e37-447d-98fa-b8d0040286e1.dll, In Quarantäne, [243521328ffc3df954865d5c5ba6857b], 
PUP.Optional.CrossRider, C:\Program Files (x86)\dd360bc6-2e37-447d-98fa-b8d0040286e1\462aa98c-e3d3-4fd9-85c9-eb9d01d10a37.dll, In Quarantäne, [6eeb8dc61f6c8fa7627870495fa2e31d], 
PUP.Optional.Nova, C:\Program Files (x86)\dd360bc6-2e37-447d-98fa-b8d0040286e1\5d892e42-52b3-4405-954b-4c40042bfc2e.dll, In Quarantäne, [e277f65dd2b9da5cf13e546d5ea320e0], 
PUP.Optional.MyBrowser, C:\$Recycle.Bin\S-1-5-21-3210108916-3864258014-2341951935-1002\$RAM1ZMG.exe, In Quarantäne, [a4b5cb88414ad75f0d806d4d1beaf709], 
PUP.Optional.MyBrowser, C:\$Recycle.Bin\S-1-5-21-3210108916-3864258014-2341951935-1002\$RHPLR6R.exe, In Quarantäne, [d782044f632889ad4a43f9c156af2bd5], 
PUP.Optional.MyBrowser, C:\$Recycle.Bin\S-1-5-21-3210108916-3864258014-2341951935-1002\$RJ964GC.exe, In Quarantäne, [e277460da2e9290d513c952546bf53ad], 
PUP.Optional.MyBrowser, C:\$Recycle.Bin\S-1-5-21-3210108916-3864258014-2341951935-1002\$RP7TURB.exe, In Quarantäne, [4d0cbd96dfac8bab038a803af51047b9], 
PUP.Optional.MyBrowser, C:\$Recycle.Bin\S-1-5-21-3210108916-3864258014-2341951935-1002\$RPERVXL.exe, In Quarantäne, [5603ed66a4e7d561c8c59c1eb94cf50b], 
PUP.Optional.MyBrowser, C:\$Recycle.Bin\S-1-5-21-3210108916-3864258014-2341951935-1002\$RQIJB08.exe, In Quarantäne, [89d0b89b434892a4f598aa10f114d32d], 
PUP.Optional.CrossRider, C:\$Recycle.Bin\S-1-5-21-3210108916-3864258014-2341951935-1002\$RTL41H3.dll, In Quarantäne, [95c479daa3e8fc3ab9212d8c3dc454ac], 
PUP.Optional.Downloader, C:\$Recycle.Bin\S-1-5-21-3210108916-3864258014-2341951935-1002\$RTNUSMY.exe, In Quarantäne, [89d01a39f4971620f6331aa4c938b24e], 
PUP.Optional.Nova, C:\$Recycle.Bin\S-1-5-21-3210108916-3864258014-2341951935-1002\$RYF80X9.dll, In Quarantäne, [5bfe6ee58cff3006d35c705156abe51b], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Temp\3449.exe, In Quarantäne, [ec6d1a393853a690a67c9924c3423ec2], 
PUP.Optional.MyBrowser, C:\Users\sabsn2\AppData\Local\Temp\8779.exe, In Quarantäne, [f366460ddab171c5c2cb239752b3ef11], 
PUP.Optional.MyBrowser, C:\Users\sabsn2\AppData\Local\Temp\8D88.tmp, In Quarantäne, [acadb99a612aed497cf38f50ba473bc5], 
PUP.Optional.WebBar, C:\Users\sabsn2\AppData\Local\Temp\389037d4-7db5-4e16-985a-37203a66d279\web_bar_setup.exe, In Quarantäne, [6ced084ba8e33ff7aed9bb080af7d22e], 
PUP.Optional.PineTree, C:\Users\sabsn2\AppData\Local\Temp\790ead63-6599-4b0a-9ec9-453dcb2cc781\pinetreesetup.exe, In Quarantäne, [66f36de6bbd0e0569e2fa41944c1a65a], 
PUP.Optional.MaxDriverUpdater, C:\Users\sabsn2\AppData\Local\Temp\WIZZTEMP\newversion.exe, In Quarantäne, [99c08ec54c3f3600441380677190b44c], 
PUP.Optional.ConvertAd, C:\Users\sabsn2\AppData\Local\Temp\dba35c7a-a275-49f1-874a-13c9e8ad2a4a\maxdrivrupdater.exe, In Quarantäne, [3e1beb681a71979f0d7be6012bd623dd], 
PUP.Optional.PhraseProfessor, C:\Users\sabsn2\AppData\Local\Temp\is-F55NO.tmp\465.exe, In Quarantäne, [df7a0e45acdfc6708f3df4c94abb35cb], 
PUP.Optional.PhraseProfessor, C:\Users\sabsn2\AppData\Local\Temp\is-HEFP7.tmp\465.exe, In Quarantäne, [a6b356fd1c6f8ea87d4f6b52fb0a21df], 
PUP.Optional.MixVideoPlayer, C:\Users\sabsn2\AppData\Local\Temp\9c4ca2ae-c9c8-49f4-bd99-a94bf5f3d405\mixvideoplayersetup.exe, In Quarantäne, [6decba99a4e739fddd3d5afef808d22e], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Temp\cf6f8c9f-6c38-43da-b7c7-6114bfe2b0eb\installer.exe, In Quarantäne, [233601525734d36379a9b10c45c032ce], 
PUP.Optional.ModGoog, C:\Users\sabsn2\AppData\Local\Temp\comh.495724\globalupdate.exe, In Quarantäne, [5207ca89cdbe94a2c9687505a85925db], 
PUP.Optional.ModGoog, C:\Users\sabsn2\AppData\Local\Temp\comh.495724\globalupdateBroker.exe, In Quarantäne, [a2b7e46ff89352e42c05fa8026dbfa06], 
PUP.Optional.ModGoog, C:\Users\sabsn2\AppData\Local\Temp\comh.495724\globalupdateCrashHandler.exe, In Quarantäne, [c2971b38513a1422e44d532704fd36ca], 
PUP.Optional.ModGoog, C:\Users\sabsn2\AppData\Local\Temp\comh.495724\globalupdateOnDemand.exe, In Quarantäne, [1841d57e7f0c0c2aa190d6a425dca060], 
PUP.Optional.ModGoog, C:\Users\sabsn2\AppData\Local\Temp\comh.495724\goopdate.dll, In Quarantäne, [d98084cf741749ed61d05c1e738e3cc4], 
PUP.Optional.ModGoog, C:\Users\sabsn2\AppData\Local\Temp\comh.495724\goopdateres_en.dll, In Quarantäne, [adac1b38276479bd062bfb7fea1753ad], 
PUP.Optional.ModGoog, C:\Users\sabsn2\AppData\Local\Temp\comh.495724\npglobalupdateUpdate4.dll, In Quarantäne, [adacdd76c8c3f83edf527dfdf70a5ca4], 
PUP.Optional.ModGoog, C:\Users\sabsn2\AppData\Local\Temp\comh.495724\psmachine.dll, In Quarantäne, [4a0f440f07840f2737fa4931f30e6898], 
PUP.Optional.ModGoog, C:\Users\sabsn2\AppData\Local\Temp\comh.495724\psuser.dll, In Quarantäne, [85d456fdafdcb87e250c502a1ce5728e], 
PUP.Optional.RinoReader, C:\Users\sabsn2\AppData\Local\Temp\e5edabb8-19e0-4ab9-9e4d-09fc0e71d5bb\setup.exe, In Quarantäne, [4910ea69f497a690099b5efabc4403fd], 
PUP.Optional.BundleInstaller, C:\Users\sabsn2\Downloads\Setup.zip, In Quarantäne, [f861e2713754f73f9ead6a74c53c35cb], 
PUP.Optional.DownloadGuide, C:\Users\sabsn2\Downloads\Sigel_Visitenkarten_In_2_Minuten_CB-DL-Manager.exe, In Quarantäne, [52070152365540f6b776d8e6b44d21df], 
PUP.Optional.SwiftBrowse, C:\Users\sabsn2\Downloads\Flash_Player_Pro_Setup (1).exe, In Quarantäne, [63f6bb98f89369cdb7ba80d58f727b85], 
PUP.Optional.Bandoo, C:\Users\sabsn2\Downloads\iLividSetup-r1734-n-bc (1).exe, In Quarantäne, [8acf69eaa9e2b1850adef6effb057b85], 
PUP.Optional.Bandoo, C:\Users\sabsn2\Downloads\iLividSetup-r1734-n-bc (2).exe, In Quarantäne, [2b2e1340860562d41ecaeafb798747b9], 
PUP.Optional.Bandoo, C:\Users\sabsn2\Downloads\iLividSetup-r1734-n-bc.exe, In Quarantäne, [89d0e76c0e7d84b20fd9b035f20ed42c], 
PUP.Optional.OpenCandy, C:\Users\sabsn2\Downloads\dmge-latest.exe, In Quarantäne, [ca8f91c2d3b8bc7afd9714998f7628d8], 
PUP.Optional.SwiftBrowse, C:\Users\sabsn2\Downloads\Flash_Player_Pro_Setup.exe, In Quarantäne, [b6a357fc4a41c3735021d58018e9fb05], 
PUP.Optional.RegCleanPro, C:\Users\sabsn2\Downloads\rcpsetup_matomyil_myil442191.exe, In Quarantäne, [3128d2816823ff37082e56d8f709718f], 
PUP.Optional.DomaIQ, C:\Users\sabsn2\Downloads\Setup.exe, In Quarantäne, [0554292a167557df2c2fd521728eb34d], 
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-6, In Quarantäne, [5efbfd56f992cc6a4c49147fbf45966a], 
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-7, In Quarantäne, [68f190c31f6cd561fd981a7935cf14ec], 
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-10_user, In Quarantäne, [01587dd6e3a81e1840550c8772921de3], 
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-3, In Quarantäne, [6beede750685e35396ff187b6f955fa1], 
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-5, In Quarantäne, [c9902d26a4e7e5517b1ac1d2788cbd43], 
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-5_user, In Quarantäne, [4e0b5102acdf4de97e1751422bd94bb5], 
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-6, In Quarantäne, [5efb1241018aad899cf9aae9cd37649c], 
PUP.Optional.CrossRider, C:\Windows\System32\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-7, In Quarantäne, [5cfd5df6e8a359ddd2c3880b4aba3fc1], 
PUP.Optional.CrossRider, C:\Windows\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-6.job, In Quarantäne, [ea6f4112e7a470c6a9ede1b2dd27827e], 
PUP.Optional.CrossRider, C:\Windows\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-1-7.job, In Quarantäne, [97c2a2b1bfcc1e182c6a9201d4303ec2], 
PUP.Optional.CrossRider, C:\Windows\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-10_user.job, In Quarantäne, [4e0b3b1896f550e6d4c27a192ed63ec2], 
PUP.Optional.CrossRider, C:\Windows\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-3.job, In Quarantäne, [144586cdef9c191d5a3c2f642ed6b64a], 
PUP.Optional.CrossRider, C:\Windows\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-5.job, In Quarantäne, [0c4dda797813e2548c0a4251ac5844bc], 
PUP.Optional.CrossRider, C:\Windows\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-5_user.job, In Quarantäne, [0c4dcc874447b680ade9b8dbe222ad53], 
PUP.Optional.CrossRider, C:\Windows\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-6.job, In Quarantäne, [29307cd7ddaea4921d79ccc774903bc5], 
PUP.Optional.CrossRider, C:\Windows\Tasks\797f0bc9-059d-44f8-99ad-697050651e58-7.job, In Quarantäne, [a0b92a29bad194a24c4a0e8543c13cc4], 
PUP.Optional.GlobalUpdate, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, In Quarantäne, [ef6a1a391c6f0432e6f77f2dd72da060], 
PUP.Optional.GlobalUpdate, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, In Quarantäne, [382178db5437340209d5317b43c131cf], 
PUP.Optional.GlobalUpdate, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, In Quarantäne, [d188391abccfb680cd13387449bbe020], 
PUP.Optional.GlobalUpdate, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, In Quarantäne, [55047cd73a51ee48eff27b316d975ba5], 
