DOS-Fenster erscheint ständig und WLAN-Verbindung wird unterbrochen

Caro88 · 23.10.2015, 21:12

Hallo!

Seit einiger Zeit erscheint in zunehmender Häufigkeit ein DOS-Fenster für einen Moment (zu kurz, um den Inhalt lesen zu können), parallel werden Anwendungen (während ich z. B. ein Spiel spiele, lande ich auf dem Desktop) unterbrochen.

Zudem (Zusammenhang unbekannt) wird in zunehmender Häufigkeit die WLAN-Verbindung unterbrochen. Dann hilft meistens nur ein Neustart, manchmal reicht das erneute Verbinden mit dem WLAN-Netzwerk.

Ich habe die Befürchtung, dass ich mir etwas Böses eingefangen habe.
Es wäre sehr nett, wenn jemand sich mal das Log anschauen und Feedback geben könnte.
Habe es nach der Anleitung im Forum ausgeführt.

Herzlichen Dank im Voraus.

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015 01
durchgeführt von Carolin (Administrator) auf HADES (23-10-2015 21:56:54)
Gestartet von C:\Users\Carolin\Desktop\farbar
Geladene Profile: Carolin (Verfügbare Profile: Carolin)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\ToolbarUpdater.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\loggingserver.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Carolin\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-06] (Synaptics Incorporated)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [393480 2015-03-19] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-06-03] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3812264 2015-10-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3177360 2015-10-04] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [593216 2015-08-31] (Razer Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1130408 2015-10-16] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3996613314-1560783230-883804363-1001\...\Run: [HP ENVY 5530 series (NET)] => C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3996613314-1560783230-883804363-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-3996613314-1560783230-883804363-1001\...\MountPoints2: {25325810-a4a8-11e3-8254-fcf8aea692b6} - "E:\SETUP.EXE" 
HKU\S-1-5-21-3996613314-1560783230-883804363-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{80902F78-02E4-4D82-8E90-B6D40F1ABA2E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3996613314-1560783230-883804363-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000
HKU\S-1-5-21-3996613314-1560783230-883804363-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={E75BA48D-FC74-4C7F-923A-032ECABEC782}&mid=2370ea619b4d47d2a1ee2db1e8427b45-a224426353cf7b4cc310fb1a991878a7d0c78456&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-07 09:01:56&v=4.1.4.948&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3996613314-1560783230-883804363-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3996613314-1560783230-883804363-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3996613314-1560783230-883804363-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E75BA48D-FC74-4C7F-923A-032ECABEC782}&mid=2370ea619b4d47d2a1ee2db1e8427b45-a224426353cf7b4cc310fb1a991878a7d0c78456&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-07 09:01:56&v=4.1.4.948&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3996613314-1560783230-883804363-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000
SearchScopes: HKU\S-1-5-21-3996613314-1560783230-883804363-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E75BA48D-FC74-4C7F-923A-032ECABEC782}&mid=2370ea619b4d47d2a1ee2db1e8427b45-a224426353cf7b4cc310fb1a991878a7d0c78456&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-07 09:01:56&v=4.1.4.948&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3996613314-1560783230-883804363-1001 -> {DEDDB23D-5099-4E95-9D7B-CD7914AD6717} URL = 
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.8.599\AVG Web TuneUp.dll [2015-10-04] (AVG)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.8.599\AVG Web TuneUp.dll [2015-10-04] (AVG)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll [2014-12-16] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxps://mysearch.avg.com?pid={E75BA48D-FC74-4C7F-923A-032ECABEC782}&sg=&cid={E75BA48D-FC74-4C7F-923A-032ECABEC782}&mid=2370ea619b4d47d2a1ee2db1e8427b45-a224426353cf7b4cc310fb1a991878a7d0c78456&cmpid=1214tb&ds=AVG&v=4.1.0.411&lang=de&pr=fr&d=2014-11-07%2009%3A01%3A56&sap=hp
FF Keyword.URL: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&fr=linkury-tb&installDate=06/03/2014&type=hp1000&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2013-12-31] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.8\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-28] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2013-12-31] (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\searchplugins\avg-secure-search.xml [2015-05-05]
FF SearchPlugin: C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\searchplugins\Web Search.xml [2014-03-06]
FF SearchPlugin: C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\searchplugins\youtube.xml [2014-10-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-10-04]
FF Extension: WEB.DE MailCheck - C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\Extensions\browser-mailcheck@web.de [2015-08-08]
FF Extension: Adblock Plus - C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604712 2015-10-12] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3792880 2015-10-12] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [596344 2015-10-12] (AVG Technologies CZ, s.r.o.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-10-15] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-28] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2014-04-04] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
R2 vToolbarUpdater40.1.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\ToolbarUpdater.exe [1875856 2015-10-04] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-10-04] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-09-11] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [293296 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [251312 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-31] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [119240 2013-10-15] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3494680 2015-03-09] (Intel Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-06] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-09-06] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-23 21:56 - 2015-10-23 21:56 - 00000000 ____D C:\FRST
2015-10-23 21:54 - 2015-10-23 21:56 - 00000000 ____D C:\Users\Carolin\Desktop\farbar
2015-10-23 21:45 - 2015-10-23 21:45 - 00000000 ____D C:\Users\Carolin\AppData\Roaming\AVG
2015-10-23 21:39 - 2015-10-23 21:40 - 00000000 ____D C:\Users\Carolin\AppData\Local\AvgSetupLog
2015-10-23 21:26 - 2015-10-23 21:26 - 00000000 __HDC C:\ProgramData\{AA6BF06E-316C-487A-9BC2-5F06A43C56B1}
2015-10-20 11:37 - 2015-10-20 12:21 - 00000000 ____D C:\Users\Carolin\Desktop\offene Bewerbungen
2015-10-16 09:58 - 2015-10-16 23:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-15 22:24 - 2015-09-19 05:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 22:24 - 2015-09-18 15:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 22:24 - 2015-09-18 15:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-15 22:24 - 2015-09-18 15:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 22:24 - 2015-09-18 15:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 22:24 - 2015-09-18 15:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 22:24 - 2015-09-18 15:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-14 19:22 - 2015-10-14 19:22 - 00000000 ____D C:\Program Files (x86)\Dell Customer Connect
2015-10-14 01:56 - 2015-08-07 23:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 01:56 - 2015-08-07 23:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-14 01:56 - 2015-08-07 23:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-14 01:56 - 2015-08-07 16:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 01:56 - 2015-08-06 18:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-14 01:56 - 2015-08-06 18:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-14 01:55 - 2015-09-29 14:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 01:55 - 2015-09-29 14:31 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 01:55 - 2015-09-29 14:31 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-14 01:55 - 2015-09-29 14:31 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 01:55 - 2015-09-29 14:31 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-14 01:55 - 2015-09-24 18:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-10-14 01:55 - 2015-09-24 18:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-10-14 01:55 - 2015-09-10 20:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 01:55 - 2015-09-10 19:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 01:55 - 2015-08-27 04:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 01:55 - 2015-08-27 04:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 01:55 - 2015-08-07 23:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 01:55 - 2015-08-07 23:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 01:55 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-10-14 01:55 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-10-14 01:54 - 2015-09-29 14:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 01:54 - 2015-09-28 20:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 01:54 - 2015-09-28 20:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-10-14 01:54 - 2015-09-28 20:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 01:54 - 2015-09-28 20:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 01:54 - 2015-09-28 20:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 01:54 - 2015-09-28 20:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 01:54 - 2015-09-28 20:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 01:54 - 2015-09-28 20:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 01:54 - 2015-09-28 20:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 01:54 - 2015-09-28 20:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 01:54 - 2015-09-28 20:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 01:54 - 2015-09-10 19:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 01:54 - 2015-09-10 19:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 01:54 - 2015-09-10 19:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 01:54 - 2015-09-10 19:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 01:54 - 2015-09-10 19:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 01:54 - 2015-09-10 19:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 01:54 - 2015-09-10 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 01:54 - 2015-09-10 18:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 01:54 - 2015-09-10 18:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 01:54 - 2015-09-10 18:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 01:54 - 2015-09-10 18:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 01:54 - 2015-09-10 18:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 01:54 - 2015-09-10 18:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-10-14 01:54 - 2015-09-10 18:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 01:54 - 2015-09-10 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 01:54 - 2015-09-10 18:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 01:54 - 2015-09-10 18:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 01:54 - 2015-09-10 18:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 01:54 - 2015-09-10 18:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 01:54 - 2015-09-10 18:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 01:54 - 2015-09-10 18:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 01:54 - 2015-09-10 18:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 01:54 - 2015-09-10 18:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 01:54 - 2015-09-10 18:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 01:54 - 2015-09-10 18:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 01:54 - 2015-09-10 18:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-10-14 01:54 - 2015-09-10 18:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 01:54 - 2015-09-10 17:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 01:54 - 2015-09-10 17:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 01:54 - 2015-09-10 17:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 01:54 - 2015-09-10 17:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 01:54 - 2015-09-10 17:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 01:54 - 2015-09-10 17:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 01:54 - 2015-09-10 17:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 01:54 - 2015-09-10 17:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 01:54 - 2015-09-10 17:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 01:54 - 2015-09-10 17:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 01:54 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 01:54 - 2015-07-16 20:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2015-10-01 00:44 - 2015-10-01 00:48 - 00000000 ____D C:\Users\Carolin\AppData\Local\Razer
2015-10-01 00:44 - 2015-10-01 00:44 - 00000000 ____D C:\Users\Carolin\AppData\Local\Razer_Inc
2015-10-01 00:44 - 2015-06-27 01:27 - 00129472 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2015-10-01 00:43 - 2015-10-01 00:43 - 00071214 _____ C:\Windows\DPINST.LOG
2015-10-01 00:43 - 2015-06-12 17:51 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2015-10-01 00:42 - 2015-10-01 00:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-10-01 00:40 - 2015-10-07 01:02 - 00000000 ____D C:\Program Files (x86)\Razer
2015-10-01 00:40 - 2015-10-01 00:44 - 00000000 ____D C:\ProgramData\Razer
2015-09-23 17:37 - 2015-10-21 23:29 - 00000000 ____D C:\Users\Carolin\Desktop\Bew Jobcenter 2015

