Bzeek Version 0.9.192 gefährlich? Soll ich entfernen ? - wie?

hardyxy9 · 08.11.2015, 15:50

Hallo,
Beim Blick in den Task Manager fällt mir Bzeek auf als laufender Prozess. Im Betrieb zeigt mein Laptop mit Win 10 keine Auffälligkeiten.
Im Netz finde ich jedoch verschiedene Hinweise auf die Gefährlichkeit, die einen sagen ist nicht so böse, die anderen sagen soll entfernt werden, und dass dieser Virus allerdings nicht so leicht zu entfernen ist.
z.B. hier in Englisch: hxxp://www.pchihi.com/bzeek-exe/

Es gibt auch ein angebliches automatisches Tool 'Advanced Uninstaller Pro11', wenn ich dies jedoch installieren will, heißt es plötzlich beim Windows Fenster was ich bestätigen muss 'Driver Maxx' .. und hier breche ich ab; ich hatte dieses Driver Maxx schon mal und will es nicht wieder installieren. Warum sich die Installationsroutine mit Driver Maxx meldet, ist mir nicht klar, die exe Datei heißt jedenfalls Advanced_Uninstaller11.

Kommt von hier: hxxp://www.advanceduninstaller.com/Bzeek-Version-0_9_192-7de21aee8c291c1303eb6ead60e8e1aa-application.htm

Malwarebytes Premium Version hat nicht reagiert oder etwas gemeldet.
Mein Antivirenprogramm 360 Total Security Software auch nicht.

Bevor ich etwas schlimmer mache als es ist, möchte ich gerne hier nachfragen, was ich da tun könnte,

danke schon mal,

schrauber · 08.11.2015, 16:08

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

hardyxy9 · 08.11.2015, 16:22

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von AB (Administrator) auf LENOVOX220 (08-11-2015 16:12:41)
Gestartet von C:\Users\C\Downloads
Geladene Profile: AB & C (Verfügbare Profile: AB & C)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
() C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Google Inc.) C:\Users\C\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Connection Manager\ModemPnPService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15081.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ipswitch) C:\Program Files\WS_FTP\WsftpCOMHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395744 2012-10-31] ()
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [164032 2015-08-23] (Synaptics)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-08-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2011-04-01] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Blackcomb] => C:\Program Files (x86)\Samsung Connection Manager\ModemPnPService.exe [131072 2011-02-11] (Samsung Electronics.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlackArmorBackupMonitor.exe] => C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe [5584616 2012-10-31] ()
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [300152 2015-09-21] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4493824 2014-05-07] (Research In Motion Limited)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2720144 2015-08-09] (Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [AusweisApp] => C:\Program Files (x86)\AusweisApp\siqBootLoader.exe [2518656 2014-01-24] (OpenLimit SignCubes AG)
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [360cloud] => C:\Program Files (x86)\360\360WangPan\360WangPan.exe [14519920 2015-06-03] (360.cn)
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [LaCie Ethernet Agent Startup] => C:\Program Files\Seagate\Network Assistant\Seagate Network Assistant.exe [8857600 2014-03-18] (Seagate SA)
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\C D�ll\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AB\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\C D�ll\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AB\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\C D�ll\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\C D�ll\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AB\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1003\...\Run: [Google+ Auto Backup] => C:\Users\C\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
HKU\S-1-5-21-2113504872-800665639-2394083016-1003\...\Run: [KeePass Password Safe 2] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2720144 2015-08-09] (Dominik Reichl)
HKU\S-1-5-21-2113504872-800665639-2394083016-1003\...\RunOnce: [Uninstall C:\Users\C\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\C\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1003\...\RunOnce: [Uninstall C:\Users\C\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\C\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1003\...\RunOnce: [Uninstall C:\Users\C\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\C\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1003\...\RunOnce: [Uninstall C:\Users\C\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\C\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
AppInit_DLLs: C:\ProgramData\SecurityUtility\SecurityUtility64.dll => Keine Datei
Lsa: [Notification Packages] scecli ACGina
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {A786E080-E576-469D-8A39-E1CF47517117} => C:\Windows\System32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DownloadIcon] -> {A8502600-B272-4F68-A67B-A0305D46D298} => C:\ProgramData\QvodPlayer\QvodExtend\5.0.100.0\QvodExtend_x64.dll [2014-08-25] (Shenzhen QVOD Technology Co.,Ltd)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {A786E080-E576-469D-8A39-E1CF47517117} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [DownloadIcon] -> {A8502600-B272-4F68-A67B-A0305D46D297} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\Users\AB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CarPort Updater.lnk [2015-06-21]
ShortcutTarget: CarPort Updater.lnk -> C:\Program Files (x86)\CarPort\CarPort.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [.DEFAULT] => hxxp://127.0.0.1:8445/okf.pac
AutoConfigURL: [S-1-5-21-2113504872-800665639-2394083016-1003] => hxxp://127.0.0.1:8445/okf.pac
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{138a9c8a-a3fa-4776-8f5d-14a9c23ae785}: [NameServer] 212.23.115.132 212.23.115.150
Tcpip\..\Interfaces\{b4f3ccec-8901-4d39-910c-eb142d04fd1b}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c647e28a-b5a7-48eb-9966-19bb73eb627d}: [NameServer] 193.189.244.206 193.189.244.225