PUP.Optional.IOProtect, C:\Users\sabsn2\AppData\Local\Temp\WIZZ\ioprotect_conf.xml, In Quarantäne, [c3967cd73457f04650f8dfd3ed1717e9], 
PUP.Optional.IOProtect, C:\Users\sabsn2\AppData\Local\Temp\WIZZ\config.cfg, In Quarantäne, [c3967cd73457f04650f8dfd3ed1717e9], 
PUP.Optional.IOProtect, C:\Users\sabsn2\AppData\Local\Temp\WIZZ\ioproduct.exe, In Quarantäne, [c3967cd73457f04650f8dfd3ed1717e9], 
PUP.Optional.IOProtect, C:\Users\sabsn2\AppData\Local\Temp\WIZZ\ioproduct_service.bat, In Quarantäne, [c3967cd73457f04650f8dfd3ed1717e9], 
PUP.Optional.IOProtect, C:\Users\sabsn2\AppData\Local\Temp\WIZZ\ioprotect.exe, In Quarantäne, [c3967cd73457f04650f8dfd3ed1717e9], 
PUP.Optional.MixVideoPlayer, C:\Users\sabsn2\AppData\Local\mixvideoplayer\log.txt, In Quarantäne, [b7a21d363655b87e64a7dfdc669e7090], 
PUP.Optional.MixVideoPlayer, C:\Users\sabsn2\AppData\Local\mixvideoplayer\config\config.ini, In Quarantäne, [b7a21d363655b87e64a7dfdc669e7090], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\mixvideoplayer.affcode, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe, Löschen bei Neustart, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\DeleteTasks.exe, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\dotNetFx40_Full_setup.exe, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\FrameworkControl.exe, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\icon-uninstall.ico, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\icon.ico, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\LTV2.exe, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\LTVNetSdk.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Microsoft.Win32.TaskScheduler.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\mixUpdater.exe, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\MixVideoPlayer.exe, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\mixvideoplayer.uidnum, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Newtonsoft.Json.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\NLog.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\PhotoLoader.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\policy.2.0.taglib-sharp.config, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\policy.2.0.taglib-sharp.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Sider.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Snowplow.Tracker.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\taglib-sharp.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Controls\ifishplayer-icon2.ico, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Controls\Thumbs.db, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Hindi.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Arabic.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Bulgarian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Catalan.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\ChineseS.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\ChineseT.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Czech.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Danish.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Dutch.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\English.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Estonian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Finnish.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\French.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\German.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Greek.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\HaitianCreole.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Hebrew.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Hungarian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Indonesian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Italian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Japanese.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Korean.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Latvian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Lithuanian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Norwegian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Polish.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Portuguese.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Romanian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Russian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Slovak.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Slovenian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Spanish.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Swedish.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Thai.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Turkish.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Ukrainian.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Vietnamese.ini, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\extaudio.png, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\extvideo.png, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\ffmpeg.exe, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\ffmpeg.zip, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\folder.png, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\Interop.SHDocVw.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\libreria.png, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\mixChecker.exe, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\NDde.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\Newtonsoft.Json.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\PhotoLoader.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\policy.2.0.taglib-sharp.config, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\policy.2.0.taglib-sharp.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\taglib-sharp.dll, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\Thumbs.db, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Windows\logopeq-icon.ico, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Windows\Thumbs.db, In Quarantäne, [9bbeca89f794eb4b9379536809fbab55], 
PUP.Optional.MixVideoPlayer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer\Uninstall MixVideoPlayer.lnk, In Quarantäne, [cd8ce76cf497e84e58b5dfdc54b0b848], 
PUP.Optional.MixVideoPlayer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer\MixVideoPlayer.lnk, In Quarantäne, [cd8ce76cf497e84e58b5dfdc54b0b848], 
PUP.Optional.MixVideoPlayer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\WebBrowserMixVideoPlayer.lnk, In Quarantäne, [a8b1381bcfbcbc7a59b5a318986c857b], 
PUP.Optional.MixVideoPlayer, C:\Windows\System32\Tasks\MixVideoPlayer Update, In Quarantäne, [4e0b52012e5de25426e9d8e3d43028d8], 
PUP.Optional.PhraseProfessor, C:\Windows\System32\Tasks\PhraseProfessor Auto Updater 1.10.0.24 Core, In Quarantäne, [2930fc57f695ab8b2e2d417f877d38c8], 
PUP.Optional.PhraseProfessor, C:\Windows\System32\Tasks\PhraseProfessor Auto Updater 1.10.0.24 Pending Update, In Quarantäne, [2336f75cccbfe5518ecd3f8157add22e], 
PUP.Optional.ShoppingGate, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage, In Quarantäne, [dd7c044f5e2dbf77a2739c2e798b01ff], 
PUP.Optional.ShoppingGate, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal, In Quarantäne, [98c11a3998f3c96d977eb91119eb55ab], 
PUP.Optional.Vitruvian, C:\Users\sabsn2\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001, In Quarantäne, [2e2b2d2684078da9812cf0e46a9a8e72], 
PUP.Optional.Vitruvian, C:\Users\sabsn2\AppData\Local\Temp\vitruvian-installer-install-v0003, In Quarantäne, [aeab90c31f6cf6406548785c45bff10f], 
PUP.Optional.Vitruvian, C:\Users\sabsn2\AppData\Local\Temp\vitruvian-installer-processes-v0002, In Quarantäne, [f3668cc75c2f58deb5f8dafae51f07f9], 
PUP.Optional.Vitruvian, C:\Users\sabsn2\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001, In Quarantäne, [6eeba6ad800b1d19cedf993b7c88e51b], 
PUP.Optional.Vitruvian, C:\Users\sabsn2\AppData\Local\Temp\vitruvian-installer-uninstall-v0002, In Quarantäne, [1c3dd77c3d4ef244c9e4be163dc731cf], 
PUP.Optional.WebBar, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, In Quarantäne, [24359ab9e2a9ab8b4662dcf9828242be], 
PUP.Optional.OpenCandy, C:\Users\sabsn2\AppData\Roaming\OpenCandy\A2524C7C2B2D43DEAA56C237CAD0CDF0\TuneUpUtilities2013-2200218_de-DE.exe, In Quarantäne, [db7eba998209f14596b4ab5f39ca7789], 
PUP.Optional.GlobalUpdate, C:\Users\sabsn2\AppData\Local\Temp\comh.495724\globalupdateHelper.msi, In Quarantäne, [2039a7ac315a55e17ff1b2747b88966a], 