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-23 21:56 - 2014-02-07 07:04 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-10-23 21:53 - 2015-05-06 19:11 - 01051576 _____ C:\Windows\WindowsUpdate.log
2015-10-23 21:53 - 2014-03-05 11:44 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3996613314-1560783230-883804363-1001
2015-10-23 21:53 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-10-23 21:51 - 2014-03-05 11:40 - 00000000 ___DO C:\Users\Carolin\SkyDrive
2015-10-23 21:50 - 2014-05-07 19:37 - 00000000 ____D C:\ProgramData\MFAData
2015-10-23 21:49 - 2015-05-21 11:12 - 00000000 ____D C:\Users\Carolin\AppData\Local\Avg
2015-10-23 21:47 - 2015-05-13 18:40 - 00010953 _____ C:\Windows\setupact.log
2015-10-23 21:47 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-23 21:46 - 2015-05-21 20:28 - 00063898 _____ C:\Windows\PFRO.log
2015-10-23 21:46 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-23 21:45 - 2014-05-07 19:42 - 00000000 ____D C:\Program Files (x86)\AVG
2015-10-23 21:44 - 2014-05-07 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-10-23 21:44 - 2014-05-07 19:42 - 00000000 ___HD C:\$AVG
2015-10-23 21:43 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-10-23 21:42 - 2014-10-20 10:30 - 00000000 ____D C:\ProgramData\AVG
2015-10-23 21:39 - 2014-03-07 01:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-23 21:25 - 2015-02-12 11:57 - 00003818 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-10-23 21:25 - 2014-03-06 15:35 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D8E8F171-C053-48CB-82FF-23696657A36D}
2015-10-23 21:21 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-10-23 08:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-10-21 18:11 - 2014-02-07 06:33 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-21 18:11 - 2013-08-23 01:24 - 00766620 _____ C:\Windows\system32\perfh007.dat
2015-10-21 18:11 - 2013-08-23 01:24 - 00159902 _____ C:\Windows\system32\perfc007.dat
2015-10-21 16:28 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-10-21 01:24 - 2015-08-01 22:24 - 00000000 ____D C:\Users\Carolin\AppData\Roaming\Skype
2015-10-21 01:08 - 2014-03-19 18:20 - 00000000 ____D C:\Users\Carolin\AppData\Local\Battle.net
2015-10-20 21:44 - 2014-03-19 18:20 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-20 19:11 - 2014-03-17 18:46 - 01400832 ___SH C:\Users\Carolin\Desktop\Thumbs.db
2015-10-20 12:21 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-17 13:39 - 2014-03-07 01:57 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-16 23:39 - 2014-03-06 15:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-16 06:51 - 2013-08-22 17:38 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-16 06:51 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-16 02:05 - 2014-12-11 20:14 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-16 02:05 - 2014-07-09 18:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 11:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-10-14 19:22 - 2014-02-07 06:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-10-14 14:13 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-10-14 10:44 - 2014-03-06 16:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 10:40 - 2014-03-05 22:43 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 10:37 - 2014-03-05 22:43 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-07 10:56 - 2015-04-06 16:52 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-06 09:23 - 2015-04-06 16:52 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-06 09:12 - 2014-11-10 12:31 - 00000000 ____D C:\Users\Carolin\Documents\Kontoauszüge
2015-10-04 23:48 - 2014-11-07 10:01 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2015-10-04 23:48 - 2014-11-07 10:01 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-10-03 18:45 - 2015-08-01 22:24 - 00000000 ____D C:\ProgramData\Skype
2015-09-25 02:04 - 2014-03-05 11:37 - 00000000 ____D C:\Users\Carolin
2015-09-23 19:32 - 2014-03-06 16:33 - 00000000 ____D C:\Hijackthis
2015-09-23 18:48 - 2015-06-02 11:02 - 00000000 ____D C:\Users\Carolin\Documents\BewUnterlagen roh

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-01-27 17:33 - 2015-02-03 23:03 - 0003584 _____ () C:\Users\Carolin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-16 18:29 - 2015-09-16 18:29 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-02-07 06:19 - 2014-02-07 06:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-02-07 06:58 - 2014-02-07 06:58 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-02-07 06:54 - 2014-02-07 06:55 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-02-07 06:55 - 2014-02-07 06:56 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-02-07 06:56 - 2014-02-07 06:58 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-02-07 06:53 - 2014-02-07 06:54 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Einige Dateien in TEMP:
====================
C:\Users\Carolin\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\Carolin\AppData\Local\Temp\avg-85544928-fc87-4301-b662-560540baa746.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-21 09:18