Internet Explorer:
==================
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.hao123.com/?tn=97023167_hao_pg
HKU\S-1-5-21-2113504872-800665639-2394083016-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mybetreuung24.de/
SearchScopes: HKLM -> DefaultScope {7BC7A817-5540-4FD0-9D36-37C2AF2DCBE1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {7BC7A817-5540-4FD0-9D36-37C2AF2DCBE1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> DefaultScope {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=33059180_oem_dg&ch=33
SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> {7BC7A817-5540-4FD0-9D36-37C2AF2DCBE1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=33059180_oem_dg&ch=33
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: QvodExtend -> {A8502600-B272-4F68-A67B-A0305D46D298} -> C:\ProgramData\QvodPlayer\QvodExtend\5.0.100.0\QvodExtend_x64.dll [2014-08-25] (Shenzhen QVOD Technology Co.,Ltd)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2015-09-21] (Qihu 360 Software Co., Ltd.)
BHO: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE64.ols [2014-04-11] (OpenLimit SignCubes AG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2015-08-10] (Qihu 360 Software Co., Ltd.)
BHO-x32: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE32.ols [2014-04-11] (OpenLimit SignCubes AG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
Toolbar: HKLM-x32 - &GO Stats - {3D98AD1A-707C-4FA7-AE98-C4039B8231EB} - C:\Program Files (x86)\GoStats\GoStatsBar.dll [2005-08-07] ()
Toolbar: HKU\S-1-5-21-2113504872-800665639-2394083016-1003 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  Keine Datei
Toolbar: HKU\S-1-5-21-2113504872-800665639-2394083016-1003 -> Kein Name - {272C6EB5-FDA4-4A6A-968A-FFE1ADF1B640} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\AB\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @qvod.com/QvodShare -> C:\Program Files (x86)\QvodPlayer\npShareModule_x64.dll [2014-06-24] (Shenzhen QVOD Technology Co.,Ltd)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014-05-07] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2113504872-800665639-2394083016-1003: @citrixonline.com/appdetectorplugin -> C:\Users\C\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-04-01] (Citrix Online)
FF Plugin HKU\S-1-5-21-2113504872-800665639-2394083016-1003: @qvod.com/QvodInsert -> C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll [Keine Datei]
FF user.js: detected! => C:\Users\AB\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default\user.js [2015-10-09]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\AB\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default\Extensions\iobitascsurfingprotection@iobit.com [2015-06-23] [ist nicht signiert]
FF HKU\S-1-5-21-2113504872-800665639-2394083016-1003\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.7.3.1
FF Extension: Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.7.3.1 [2015-06-16] [ist nicht signiert]
FF Extension: AusweisApp - C:\Program Files (x86)\AusweisApp\mozilla\eCardClientPIn_FFxx_Win [2014-05-20] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\AB\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-20]
CHR Extension: (Lavasoft NewTab) - C:\Users\AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2015-09-20]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-09-03]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2015-07-31] (Broadcom Corporation.)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [Datei ist nicht signiert]
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [99328 2014-02-19] () [Datei ist nicht signiert]
S2 bzeekuninstallsvc; C:\Program Files (x86)\Bzeek\bzeek.exe [4985056 2012-06-24] (BzeekLand LTD.) [Datei ist nicht signiert]
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320560 2014-06-24] (Lenovo.)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [8910336 2015-10-14] (SecureMix LLC)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [35784 2015-10-22] (Lenovo Group Limited)
S4 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-31] (Microsoft Corporation)
R2 OneSyncSvc_Session27; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session27; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session27; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session27; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [859768 2015-09-21] (QIHU 360 SOFTWARE CO. LIMITED)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [Datei ist nicht signiert]
S2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [Datei ist nicht signiert]
S4 sfcdpsrv; C:\Program Files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe [3246040 2014-07-05] (Acronis)
S4 SgtSch2Svc; C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [1114688 2012-10-31] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22008 2015-07-01] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-08-23] (Synaptics Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] ()
S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [Datei ist nicht signiert]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1526120 2013-09-25] (Lenovo Group Limited)
R3 UnistoreSvc_Session27; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session27; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session27; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session27; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-31] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-31] (Microsoft Corporation)
S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [Datei ist nicht signiert]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-01-14] ()