PUP.Optional.MixVideoPlayer, C:\Users\sabsn2\AppData\Local\com\MixVideoPlayer.exe_Url_0uxwaewrhelcgghll0o5cintgfcbqdxr\1.0.0.25\user.config, In Quarantäne, [b3a6480b414ad85ed8357cb2b35039c7], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\e5f1c743ef44d2a60a719dc983114601.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\421e8bf6f40112856e41dfacb0993166.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\main.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\api\183ab9f63635828c1af6663df55276ee.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\api\5f17574769e031bb6300c8c950e87335.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\api\684812260142f336c15d0c55926ddfaf.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\api\ad462337b57f518bd9117920ec1cd42a.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\api\b9bd146f140d6b7483e39daefa1ba899.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\api\pageAction.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\a1495dd961f1e10ba20284892952d88f.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\2811a69aa5851348969dc211b0157688.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\2fb5f59a410298ed6a732be567f72a02.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\38eb1bdbd124e042aba8107e008837ea.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\7178a7edab2cf092e84454e9beb25c2c.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\7ec0d859a779ca87c5771700396bac9a.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\8bc7e32c2bcf3f209686c119bf8e5268.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\8c4ec87ea130356b8fdafda8ff2e3e8b.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\8e3dbbbc4b9e9de63064fb965d2c6d37.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\a372f19238f6ba4c6cfcceea01f31cd4.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\a892c437569fa24fa6f336a90f6d8d9a.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\app_api.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\c4b2d5cc2cf1555a3e44f1ee595c7d18.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\c7f8219560d063a58bf49a355e089c3b.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\dc5a130a6f558ca2c7b22d0b491d6756.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\installer.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\popupResource\newPopup.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\js\lib\popupResource\popup.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\background.html, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\chromeCoreFilesIndex.txt, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\manifest.json, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\popup.html, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\Settings.json, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\manifest.xml, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins.json, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\281.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\102.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\104.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\119.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\13.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\14.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\17.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\178.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\179.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\180.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\184.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\19.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\195.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\200.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\220.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\223.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\231.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\232.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\234.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\242.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\246.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\252.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\253.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\273.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\288.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\300.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\311.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\334.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\335.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\339.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\345.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\354.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\356.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\376.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\380.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\385.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\390.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\391.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\4.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\419.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\424.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\47.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\64.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\7.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\78.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\80.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\9.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\91.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\plugins\97.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\userCode\background.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\extensionData\userCode\extension.js, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\icons\icon128.png, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\icons\icon16.png, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\icons\icon48.png, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 
PUP.Optional.CrossRider, C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh\1.26.102_0\icons\actions\1.png, In Quarantäne, [abae8fc4cdbe0531f242675b33d25ba5], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Logfile AdwCleaner

Code:

ATTFilter

# AdwCleaner v5.010 - Bericht erstellt am 05/10/2015 um 21:29:29
# Aktualisiert am 04/10/2015 von Xplode
# Datenbank : 2015-10-05.3 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : sabrina - IDEA-PC
# Gestartet von : C:\Users\sabsn2\Downloads\AdwCleaner_5.010.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\Amazon\ABB
[-] Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
[-] Ordner Gelöscht : C:\Program Files (x86)\predm
[-] Ordner Gelöscht : C:\Users\sabsn2\AppData\Local\globalUpdate
[!] Ordner Nicht Gelöscht : C:\Users\sabsn2\AppData\Local\globalUpdate

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\END

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Schlüssel Gelöscht : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update Pine Tree
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\283090f2-9d5a-48c7-8850-624e11a85d49
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
[-] Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKCU\Software\DAILYPCCLEAN
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\MixVideoPlayer
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\GlobalUpdate
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\DAILYPCCLEAN
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WebBar

***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7411 Bytes] ##########

Logfile JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Home x64
Ran by sabrina on 05.10.2015 at 21:39:36,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\sabsn2\Appdata\Local\com



~~~ Chrome

Successfully deleted: [Folder] C:\Users\sabsn2\Appdata\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh

[C:\Users\sabsn2\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\sabsn2\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
gegdfeiahlfolhcfioipjlkombmgbakh

[C:\Users\sabsn2\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\sabsn2\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  gegdfeiahlfolhcfioipjlkombmgbakh
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.10.2015 at 21:49:16,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

saaabsn · 05.10.2015, 20:56

Logfile FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
durchgeführt von sabrina (Administrator) auf IDEA-PC (05-10-2015 21:53:25)
Gestartet von C:\Users\sabsn2\Downloads
Geladene Profile: sabrina (Verfügbare Profile: UpdatusUser & sabrina)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-10-13] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-10-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-10-01] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Run: [Facebook Update] => C:\Users\sabsn2\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-02] (Facebook Inc.)