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
durchgeführt von Carolin (2015-10-23 21:58:03)
Gestartet von C:\Users\Carolin\Desktop\farbar
Windows 8.1 (X64) (2014-03-05 09:38:05)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3996613314-1560783230-883804363-500 - Administrator - Disabled)
Carolin (S-1-5-21-3996613314-1560783230-883804363-1001 - Administrator - Enabled) => C:\Users\Carolin
Gast (S-1-5-21-3996613314-1560783230-883804363-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3996613314-1560783230-883804363-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG (Version: 16.4.7163 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4455 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.4.7163 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.8.599 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.13.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}) (Version: 1.6.1007.0 - Dell Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
FMW 1 (Version: 1.22.2 - AVG Technologies) Hidden
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
HP ENVY 5530 series - Grundlegende Software für das Gerät (HKLM\...\{08CB8BF7-0CCE-4FC2-A475-A985EB11B159}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.1) (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{313c06de-4aa7-4a1f-930a-f10f80380426}) (Version: 17.14.0 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Ihr Firmenname)
PDF-XChange Editor (HKLM-x32\...\{e6c66f24-ae75-4cce-8afc-8ed58d732f6a}) (Version: 3.0.307.0 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 3.0.307.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Lite 2012 (HKLM\...\{AD09CC9A-6901-4921-B66D-9402FF32EF27}_is1) (Version: 5.0.273.0 - Tracker Software Products Ltd)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.021 - Dell Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27599 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3996613314-1560783230-883804363-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

06-10-2015 09:22:57 Windows Update
14-10-2015 10:34:12 Windows Update
20-10-2015 12:20:26 Windows Update
23-10-2015 21:41:52 Installed AVG 2016
23-10-2015 21:42:48 Installed AVG