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137296 2015-07-23] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-09-21] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-09-21] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-08-01] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [363088 2015-07-23] (360.cn)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21600 2013-03-14] (Advanced Micro Devices, Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] ()
S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-11-29] ()
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178768 2015-08-10] (360.cn)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-07-31] (Broadcom Corporation.)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17088 2014-01-22] (Glarysoft Ltd)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R3 cmnuusbser; C:\Windows\system32\DRIVERS\cmnuusbser.sys [123904 2014-04-18] (Wireless Device)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c65x64.sys [471312 2015-07-31] (Intel Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2014-11-10] (IObit)
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-27] (REALiX(tm))
R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-08] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-31] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-08-15] (Intel Corporation)
S3 PGRUSB; C:\Windows\System32\DRIVERS\PGRXHCI.sys [123392 2013-12-18] (Point Grey Research)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-08-23] (Synaptics Incorporated)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)
R3 Tvti2c; C:\Windows\system32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2014-11-10] (IObit.com)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [284912 2014-04-25] (Ericsson AB)
S3 XHCIdrv; C:\Windows\System32\DRIVERS\XHCIdrv.sys [119720 2013-10-24] (Windows (R) Win 7 DDK provider)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-08 16:12 - 2015-11-08 16:12 - 00036319 _____ C:\Users\C\Downloads\FRST.txt
2015-11-08 16:12 - 2015-11-08 16:12 - 00000000 ____D C:\FRST
2015-11-08 16:11 - 2015-11-08 16:12 - 02198528 _____ (Farbar) C:\Users\C\Downloads\FRST64.exe
2015-11-08 16:10 - 2015-11-08 16:10 - 00016148 _____ C:\WINDOWS\system32\LENOVOX220_C_HistoryPrediction.bin
2015-11-08 16:05 - 2015-11-08 16:05 - 00016148 _____ C:\WINDOWS\system32\LENOVOX220_AB_HistoryPrediction.bin
2015-11-08 16:05 - 2015-11-08 16:05 - 00000000 ___HD C:\OneDriveTemp
2015-11-07 11:55 - 2015-11-07 11:55 - 00481133 _____ C:\Users\C\Downloads\FRITZ.Box 7490 113.06.30_07.11.15_1155.export
2015-11-06 13:41 - 2015-11-06 13:41 - 00000000 ____D C:\Users\AB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire
2015-11-06 13:41 - 2015-11-06 13:41 - 00000000 ____D C:\Users\AB\AppData\Local\GlassWire
2015-11-06 13:41 - 2015-11-06 13:41 - 00000000 ____D C:\ProgramData\GlassWire
2015-11-06 13:41 - 2015-05-29 05:30 - 00008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2015-11-06 13:41 - 2015-05-29 05:15 - 00033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2015-11-06 13:40 - 2015-11-06 13:41 - 00000000 ____D C:\Program Files (x86)\GlassWire
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\Users\C\Downloads\BrAdmin3530004eur.exe
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\f86f83075e9d7d96e5
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\daf42a1b4cebcadfc29e50
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\b55362dbf3c66fbb753edea4a31e
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\b0d3ae91f65a665f27
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\a68a4bb77a8537a716161c6e0bfec3
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\a164d43ba4af8fdde464
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\88160bad2f871498af
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\6f42a20f6da31f2fe727b8de721e3f68
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\5dbd9b9f8b378e1ddb958a8902ed
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\5621adaf9345ec36dc5793d7f0c8b1
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\4e8e44df69bc98bedefb6cc3076f66
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\400dfc9163dedef140
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\1d616b3cc3d337fa3d9d5f429c8d
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\1a3d491a3fb609fccd5b2a
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\181d51811d12972900
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\0fc720bbb1d23d4e6144ac26d6cbc943
2015-11-04 14:13 - 2015-11-04 14:15 - 210676352 _____ C:\Users\C\Downloads\IntelDataMigrationSoftware_15056_de-DE.exe
2015-11-04 13:57 - 2015-11-04 13:58 - 132880840 _____ (SanDisk Corporation) C:\Users\C\Downloads\SanDiskSSDDashboardSetup_1.4.1.exe
2015-11-04 11:32 - 2015-11-04 11:36 - 416418064 _____ C:\Users\C\Downloads\Paragon_Backup_and_Recovery_14_free_ger.exe
2015-11-03 21:51 - 2015-11-03 21:51 - 10812008 _____ (Dovado Europe AB) C:\Users\C\Downloads\TINY_7_3_11.exe
2015-11-01 00:28 - 2015-11-01 00:28 - 00000000 ____D C:\Users\AB\AppData\Roaming\360TotalSecurity
2015-10-27 22:56 - 2015-10-27 22:56 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
2015-10-27 22:56 - 2015-10-27 22:56 - 00001000 _____ C:\Users\Public\Desktop\Market Samurai.lnk
2015-10-27 22:56 - 2015-10-27 22:56 - 00000000 ____D C:\Program Files (x86)\Market Samurai
2015-10-26 10:23 - 2015-10-26 10:23 - 13921385 _____ C:\Users\C\Downloads\beurteilungfrauprzbylskarechnung.zip