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Run: [Dropbox Update] => C:\Users\sabsn2\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Run: [Polaris Office Sync] => C:\Users\sabsn2\AppData\Roaming\PolarisOfficeLink\POLinkLauncher.exe [805112 2015-08-21] (Infraware)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ 0POLinkIconDone] -> {4931EE43-90CB-4D46-A50F-474D7C5D97BE} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 1POLinkIconFailed] -> {828F1FF1-021C-4EC0-A4F8-B1BFF6390DD3} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 2POLinkIconIng] -> {8AE3CBEA-8E21-4883-BFD0-925F5513F190} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 3POLinkIconProhibited] -> {DED0F1AF-0505-4FB7-83AA-C2E51FA0721F} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-01] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
Startup: C:\Users\sabsn2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{24c91061-0d0e-40ea-8c00-ab0d4c31f623}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{bf4280c7-ab38-45e7-87a3-0aa945d5bb20}: [DhcpNameServer] 192.168.100.254

Internet Explorer:
==================
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002 -> DefaultScope {DB3AE123-9657-4070-8E58-0C6F45B51DF5} URL = 
SearchScopes: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002 -> {DB3AE123-9657-4070-8E58-0C6F45B51DF5} URL = 
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-01] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\SysWOW64\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-01] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3210108916-3864258014-2341951935-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\sabsn2\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3210108916-3864258014-2341951935-1002: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-05]
CHR Extension: (Google Docs) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-05]
CHR Extension: (Google Drive) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-05]
CHR Extension: (YouTube) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Google-Suche) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-05]
CHR Extension: (avast! SafePrice) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-10-05]
CHR Extension: (Google Tabellen) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-05]
CHR Extension: (Google Docs Offline) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-05]
CHR Extension: (Avast Online Security) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-10-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-05]
CHR Extension: (Citavi Picker) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2015-10-05]
CHR Extension: (Google Mail) - C:\Users\sabsn2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-01] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-10-01] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
S2 ETDService; C:\Program Files\Elantech\ETDService.exe [135072 2015-08-20] (ELAN Microelectronics Corp.)
S2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-01] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-10-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-01] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454528 2015-10-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-01] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-01] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-01] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 21:49 - 2015-10-05 21:49 - 00001340 _____ C:\Users\sabsn2\Desktop\JRT.txt
2015-10-05 21:39 - 2015-09-29 20:17 - 01801288 _____ (Malwarebytes) C:\Users\sabsn2\Desktop\JRT.exe
2015-10-05 21:38 - 2015-10-05 21:38 - 01798976 _____ (Malwarebytes) C:\Users\sabsn2\Downloads\JRT.exe
2015-10-05 21:31 - 2015-10-05 21:31 - 00016148 _____ C:\WINDOWS\system32\IDEA-PC_sabrina_HistoryPrediction.bin
2015-10-05 20:57 - 2015-10-05 21:29 - 00000000 ____D C:\AdwCleaner
2015-10-05 20:55 - 2015-10-05 20:55 - 01681408 _____ C:\Users\sabsn2\Downloads\AdwCleaner_5.010.exe
2015-10-05 20:55 - 2015-10-05 20:55 - 00072416 _____ C:\Users\sabsn2\Desktop\mbam.txt
2015-10-05 19:34 - 2015-10-05 21:31 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-05 19:34 - 2015-10-05 19:34 - 00001186 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-05 19:34 - 2015-10-05 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-05 19:34 - 2015-10-05 19:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-05 19:34 - 2015-10-05 19:34 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-05 19:34 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-05 19:34 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-05 19:34 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-05 19:33 - 2015-10-05 19:34 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\sabsn2\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-05 19:30 - 2015-10-05 19:30 - 00001352 _____ C:\Users\sabsn2\Desktop\Revo Uninstaller.lnk
2015-10-05 19:30 - 2015-10-05 19:30 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-10-05 19:29 - 2015-10-05 19:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\sabsn2\Downloads\revosetup95.exe
2015-10-05 16:21 - 2015-10-05 16:21 - 00047910 _____ C:\Users\sabsn2\Downloads\Addition.txt
2015-10-05 16:19 - 2015-10-05 21:53 - 00020481 _____ C:\Users\sabsn2\Downloads\FRST.txt
2015-10-05 16:19 - 2015-10-05 21:53 - 00000000 ____D C:\FRST
2015-10-05 16:19 - 2015-10-05 16:19 - 02193920 _____ (Farbar) C:\Users\sabsn2\Downloads\FRST64.exe
2015-10-05 16:18 - 2015-10-05 16:18 - 01697792 _____ (Farbar) C:\Users\sabsn2\Downloads\FRST.exe
2015-10-05 16:00 - 2015-10-05 16:00 - 00012438 _____ C:\Users\sabsn2\Documents\hijackthis.log
2015-10-05 15:57 - 2015-10-05 15:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\sabsn2\Downloads\HijackThis_2.0.5.exe
2015-10-05 15:46 - 2015-10-05 15:46 - 00002571 _____ C:\Users\sabsn2\Desktop\Reimage2.lnk
2015-10-05 15:46 - 2015-10-05 15:46 - 00002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-05 15:46 - 2015-10-05 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-05 15:45 - 2015-10-05 21:50 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-05 15:45 - 2015-10-05 21:31 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-05 15:45 - 2015-10-05 15:45 - 00929872 _____ (Google Inc.) C:\Users\sabsn2\Downloads\ChromeSetup.exe
2015-10-05 15:45 - 2015-10-05 15:45 - 00004186 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-05 15:45 - 2015-10-05 15:45 - 00003954 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-05 15:44 - 2015-10-05 15:44 - 00002038 _____ C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-10-05 15:44 - 2015-10-05 15:44 - 00001978 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-10-05 15:44 - 2015-10-05 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-05 15:41 - 2015-10-01 23:32 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-10-05 15:38 - 2015-10-05 15:38 - 05656224 _____ (AVAST Software) C:\Users\sabsn2\Downloads\avast_internet_security_setup_online.exe
2015-10-05 14:53 - 2015-10-05 14:53 - 00003350 _____ C:\WINDOWS\System32\Tasks\{64D3BB65-D716-488F-AA7E-AE28D09AD7A9}
2015-10-05 14:38 - 2015-10-05 14:38 - 00003386 _____ C:\WINDOWS\System32\Tasks\{380D76D0-3C40-4CDD-A6C1-97DCD41DBCC2}
2015-10-05 14:30 - 2015-09-15 05:31 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-05 14:30 - 2015-09-15 05:31 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-04 19:22 - 2015-10-04 19:26 - 00000000 _____ C:\WINDOWS\lhe.exe
2015-10-04 19:12 - 2015-10-04 19:31 - 00000000 _____ C:\WINDOWS\mlhe.exe
2015-10-04 18:31 - 2015-10-04 18:31 - 00631808 _____ C:\WINDOWS\lhe.dat
2015-10-04 18:24 - 2015-10-05 21:31 - 00001038 _____ C:\WINDOWS\Tasks\NU0TOMlbp7jjX1EL8Y2A6I.job
2015-10-04 18:24 - 2015-10-04 18:24 - 00004188 _____ C:\WINDOWS\System32\Tasks\NU0TOMlbp7jjX1EL8Y2A6I
2015-10-04 18:23 - 2015-10-05 20:48 - 00000000 ____D C:\Program Files (x86)\dd360bc6-2e37-447d-98fa-b8d0040286e1
2015-10-04 18:23 - 2015-10-05 15:17 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-04 18:00 - 2015-10-04 18:00 - 00000000 ____D C:\Users\sabsn2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-02 00:13 - 2015-10-02 00:13 - 00001833 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-02 00:13 - 2015-10-02 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-02 00:12 - 2015-10-02 00:13 - 00000000 ____D C:\Program Files\iTunes
2015-10-02 00:12 - 2015-10-02 00:12 - 00000000 ____D C:\Program Files\iPod
2015-10-02 00:12 - 2015-10-02 00:12 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-02 00:10 - 2015-10-02 00:10 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-10-02 00:10 - 2015-10-02 00:10 - 00000000 ____D C:\Program Files\Bonjour
2015-10-02 00:10 - 2015-10-02 00:10 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-10-02 00:10 - 2015-10-02 00:10 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-10-01 23:57 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 23:57 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 23:57 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 23:57 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 23:57 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 23:57 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 23:57 - 2015-09-17 08:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 23:57 - 2015-09-17 08:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 23:57 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 23:57 - 2015-09-17 08:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-01 23:57 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 23:57 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 23:57 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 23:57 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 23:57 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-01 23:57 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 23:57 - 2015-09-17 07:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 23:57 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-01 23:57 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 23:57 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-01 23:57 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 23:57 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-01 23:56 - 2015-09-25 02:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 23:56 - 2015-09-25 02:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 23:56 - 2015-09-25 02:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 23:56 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-01 23:56 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-01 23:56 - 2015-09-25 01:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 23:56 - 2015-09-25 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 23:56 - 2015-09-25 01:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-01 23:56 - 2015-09-25 01:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 23:56 - 2015-09-25 01:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-01 23:56 - 2015-09-25 01:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 23:56 - 2015-09-25 01:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-01 23:56 - 2015-09-25 01:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 23:56 - 