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {082A2A8F-E3D4-499D-B63B-6A61504550D6} - System32\Tasks\{293E2FF5-C84B-4F11-890E-72E2E836F468} => pcalua.exe -a "C:\Program Files (x86)\Windows Live\Installer\wlarp.exe"
Task: {0E8BF8E9-DC89-49EE-8B4D-D04CA0DCDCA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {176D0A9B-2CA0-4027-A4A2-071DEF1B7682} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
Task: {1FF68438-E847-4543-83C3-03471379F24E} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3996613314-1560783230-883804363-1001
Task: {2739C35D-7750-42CF-A93F-89500C98CB34} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {2E6C1966-F2DD-44B1-A160-8C03968D66A7} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-09-30] (Dell Inc.)
Task: {3E9E6523-4F6A-4301-AA67-FCDDA6634790} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {73999BFA-2166-4D5A-89CC-E8B33E1755ED} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
Task: {7985E2A9-4170-4819-BDEA-CBDC7CF4F32C} - System32\Tasks\Digital Sites => C:\Users\Carolin\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG
Task: {80FAA2DD-4E53-49E4-9FBC-79B1D3CB4987} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {D24CE9A4-30B8-4DB5-8D6F-C191B7F7D938} - System32\Tasks\{5B2F61C9-82B6-4EF1-9831-39EEF92DD8EE} => Firefox.exe hxxp://ui.skype.com/ui/0/7.7.0.103/de/eula?source=lightinstaller
Task: {E2AD1C53-4B7D-4080-BB62-A96A74FF2287} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {FF5E80E0-C412-41B8-A120-2AD3E04D5EDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Carolin\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-04 10:29 - 2015-10-04 23:48 - 01205136 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-06-23 21:11 - 2015-06-23 21:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-10-04 23:48 - 2015-10-04 23:48 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\loggingserver.exe
2014-11-07 10:01 - 2015-10-04 23:48 - 03177360 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-07-03 20:07 - 2015-07-03 20:07 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-02-07 07:05 - 2014-04-30 17:35 - 00486880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2015-10-04 23:48 - 2015-10-04 23:48 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\log4cplusU.dll
2014-11-07 10:01 - 2015-10-04 23:48 - 40638864 _____ () C:\Program Files (x86)\AVG Web TuneUp\libcef.dll
2015-09-05 03:42 - 2015-09-05 03:42 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-10-01 00:48 - 2014-11-26 03:12 - 40622592 _____ () C:\Users\Carolin\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2015-10-23 21:40 - 2015-10-23 21:40 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2014-02-07 06:55 - 2013-03-05 05:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 12:41 - 2013-03-05 12:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-10-01 00:48 - 2014-11-26 03:12 - 00911360 _____ () C:\Users\Carolin\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2015-10-01 00:48 - 2014-11-26 03:12 - 00134144 _____ () C:\Users\Carolin\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2014-02-07 06:47 - 2013-08-28 12:02 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-05-02 17:44 - 2013-12-18 00:47 - 01904928 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-02-07 07:05 - 2012-11-25 23:20 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-02-07 07:05 - 2012-11-25 23:20 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Carolin\SkyDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3996613314-1560783230-883804363-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Carolin\Pictures\Wallpaper BrBa\32569_breaking_bad.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{48499A01-7D6C-40C7-BEE0-36B0908E90D2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{13255DA7-6AD1-4B7E-B465-18BAA38FB331}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{8690E20C-339D-41FF-A257-4B8C5DEB7229}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{2ED98AA9-47FD-4E0E-A251-B44CB33A66EC}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1F6C56B0-781E-413A-9EB1-72FF517A312D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{CEFF7E34-715D-45BA-B60C-156E2AFD11F9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{BB4B5ABB-CB0B-4B55-B00B-A1B5BA79486B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8B4C8835-6F60-4244-AE73-4A50AC921B26}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A41D9208-44B2-4461-806B-05C3DF258B97}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{FA89CF55-3E31-4914-9508-AAC39F6D8D3C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{1C7DF06A-B1E5-4360-975D-815A09F545E9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{C5390491-2BBA-4CDD-ADB7-860685CD845A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{65C9FB2A-B0B3-4BD2-90E5-ADFBD69D28CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{CE2CDC21-D1FF-4F54-9924-5840A2AB8D61}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{94D16A79-9D1D-462D-A769-1EB3E76302C3}] => (Allow) C:\WOW\Hearthstone\Hearthstone.exe
FirewallRules: [{BA27B29A-2A0D-4071-A349-BD65820D4217}] => (Allow) C:\WOW\Hearthstone\Hearthstone.exe
FirewallRules: [{A9C71A15-726C-4B87-A91C-E4523B71CFE1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{47465C5E-216B-4F36-A5FC-4E178B9DC06C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{D10B41B9-DADC-44F8-A1D7-621472FA9E79}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{FFB6E0D4-C0AC-4A62-B211-E583B1347837}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{E354F7B4-010F-4FD3-A3DC-8DCE6758F6EF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{DC1375A9-123F-4480-8883-D96FDE923AA6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{139E8055-BCE7-487D-9245-8C06FDCB94A7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{B753EF1D-8BF3-4CCE-B7EA-DD31B3817391}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{13F641A6-5959-4D28-99DE-E93288F7E028}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{1513013D-6EA4-4302-8EAF-02F01B36678F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{F625A6B4-8EC9-4127-A79A-8ECCA27AF82A}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{67FBA64C-8C10-4309-91D2-CF54122481C0}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{4E11A78F-94F4-4F29-8A22-4717E5947F35}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{D259590B-D339-4523-BF81-B6035ED5222D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{59C83A8A-74F3-4C91-9F67-0263E2C006C8}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{8DA2241B-17AA-45DC-AA24-B92D65460EEE}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{00EDE355-8270-4311-B1D5-E238712F4D6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{75F37F3F-8BE3-4B5