2015-09-25 01:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-01 23:56 - 2015-09-25 01:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 23:56 - 2015-09-25 01:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-01 23:56 - 2015-09-25 01:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 23:56 - 2015-09-25 01:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-01 23:56 - 2015-09-25 01:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 23:56 - 2015-09-25 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 23:56 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-01 23:56 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-01 23:56 - 2015-09-25 00:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 23:56 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-01 23:56 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-01 23:56 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-01 23:56 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-01 23:56 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-01 23:56 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-01 23:56 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-01 23:56 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 23:56 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 23:56 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 23:56 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 23:56 - 2015-09-17 08:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 23:56 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 23:56 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 23:56 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 23:56 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 23:56 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 23:56 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 23:56 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 23:56 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 23:56 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 23:56 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 23:56 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 23:56 - 2015-09-17 08:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 23:56 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 23:56 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 23:56 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 23:56 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 23:56 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 23:56 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 23:56 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 23:56 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 23:56 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 23:56 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 23:56 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 23:56 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 23:56 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 23:56 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 23:56 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 23:56 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 23:56 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 23:56 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 23:56 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 23:56 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 23:56 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 23:56 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 23:56 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 23:56 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 23:56 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 23:56 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 23:56 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 23:56 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 23:56 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 23:56 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 23:56 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 23:56 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 23:56 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 23:56 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 23:56 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 23:56 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 23:56 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 23:56 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 23:56 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 23:56 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 23:56 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 23:56 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 23:56 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 23:56 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 23:56 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 23:56 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 23:56 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 23:56 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 23:56 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 23:56 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 23:56 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 23:56 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 23:56 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 23:56 - 2015-09-17 07:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-10-01 23:56 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 23:56 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 23:56 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 23:56 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 23:56 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 23:56 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 23:56 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 23:56 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 23:56 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 23:56 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 23:56 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 23:56 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 23:56 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 23:56 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 23:56 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 23:56 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 23:56 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 23:56 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 23:56 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 23:56 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 23:56 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 23:56 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 23:56 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 23:56 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 23:56 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 23:56 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 23:56 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 23:56 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 23:56 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 23:56 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 23:56 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 23:56 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 23:56 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 23:56 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 23:56 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 23:56 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-01 23:56 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-01 23:56 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 23:56 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 23:56 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 23:56 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 23:56 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 23:56 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 23:56 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 23:56 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 23:56 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 23:56 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 23:56 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 23:56 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 23:56 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 23:56 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 23:32 - 2015-10-01 23:32 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-10-01 23:28 - 2015-10-01 23:28 - 00454528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-09-16 21:39 - 2015-09-16 21:39 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-09-16 21:22 - 2015-09-16 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2015-09-16 21:21 - 2015-04-18 10:26 - 00427224 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2015-09-16 21:21 - 2014-11-26 11:01 - 00004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.dat
2015-09-16 21:19 - 2015-10-05 21:42 - 00297690 _____ C:\Users\Public\CAFADEBUG.log
2015-09-16 21:19 - 2015-09-16 21:19 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2015-09-16 21:16 - 2015-09-16 21:16 - 07231400 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 03153264 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64A96.DLL
2015-09-16 21:16 - 2015-09-16 21:16 - 01991784 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 01052208 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64BP16.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 00431048 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CSpkExt64.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 00340656 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 00283928 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 00151791 _____ C:\WINDOWS\system32\Drivers\DS1Parm.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00071024 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxPageMaster64.dll
2015-09-16 21:16 - 2015-09-16 21:16 - 00014718 _____ C:\WINDOWS\system32\Drivers\MicGain.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00011842 _____ C:\WINDOWS\system32\Drivers\EdgeEQ.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00010107 _____ C:\WINDOWS\system32\Drivers\MicEQ.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00008269 _____ C:\WINDOWS\system32\Drivers\AFA.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00006520 _____ C:\WINDOWS\system32\Drivers\ISAPSII.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00006312 _____ C:\WINDOWS\system32\Drivers\FXMisc.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00003657 _____ C:\WINDOWS\system32\Drivers\BIT_CLK.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00003027 _____ C:\WINDOWS\system32\Drivers\SPKVol.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00002171 _____ C:\WINDOWS\system32\Drivers\OrVerbs.ini
2015-09-16 21:16 - 2015-09-16 21:16 - 00001816 _____ C:\WINDOWS\system32\Drivers\ALTMIXER.INI
2015-09-16 21:13 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-16 21:13 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-16 21:13 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-16 21:12 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-16 21:12 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-16 21:12 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-16 21:12 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-16 21:12 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-16 21:12 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-16 21:12 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-16 21:12 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-16 21:12 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-16 21:12 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-16 21:12 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-16 21:12 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-16 21:12 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-16 21:12 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-16 21:12 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-16 21:12 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-16 21:12 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-16 21:12 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-16 21:12 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-16 21:12 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-16 21:12 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 21:38 - 2015-08-17 05:47 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-05 21:38 - 2015-07-10 18:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-05 21:38 - 2015-07-10 18:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-05 21:33 - 2015-04-29 16:36 - 00000000 ___RD C:\Users\sabsn2\Documents\Polaris Office
2015-10-05 21:33 - 2014-07-13 12:09 - 00000000 ___RD C:\Users\sabsn2\Dropbox
2015-10-05 21:33 - 2014-07-13 12:04 - 00000000 ____D C:\Users\sabsn2\AppData\Roaming\Dropbox
2015-10-05 21:32 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-05 21:32 - 2014-04-09 20:12 - 00000000 ____D C:\Users\sabsn2\AppData\Local\HTC MediaHub
2015-10-05 21:31 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-05 21:30 - 2015-08-17 05:12 - 00142350 _____ C:\WINDOWS\PFRO.log
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-05 21:30 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-05 21:29 - 2012-10-13 16:50 - 00000000 ____D C:\Program Files (x86)\Amazon
2015-10-05 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-05 20:46 - 2014-02-15 21:46 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DBB5FBF8-2C7F-4F39-816B-FBC61A5C4C86}
2015-10-05 20:22 - 2015-06-13 11:11 - 00001246 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA.job
2015-10-05 20:22 - 2014-01-02 21:17 - 00000948 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA.job
2015-10-05 20:22 - 2014-01-02 21:17 - 00000926 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002Core.job
2015-10-05 17:13 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-05 15:58 - 2013-01-05 14:44 - 00000000 ____D C:\Users\sabsn2\AppData\Local\VirtualStore
2015-10-05 15:46 - 2013-01-05 17:27 - 00000000 ____D C:\Users\sabsn2\AppData\Local\Google
2015-10-05 15:46 - 2013-01-05 17:27 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-05 15:42 - 2013-07-31 20:08 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-10-05 15:32 - 2015-04-29 16:35 - 00000000 ____D C:\Users\sabsn2\AppData\Roaming\PolarisOfficeLink
2015-10-05 14:33 - 2012-07-26 07:26 - 00000218 _____ C:\WINDOWS\win.ini
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-05 14:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-04 18:27 - 2015-08-22 11:25 - 00000000 ____D C:\Users\sabsn2\AppData\Local\MicrosoftEdge
2015-10-04 18:17 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-04 17:55 - 2015-07-11 18:16 - 00000000 ____D C:\ProgramData\EPSON
2015-10-04 17:54 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-04 16:36 - 2015-07-10 14:20 - 00028885 _____ C:\WINDOWS\setupact.log
2015-10-02 00:12 - 2013-01-05 19:11 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-02 00:10 - 2013-01-05 19:12 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-01 23:32 - 2014-07-13 12:22 - 00153744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-10-01 23:32 - 2014-07-13 12:22 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-10-01 23:32 - 2013-07-31 20:09 - 00448968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-10-01 23:32 - 2013-07-31 20:09 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-10-01 23:32 - 2013-07-31 20:08 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-10-01 23:32 - 2013-07-31 20:08 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-10-01 23:32 - 2013-07-31 20:08 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-10-01 23:30 - 2014-12-10 17:52 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-10-01 23:30 - 2013-07-31 20:08 - 01049880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-10-01 23:25 - 2015-08-17 19:48 - 00002410 _____ C:\Users\sabsn2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-01 23:25 - 2015-08-17 19:48 - 00000000 ___RD C:\Users\sabsn2\OneDrive
2015-10-01 23:19 - 2015-07-10 14:20 - 00274160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-01 23:17 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-01 21:30 - 2015-08-17 06:07 - 00000000 ____D C:\Windows.old
2015-09-17 02:08 - 2014-07-14 14:49 - 00000000 ____D C:\Users\sabsn2\Desktop\Sabrina_
2015-09-16 21:59 - 2013-01-05 16:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-16 21:53 - 2015-05-28 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-16 21:39 - 2013-08-26 13:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-16 21:19 - 2015-08-17 05:19 - 00000000 ____D C:\Program Files\CONEXANT
2015-09-16 21:16 - 2012-10-13 16:27 - 00000000 ____D C:\ProgramData\Conexant
2015-09-16 21:16 - 2012-08-22 10:52 - 01317096 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\Drivers\CHDRT64.sys
2015-09-16 20:45 - 2013-01-05 14:44 - 00000000 ____D C:\Users\sabsn2\AppData\Local\Packages

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I
2012-10-13 16:29 - 2012-10-13 16:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\sabsn2\AppData\Local\Temp\beeeaegeij.exe
C:\Users\sabsn2\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzerfya.dll
C:\Users\sabsn2\AppData\Local\Temp\sqlite3.dll
C:\Users\sabsn2\AppData\Local\Temp\UninstallModule.exe


Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\lhe.exe
C:\Windows\mlhe.exe

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-04 18:11

==================== Ende von FRST.txt ============================

Logfile Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von sabrina (2015-10-05 21:54:17)
Gestartet von C:\Users\sabsn2\Downloads
Windows 10 Home (X64) (2015-08-17 17:42:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3210108916-3864258014-2341951935-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3210108916-3864258014-2341951935-503 - Limited - Disabled)
Gast (S-1-5-21-3210108916-3864258014-2341951935-501 - Limited - Disabled)
sabrina (S-1-5-21-3210108916-3864258014-2341951935-1002 - Administrator - Enabled) => C:\Users\sabsn2
UpdatusUser (S-1-5-21-3210108916-3864258014-2341951935-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-Bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Avast Internet Security (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software)
Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre 64bit (HKLM\...\{C5D7991D-5C4F-475D-BF58-89A068A2FF14}) (Version: 2.25.0 - Kovid Goyal)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
DMG Extractor (HKLM-x32\...\DMGExtractor) (Version: 1.1.1.1 - Reincubate Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version:  - SEIKO EPSON Corporation)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.1901 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}) (Version: 1.12.824.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{4041B18B-DE30-4D78-9D60-6ADC586C5E00}) (Version: 2.1.003.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5926 - Lenovo)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.110.06300 (HKLM-x32\...\{15023164-F226-9ECA-D0CB-59AB4B40D222}) (Version: 2.12.110.06300 - Sony)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mixxx 1.11.0 (HKLM-x32\...\Mixxx (1.11.0)) (Version: 1.11.0 - The Mixxx Development Team)
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Polaris Office Sync (HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\...\InstallShield_{A4870391-70B1-45CA-A67E-55E481D3ABBF}) (Version: 2.000.002 - Infraware)
Polaris Office Sync (x32 Version: 2.000.002 - Infraware) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
VirtualDJ 8 (HKLM-x32\...\{85E12659-D3A1-4583-BA1C-95DF53C3C632}) (Version: 8.0.2087.0 - Atomix Productions)
Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version:  - )
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3210108916-3864258014-2341951935-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

16-09-2015 21:14:25 Windows Update
01-10-2015 21:26:02 Windows Update
05-10-2015 14:50:22 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0DDE4E1A-1498-4E4E-95BE-71A9C4701A16} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-01] (AVAST Software)
Task: {1021FD29-0911-45C4-B197-632709EBF24A} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {11588F70-8A9B-4E40-8217-9D2FEA6EAD67} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-17] ()
Task: {284ECFB1-2F5B-4344-8926-32F4E5095236} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {2D7441B9-98BA-4FC3-92AE-49FF3D8DF7F8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {33B7B525-D98C-419A-8484-0C8F77A245C4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3547212E-8C13-42D9-9BEF-CB8BFE9BEB77} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {39317E5D-6F22-4FD4-A26B-14697B25917D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3CB8898E-5764-4F91-ACB9-A83CF97AF82E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {45D63B78-99E9-4F53-A32B-077DFF59AD84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {490CB0AD-129F-4F40-9512-E6E58F8E0FE4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo)
Task: {4E56180E-9FF6-4212-B119-ECC25B687BBA} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {4F0503AD-BBAE-4285-8C92-BDEE3166591A} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {526FF07A-3483-474E-84D3-42D520CAE183} - System32\Tasks\{380D76D0-3C40-4CDD-A6C1-97DCD41DBCC2} => pcalua.exe -a "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\39.5.2171.95\Installer\setup.exe" -c --uninstall --system-level
Task: {56037FF6-8EF5-48DA-B0C2-700831BAD194} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {59CBD501-694D-4149-85FA-79B176031EC2} - System32\Tasks\NU0TOMlbp7jjX1EL8Y2A6I => C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe <==== ACHTUNG
Task: {650A47C9-A842-48CA-BCD4-6253EE112F28} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {7194DBCD-24BE-4C52-862C-AC3EC3D589F7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {77D0F98A-4B19-4B10-B676-8F31A002FD1A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {84DF59E3-1A20-4047-B44E-80531901C77A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002Core => C:\Users\sabsn2\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-02] (Facebook Inc.)