A-B693-933E678FC1CD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{52AAC74B-C6DA-435B-B766-72340E9EFB0C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{A0B58265-303C-4748-8956-0D40E38005FA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{E8F52801-4A69-40FD-A6CF-F1856ABF6563}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9A4233CA-592A-4AF6-81E3-8C8BFE19A102}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{59DF2A07-56CE-425C-90E4-DAACF29B2C0C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{688D7466-CD65-45AA-B988-5DC66297BD19}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{AE93C7F3-28C2-4EB9-B1DB-3D5428D104BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{762E2D22-ACB1-4023-840C-6D74C25B7A05}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{123BC2CB-4DE3-43CA-897C-68669A9E59D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{BA17953A-D99E-4215-94C3-131CCF04E7F1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{BA725922-7389-4561-9BEF-8106C04D7884}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{30AE3224-C609-4870-8DF9-8458BEBBEA49}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{AE4253DA-1A5F-4F71-8277-C642127B4425}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{89CBC1FD-C4AD-4751-88B5-99DBC042ECA3}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{A98D917A-5E7D-4F2F-8F8C-03F8747A17ED}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7B554914-BF82-4D80-9AC0-4D6FFCB7F187}] => (Allow) LPort=2869
FirewallRules: [{72E7A768-4295-4389-9917-C47F12E643BB}] => (Allow) LPort=1900
FirewallRules: [{7C939027-CA09-44F1-B153-64AAB644D42A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{82CDF0E8-F393-4ABA-8024-BCC22877BC63}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{F7CD52CE-E67F-4E9B-B453-D89059FF09B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{559AC5D3-94C1-4051-A899-1EE6C4BD8440}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{98E5B8DB-8C48-4C44-BDE4-62C997F5C30C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{5FF42A6C-F18C-4940-B192-64595700174D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{0CBE80E6-F484-4B75-B22E-F235A00F48E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{0EAF87EA-40FD-48CB-ABFF-68D0FA86CD41}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{9C313D32-E26E-4190-9DDA-9ED5C4CB31F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{31F49F3C-A580-4F33-8EDB-D8B7A0C3C1E9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{44201CAA-BF56-4AC1-9970-41D6FAC40865}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{B534FD01-31D2-431D-A21A-FEC54923AC0C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{BE9ECAB2-E6A4-4943-8056-9258B330549D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{A7ECF886-086A-4E31-8C74-C781AA13F9DB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{CCD1E293-520B-4334-A2B7-F23D39C4EBC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{EEE9128A-BFAC-4AAA-9824-3230093CD669}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{F13E6C1D-A789-4905-8867-0E92ECCF7D3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{CB64C3E3-A881-48E3-9ED8-E00798A8C741}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{E9FF8527-7344-4674-98E9-86F742C39B9F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{84ED48E9-3B12-490C-A4CF-EE4B3FDFA83F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{8277879A-0C36-4F34-8C2A-84FD0AF943E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{2ED7E509-DADD-4C5B-A685-46B9E92831A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{90C4DB7C-5AF7-4CA6-AF62-B32375DCF1E5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{B0374BFD-6BA6-49F5-AD7A-CA9F9D7102FA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{44154D1A-A7BB-48BE-B5D2-E41635CE786E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{041AD19D-DC09-48DE-8EB6-EDAC21002DF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{DA4D58C3-4554-402B-9046-4EE9BA028A28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{84C78195-9FF8-4B51-86D6-B4B27F27D3A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E8186161-0947-4B82-A332-1AC2E6B1F05F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A789DCBB-D14F-401C-B9B2-3CDEF391A44C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{DB67247C-FAD5-4FA9-8C83-EBCE0AA48BE6}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B272B873-6011-414B-B81E-5C072059F117}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C8460F6B-F11F-4AFC-9CED-0FCA5B6FA9D0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{A591FC5D-A270-45ED-870C-DCE76E70E901}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{9D7F678C-903B-4503-87AC-301E99005140}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{36B8D505-F2B2-4F9B-9513-B01F67C754DB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{D7713962-94E4-41F9-8C15-023999B2228F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{35F3BA75-B108-41CC-AA93-6BB83413C0E0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{A5B31726-4CE9-4E00-8D22-69C2C7FABA92}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{D4FA72C1-ACB3-44E2-8959-AC3B53B1C5E2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{6D407B87-DD40-46BE-B9F3-C315A45CFEB9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{B80475E1-35C3-4ACC-9A8D-C4133BAD5E03}] => (Allow) C:\Program Files\HP\HP ENVY 5530 series\Bin\DeviceSetup.exe
FirewallRules: [{80F35A9E-C71A-46DA-BDC7-973EB4901F56}] => (Allow) LPort=5357
FirewallRules: [{E95B3242-57EC-472E-9621-4F690ED07CDD}] => (Allow) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{57C55698-532B-4D69-BEC7-5E8F243DE853}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{7A0D7F9C-CA13-4B24-9E5F-9A3434B148A1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{BF00B06B-270E-4EA9-A414-5575D45D78DF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{81ABFD65-3765-4015-9271-816528A23F96}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/19/2015 09:14:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HADES)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/17/2015 01:38:28 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (10/16/2015 01:25:56 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (10/14/2015 07:07:52 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (10/14/2015 02:12:46 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/14/2015 10:14:43 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/14/2015 02:16:21 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/14/2015 02:16:21 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/14/2015 02:16:21 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/14/2015 02:16:20 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed


Systemfehler:
=============
Error: (10/23/2015 09:45:30 PM) (Source: DCOM) (EventID: 10010) (User: HADES)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (10/23/2015 09:45:30 PM) (Source: DCOM) (EventID: 10010) (User: HADES)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (10/22/2015 06:19:09 PM) (Source: DCOM) (EventID: 10010) (User: HADES)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (10/22/2015 06:19:09 PM) (Source: DCOM) (EventID: 10010) (User: HADES)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (10/22/2015 03:17:39 PM) (Source: DCOM) (EventID: 10010) (User: HADES)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (10/22/2015 03:17:39 PM) (Source: DCOM) (EventID: 10010) (User: HADES)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (10/22/2015 03:17:39 PM) (Source: DCOM) (EventID: 10010) (User: HADES)
Description: {2EAD57C2-492A-4713-A340-8272B88BFF1B}

Error: (10/21/2015 01:25:21 AM) (Source: DCOM) (EventID: 10010) (User: HADES)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (10/21/2015 12:27:48 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (10/21/2015 12:27:48 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8072.96 MB
Verfügbarer physikalischer RAM: 5754.07 MB
Summe virtueller Speicher: 9352.96 MB
Verfügbarer virtueller Speicher: 6901.16 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:922.58 GB) (Free:802.02 GB) NTFS
Drive x: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.19 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:7.8 GB) (Free:0.73 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AA791BFB)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus · 23.10.2015, 21:17

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Caro88 · 24.10.2015, 19:27

Danke für Deine Antwort.

Zu Deinen Fragen/Hinweisen:

1) Der letzte Scan von AVG Antivirus vom 20.10.15 hat keine Bedrohungen erkannt.