Task: {889859D1-5298-4270-8F0F-63BE35ECF79A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {894598E7-9A63-43BC-9014-84F759417A4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.)
Task: {8C5C47F8-9B5C-4EB3-9C30-EAAEFEA7A18A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8FE0AE77-E3AD-4B12-8BD6-5B22B947A01A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A250CB00-9627-4C0A-B911-C24BE122B567} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA => C:\Users\sabsn2\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {AACB71E6-5050-426B-AE58-9A4F99B6D817} - \PhraseProfessor Auto Updater 1.10.0.24 Pending Update -> Keine Datei <==== ACHTUNG
Task: {B25A98CD-E9F0-4E47-A3F1-ECCA64B373BA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {B720BA1C-4A9F-487C-B198-2C5CF3AEF4A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.)
Task: {BB1F935A-5703-463F-9E01-FE63B59D743C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA => C:\Users\sabsn2\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-02] (Facebook Inc.)
Task: {C9BAA96C-8B0C-445C-A170-A2F3B23F57B5} - System32\Tasks\{64D3BB65-D716-488F-AA7E-AE28D09AD7A9} => pcalua.exe -a "C:\ProgramData\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe" -c  /uninstall
Task: {CDFAA8E1-57D2-4949-B072-501DA1314F00} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002Core => C:\Users\sabsn2\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {CF728EC6-2925-4F42-A1F5-D63072EEA13E} - \PhraseProfessor Auto Updater 1.10.0.24 Core -> Keine Datei <==== ACHTUNG
Task: {F3B44ECB-CF8C-4031-8E51-71B149FA7EEE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F8E09B88-FB2F-4E54-A770-0C216FA7E6A5} - \MixVideoPlayer Update -> Keine Datei <==== ACHTUNG
Task: {FFC4CD42-D328-433C-A098-6737AE7C8470} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {FFD54620-26F0-4A2E-A540-9DB409DDDAE5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002Core.job => C:\Users\sabsn2\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA.job => C:\Users\sabsn2\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002Core.job => C:\Users\sabsn2\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3210108916-3864258014-2341951935-1002UA.job => C:\Users\sabsn2\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\NU0TOMlbp7jjX1EL8Y2A6I.job => C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-17 06:06 - 2015-08-17 06:06 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-08-20 17:10 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-01 23:57 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 23:57 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 23:56 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 23:57 - 2015-09-17 07:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 23:56 - 2015-09-17 07:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 23:56 - 2015-09-17 07:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 23:57 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-01 23:32 - 2015-10-01 23:32 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-10-01 23:32 - 2015-10-01 23:32 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-05 20:51 - 2015-10-05 20:51 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15100501\algo.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-01 23:32 - 2015-10-01 23:32 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\sabsn2\SkyDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3210108916-3864258014-2341951935-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\sabsn2\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F8EB35CB-726A-420D-B30C-15E5BDCF67B9}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{79DC2D5E-8D3B-4128-B352-5D463F26EDBA}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{6E2CC710-1CB3-4A2C-8B35-31BA56485F70}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{BB52814F-4C76-4C6B-B28C-AEE0CF061C4A}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{BC4FB4FD-261F-48E5-8E36-B37DE35BD54C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4CE0AFD1-2F1A-4E79-AF25-5E27901B56C5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E504A362-E0D8-469F-A5AA-77569D98CA64}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{11AE146C-2725-427C-9F38-22FD21BD0DBE}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{6B625630-EE99-4DDD-AAE9-B600AC38F1B0}] => (Allow) C:\Users\sabsn2\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [UDP Query User{817E6AA6-544B-404B-82F5-F510EA136E56}C:\users\sabsn2\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sabsn2\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{6E8F6C63-E98B-46CF-BACA-B2A08FF3A8A8}C:\users\sabsn2\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sabsn2\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4D4EB4EA-FDD7-45C8-971A-39628C62FF48}] => (Allow) C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0CFE6BBD-32C4-4123-96C7-72E16A26AA8C}] => (Allow) C:\Users\sabsn2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3577A558-1BA4-460B-983C-ECE5BF62AE5C}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{7C8C1A7E-4432-4647-9FE0-EA286B23531A}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{64427EEA-E847-4818-B07E-2CF32307368E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8244FE76-8D14-44E2-843F-CA704E0A564A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B9D67807-CF92-4AF2-A442-B31540DFC600}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{2D429701-690A-45EF-AF40-C1D4852F97FD}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E2F7E1DD-2FCD-4C16-8404-978E14BE4697}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{2F56221F-36E3-4479-BEF0-86ECD9DAB3DB}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [TCP Query User{E098A345-8190-4880-B878-D3D6411C0B6F}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{D0593163-3959-4A88-BFE5-6D967AE5E225}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [TCP Query User{C1005CA9-B887-4120-84DD-E310469E0638}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{BA13C19D-35D8-423D-B7C3-8DBCDFFF4153}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [{4CE2452F-BCB1-4FBA-AC59-B98C7A35C3AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7173893C-7376-4005-A1A0-6AD4296D3060}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E6C87404-93BA-405F-BD4C-5BB35882BC55}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CC52DFA4-553E-44C5-88FC-2C11723D77DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D9280271-CC08-4CE1-B9F4-7C68916AF176}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C78AEF9E-9989-4834-9310-5AC4F6E72513}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe
FirewallRules: [{E7D00B7B-5416-4421-8A99-A631900E5B21}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/05/2015 08:43:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 841984

Error: (10/05/2015 08:43:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 841984

Error: (10/05/2015 08:43:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/05/2015 07:28:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3638750

Error: (10/05/2015 07:28:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3638750

Error: (10/05/2015 07:28:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/05/2015 03:22:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SearchUI.exe, Version: 10.0.10240.16515, Zeitstempel: 0x55fa5578
Name des fehlerhaften Moduls: CortanaApi.dll, Version: 0.0.0.0, Zeitstempel: 0x55fa5354
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000013e739
ID des fehlerhaften Prozesses: 0xe60
Startzeit der fehlerhaften Anwendung: 0xSearchUI.exe0
Pfad der fehlerhaften Anwendung: SearchUI.exe1
Pfad des fehlerhaften Moduls: SearchUI.exe2
Berichtskennung: SearchUI.exe3
Vollständiger Name des fehlerhaften Pakets: SearchUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SearchUI.exe5

Error: (10/05/2015 03:21:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11e4

Startzeit: 01d0ff7056849459

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Berichts-ID: fa994b9c-6b63-11e5-bf06-b888e38bddf2

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI

Error: (10/05/2015 03:21:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: idea-PC)
Description: Das Paket „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (10/05/2015 02:50:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (10/05/2015 09:43:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/05/2015 09:43:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/05/2015 09:43:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/05/2015 09:42:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/05/2015 09:42:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Internet Pass-Through Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/05/2015 09:42:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/05/2015 09:42:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HTCMonitorService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/05/2015 09:42:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/05/2015 09:42:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/05/2015 09:42:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Elan Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8055.77 MB
Verfügbarer physikalischer RAM: 5972.47 MB
Summe virtueller Speicher: 9335.77 MB
Verfügbarer virtueller Speicher: 7299.22 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:418.09 GB) (Free:166.5 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.36 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DFDDBEBB)

Partition: GPT.

==================== Ende von Addition.txt ============================

So das war's dann jetzt =)
Vielen Dank für die Beschreibung. Hat alles sehr gut geklappt =) hoffe die Werbung lässt sich auch nicht mehr blicken

Deathkid535 · 06.10.2015, 11:42

Hi,

wir sind noch nicht ganz durch

Schritt # 1: FRST

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Task: {59CBD501-694D-4149-85FA-79B176031EC2} - System32\Tasks\NU0TOMlbp7jjX1EL8Y2A6I => C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\NU0TOMlbp7jjX1EL8Y2A6I.job => C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe <==== ACHTUNG
C:\Windows\lhe.exe
C:\Windows\mlhe.exe
C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt # 2: ESET

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt # 3: EEK

Lade Dir bitte von hier

Emsisoft Emergency Kit herunter.

Bitte installiere das Programm in den vorgegebenen Pfad.
Starte das Programm durch Doppelklick der Desktopverknüpfung.
Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.

Schritt # 4: FRST

Noch ein frisches FRST-Log bitte

Schritt # 5: Frage

Tritt das Problem immer noch auf?

Schritt # 6: Bitte Posten

Das Fixlog von FRST
Das Log von ESET
Das Log von EEK
Das frische FRST Log
Rückmeldung auf meine Frage

saaabsn · 06.10.2015, 20:13

Fixlog

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von sabrina (2015-10-06 21:06:45) Run:1
Gestartet von C:\Users\sabsn2\Downloads
Geladene Profile: sabrina (Verfügbare Profile: UpdatusUser & sabrina)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Task: {59CBD501-694D-4149-85FA-79B176031EC2} - System32\Tasks\NU0TOMlbp7jjX1EL8Y2A6I => C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\NU0TOMlbp7jjX1EL8Y2A6I.job => C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe <==== ACHTUNG
C:\Windows\lhe.exe
C:\Windows\mlhe.exe
C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe
EmptyTemp:
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{59CBD501-694D-4149-85FA-79B176031EC2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59CBD501-694D-4149-85FA-79B176031EC2}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\NU0TOMlbp7jjX1EL8Y2A6I => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NU0TOMlbp7jjX1EL8Y2A6I" => Schlüssel erfolgreich entfernt
C:\WINDOWS\Tasks\NU0TOMlbp7jjX1EL8Y2A6I.job => erfolgreich verschoben
C:\Windows\lhe.exe => erfolgreich verschoben
C:\Windows\mlhe.exe => erfolgreich verschoben
"C:\Users\sabsn2\AppData\Roaming\NU0TOMlbp7jjX1EL8Y2A6I.exe" => Datei/Ordner nicht gefunden.
EmptyTemp: => 888.2 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.. 

==== Ende von Fixlog 21:07:53 ====

Deathkid535 · 07.10.2015, 18:01

Hi,

vergiss nicht auf die restlichen Logs

saaabsn · 07.10.2015, 20:24

Jo, bin jetzt dabei. Bin gestern abend beim warten eingeschlafen =)

saaabsn · 08.10.2015, 21:15

Also kurze Info: Mit dem Eset Online Scanner komme ich nicht voran, der braucht bei mir eine Ewigkeit, bis er seinen Scan durchgeführt hat. Jetzt war ich die letzten beiden Tage sehr beschäftigt und abends zu müde. Schaue, was heute Abend gemacht werden kann, den Rest versuche ich morgen zu machen.

LG

Deathkid535 · 08.10.2015, 21:19

OK

saaabsn · 08.10.2015, 21:47

EEK-Log

Code:

ATTFilter

Emsisoft Emergency Kit - Version 10.0
Letztes Update: 08.10.2015 22:24:36
Benutzerkonto: idea-PC\sabrina

Scan-Einstellungen:

Scan-Methode: Malware-Scan
Objekte: Rootkits, Speicher, Traces, Dateien

PUPs-Erkennung: An
Archiv-Scan: Aus
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan-Beginn:	08.10.2015 22:25:56
Value: HKEY_USERS\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR 	Gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS 	Gefunden: Setting.DisableRegistryTools (A)
C:\Users\sabsn2\AppData\Local\Microsoft\Windows\INetCache\IE\Y9JAJSO4\Stub[1].exe 	Gefunden: Application.Win32.AdConnect (A)

Gescannt:	81620
Gefunden	3

Scan-Ende:	08.10.2015 22:38:01
Scan-Zeit:	0:12:05

C:\Users\sabsn2\AppData\Local\Microsoft\Windows\INetCache\IE\Y9JAJSO4\Stub[1].exe	Quarantäne Application.Win32.AdConnect (A)
Value: HKEY_USERS\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS	Quarantäne Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-3210108916-3864258014-2341951935-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR	Quarantäne Setting.DisableTaskMgr (A)

Quarantäne	3

05.10.2015, 15:15	#3
Deathkid535 /// Malwareteam	Ständig erscheint Werbung im neuen Fenster Ich war schneller __________________ __________________

07.10.2015, 18:01	#11
Deathkid535 /// Malwareteam	Ständig erscheint Werbung im neuen Fenster Hi, vergiss nicht auf die restlichen Logs __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

08.10.2015, 21:19	#14
Deathkid535 /// Malwareteam	Ständig erscheint Werbung im neuen Fenster OK __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

Ständig erscheint Werbung im neuen Fenster

Log-Analyse und Auswertung: Ständig erscheint Werbung im neuen Fenster