2) Ergebnis von Emsisoft:

Code:

ATTFilter

Emsisoft Anti-Malware - Version 10.0.0.5735
Letztes Update: 24.10.2015 18:29:21
Benutzerkonto: Hades\Carolin

Scaneinstellungen:

Scantyp: Malware-Scan
Objekte: Rootkits, Speicher, Traces, Dateien

Erkenne PUPs: Aus
Archive scannen: Aus
ADS-Scan: An
Dateierweiterungen: Aus
Advanced Caching: An
Direct Disk Access: Aus

Scan Beginn:	24.10.2015 18:31:22
C:\ProgramData\babylon 	 Application.AppInstall (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI.1 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI.1 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\VIPROTOCOL.VIPROTOCOLOLE 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\VIPROTOCOL.VIPROTOCOLOLE 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\VIPROTOCOL.VIPROTOCOLOLE.1 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\VIPROTOCOL.VIPROTOCOLOLE.1 	 Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{95B7759C-8C7F-4BF1-B163-73684A933233} 	 Application.BHO (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{95B7759C-8C7F-4BF1-B163-73684A933233} 	 Application.BHO (A)

Gescannt	80645
Gefunden	24

Scan Ende:	24.10.2015 18:37:06
Scanzeit:	0:05:44

3) Ergebnis von MBAM:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 24.10.2015
Suchlaufzeit: 17:54
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.10.24.03
Rootkit-Datenbank: v2015.10.23.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Carolin

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 343003
Abgelaufene Zeit: 23 Min., 36 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 6
PUP.Optional.SnapDo, HKU\S-1-5-21-3996613314-1560783230-883804363-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [a51ee27884071224a757bf5a26dced13], 
PUP.Optional.SnapDo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [a51ee27884071224a757bf5a26dced13], 
PUP.Optional.DigitalSites, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Digital Sites, Löschen bei Neustart, [7e451c3ed1ba61d590341a3f0af932ce], 
PUP.Optional.DigitalSites, HKU\S-1-5-21-3996613314-1560783230-883804363-1001\SOFTWARE\DSiteproducts, In Quarantäne, [962dda80e0ab33037e4565f4f50e29d7], 
PUP.Optional.InstallCore, HKU\S-1-5-21-3996613314-1560783230-883804363-1001\SOFTWARE\InstallCore, In Quarantäne, [744f38228dfea78fa03fe481f013a65a], 
PUP.Optional.Linkury, HKU\S-1-5-21-3996613314-1560783230-883804363-1001\SOFTWARE\SMARTBAR, In Quarantäne, [b0135cfe018aaa8c9f16f8703dc630d0], 

Registrierungswerte: 5
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [17acf268117a35012d739be13cc6bf41]
PUP.Optional.HelperBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000, In Quarantäne, [c8fbe37785061c1adf0cbbd5b64d9769]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [972ccb8f92f95cdae3bd80fc27dbfb05]
PUP.Optional.HelperBar, HKU\S-1-5-21-3996613314-1560783230-883804363-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000, In Quarantäne, [af148fcb6e1df93d6486a2eec14237c9]
PUP.Optional.Linkury, HKU\S-1-5-21-3996613314-1560783230-883804363-1001\SOFTWARE\SMARTBAR|publisher, YahooOC, In Quarantäne, [b0135cfe018aaa8c9f16f8703dc630d0]

Registrierungsdaten: 6
PUP.Optional.HelperBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000),Ersetzt,[5a6976e45c2fb6805ac838faaa5a2ed2]
PUP.Optional.HelperBar, HKU\S-1-5-21-3996613314-1560783230-883804363-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000),Ersetzt,[efd470ea45465dd90b124ee4e91b1be5]
PUP.Optional.HelperBar, HKU\S-1-5-21-3996613314-1560783230-883804363-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000),Ersetzt,[804334267e0da59178a570c250b43cc4]
PUP.Optional.HelperBar, HKU\S-1-5-21-3996613314-1560783230-883804363-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000),Ersetzt,[9a293e1c99f28caa77a874be4eb605fb]
PUP.Optional.HelperBar, HKU\S-1-5-21-3996613314-1560783230-883804363-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000),Ersetzt,[9b287edca9e2b383948be84adf25ff01]
PUP.Optional.HelperBar, HKU\S-1-5-21-3996613314-1560783230-883804363-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=06/03/2014&type=hp1000),Ersetzt,[09ba11495a31d75f7da3f53d986c0000]

Ordner: 5
PUP.Optional.UpdateProc, C:\Users\Carolin\AppData\Roaming\DigitalSites\UpdateProc, In Quarantäne, [07bc18428902c670ff7b62241ae9fb05], 
PUP.Optional.UpdateProc, C:\Users\Carolin\AppData\Roaming\DigitalSites, In Quarantäne, [07bc18428902c670ff7b62241ae9fb05], 
PUP.Optional.OpenCandy, C:\Users\Carolin\AppData\Roaming\OpenCandy, In Quarantäne, [c20191c99dee9a9cb63e61d69f63629e], 
PUP.Optional.OpenCandy, C:\Users\Carolin\AppData\Roaming\OpenCandy\00A61558ACE14570AAD90699B2B47D6D, In Quarantäne, [c20191c99dee9a9cb63e61d69f63629e], 
PUP.Optional.OpenCandy, C:\Users\Carolin\AppData\Roaming\OpenCandy\7B27FF951DAD4742A3C9DDCBD01D1C6B, In Quarantäne, [c20191c99dee9a9cb63e61d69f63629e], 

Dateien: 32
PUP.Optional.Linkury, C:\Users\Carolin\AppData\Roaming\OpenCandy\00A61558ACE14570AAD90699B2B47D6D\Installer.exe, In Quarantäne, [7e45e575b4d77fb790e0a26b29dbb44c], 
PUP.Optional.OpenCandy, C:\Users\Carolin\AppData\Roaming\rmi\daemon-tools-4.48.1.exe, In Quarantäne, [d1f2d387f794dc5a58fc232562a2ad53], 
PUP.Optional.APNToolBar, C:\Users\Carolin\AppData\Local\Temp\AskPIP_FF_.exe, In Quarantäne, [a41f1a40f19adf57749797a9748daa56], 
PUP.Optional.DigitalSites, C:\Windows\System32\Tasks\Digital Sites, In Quarantäne, [249f005abdce83b3fcc5c990788be917], 
PUP.Optional.DigitalSites, C:\Windows\Tasks\Digital Sites.job, In Quarantäne, [b3105efc305b02345d65e079e91a45bb], 
PUP.Optional.UpdateProc, C:\Users\Carolin\AppData\Roaming\DigitalSites\UpdateProc\prod.dat, In Quarantäne, [07bc18428902c670ff7b62241ae9fb05], 
PUP.Optional.UpdateProc, C:\Users\Carolin\AppData\Roaming\DigitalSites\UpdateProc\config.dat, In Quarantäne, [07bc18428902c670ff7b62241ae9fb05], 
PUP.Optional.UpdateProc, C:\Users\Carolin\AppData\Roaming\DigitalSites\UpdateProc\info.dat, In Quarantäne, [07bc18428902c670ff7b62241ae9fb05], 
PUP.Optional.WebSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\searchplugins\Web Search.xml, In Quarantäne, [c7fcde7c42492e0860268504ae551ce4], 
PUP.Optional.OpenCandy, C:\Users\Carolin\AppData\Roaming\OpenCandy\7B27FF951DAD4742A3C9DDCBD01D1C6B\Trial-14.0.1000.89_de-DE_1004732_DE-1.exe, In Quarantäne, [c20191c99dee9a9cb63e61d69f63629e], 
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.buenosearch.admin", false);), Ersetzt,[e2e1b3a7ed9e42f438fe96c013f17a86]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If yo), Ersetzt,[dde6f06af497c4727abcda7ccd371ae6]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to this file while t), Ersetzt,[f1d2a1b923686fc7ef475ff78480768a]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (e.
 *
 * If you make changes to this file while the ), Ersetzt,[1fa4e1796d1eb28495a187cf7a8a57a9]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you ma), Ersetzt,[a1221644e6a559dd60d67bdb43c19769]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you), Ersetzt,[962d25352b60bc7a72c4c98d19eb9d63]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you mak), Ersetzt,[13b00f4b305bde5846f0055132d28878]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make changes to this file w), Ersetzt,[467d4b0fdead61d5a492ce888480a45c]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: ( this file.
 *
 * If you make changes to this file w), Ersetzt,[9f24b4a63e4dd06662d471e5857f6f91]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make), Ersetzt,[4e75c9914f3cee4881b5480e4cb89070]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you ), Ersetzt,[aa190a50d1bae551280e0e48e81ce719]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you make ), Ersetzt,[ecd763f74744fa3c1521a9adf50f946c]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you make changes t), Ersetzt,[517273e7b5d682b491a573e3de26639d]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
 *
 * If you make ch), Ersetzt,[2f944218058670c67cba63f3b94b8a76]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you ), Ersetzt,[b50e84d61477f2446ec8afa721e35da3]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten whe), Ersetzt,[e4df2d2dcebdd561cc6a4d090afa24dc]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: ( is running,
 * the changes will be overwritten wh), Ersetzt,[ead91a40dab14beb6cca3b1b9e666b95]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when th), Ersetzt,[398a79e15f2c3600b3837dd9808401ff]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (unning,
 * the changes will be overwritten when the ), Ersetzt,[f5ce2f2bc4c761d594a2e96db54faf51]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you make changes t), Ersetzt,[d9ea48122f5c2214d95d0f475ca814ec]
PUP.Optional.BuenoSearch, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: ( Do not edit this file.
 *
 * If you make changes to), Ersetzt,[20a3c793404b7bbb92a431252ada6a96]
PUP.Optional.HelperBar, C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\7bnn3ity.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=6b3ab834-9774-ab07-0a4b-add1b5a88b99&searchtype=ds&fr=linkury-tb&installDate=06/03/2014&type=hp1000&p=");), Ersetzt,[7f4485d58ffcd462a657fc5ab64e3bc5]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Die von mbam erkannten Bedrohungen habe ich entfernt, die von Emsisoft in Quarantäne verschoben.

DOS-Fenster erscheint ständig und WLAN-Verbindung wird unterbrochen

Log-Analyse und Auswertung: DOS-Fenster erscheint ständig und WLAN-Verbindung wird unterbrochen