2015-10-25 09:19 - 2015-10-25 09:19 - 00000896 _____ C:\Users\C\Downloads\EVN_R2015001585856.txt
2015-10-24 21:58 - 2015-10-24 21:58 - 00000048 _____ C:\Users\C\Downloads\video.m3u
2015-10-23 10:25 - 2015-10-23 10:26 - 00513004 _____ C:\Users\C\Downloads\Sauer_Anrufbeantworter.wav
2015-10-23 10:15 - 2015-10-23 10:15 - 00051302 _____ C:\Users\C\Downloads\Sauer_Anrufbeantworter.amr
2015-10-21 16:01 - 2015-10-21 16:01 - 00000000 ____D C:\Users\C\AppData\Roaming\360Game
2015-10-20 10:18 - 2015-10-20 10:18 - 00000112 _____ C:\WINDOWS\system32\snetcfg.log
2015-10-16 21:23 - 2015-10-16 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-15 10:17 - 2015-10-15 10:17 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-10-15 10:13 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-15 10:13 - 2015-10-10 07:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-15 10:13 - 2015-10-10 07:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-15 10:13 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-15 10:13 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-15 10:13 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-15 10:13 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-15 10:13 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-15 10:13 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-15 10:13 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-15 10:13 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-15 10:13 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-15 10:13 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-15 10:13 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-15 10:13 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-15 10:13 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-15 10:13 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-15 10:13 - 2015-09-25 04:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-15 10:13 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-15 10:13 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-15 10:13 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-15 10:13 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-15 10:13 - 2015-09-25 04:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-15 10:13 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-15 10:13 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-15 10:13 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-15 10:13 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-15 10:13 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-15 10:13 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-15 10:13 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-15 10:13 - 2015-09-25 04:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-15 10:13 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-15 10:13 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-15 10:13 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-15 10:13 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-15 10:13 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-15 10:13 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-15 10:13 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-15 10:13 - 2015-09-25 03:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-15 10:13 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-15 10:13 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-15 10:13 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-15 10:13 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-15 10:13 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-15 10:13 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-15 10:13 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-15 10:13 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-15 10:13 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-15 10:13 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-15 10:08 - 2015-10-15 10:09 - 40102072 _____ (Microsoft Corporation) C:\Users\C\Downloads\vstor_redist.exe
2015-10-14 09:25 - 2015-10-14 09:25 - 00033652 _____ C:\Users\C\Downloads\Treumann_Faxspam1.tif
2015-10-14 09:24 - 2015-10-14 09:24 - 00045376 _____ C:\Users\C\Downloads\Boch_FaxSpam3.tif
2015-10-12 13:17 - 2015-10-12 13:19 - 00000000 ____D C:\Users\C\Downloads\seniorenschwabach
2015-10-12 13:17 - 2015-10-12 13:17 - 00868607 _____ C:\Users\C\Downloads\seniorenschwabach.zip
2015-10-10 21:30 - 2015-10-10 21:30 - 00923237 _____ C:\Users\C\Downloads\GoStatsToolbar.zip
2015-10-10 21:30 - 2015-10-10 21:30 - 00000000 ____D C:\Users\C\Downloads\GoStatsToolbar
2015-10-10 08:54 - 2015-10-10 08:54 - 00045387 _____ C:\Users\C\Downloads\Boch_FaxSpam2.tif
2015-10-09 11:01 - 2015-10-25 15:29 - 00004056 _____ C:\WINDOWS\PFRO.log
2015-10-09 10:41 - 2015-11-08 15:00 - 00014652 _____ C:\WINDOWS\setupact.log
2015-10-09 10:41 - 2015-10-09 10:41 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-09 10:30 - 2015-10-09 10:30 - 00929872 _____ (Google Inc.) C:\Users\AB\Downloads\ChromeSetup.exe
2015-10-09 10:26 - 2015-10-09 10:26 - 91987968 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2015-10-09 10:26 - 2015-10-09 10:26 - 00356352 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2015-10-09 10:26 - 2015-10-09 10:26 - 00073728 _____ C:\WINDOWS\system32\config\SAM.iobit
2015-10-09 10:26 - 2015-10-09 10:26 - 00032768 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2015-10-09 10:08 - 2015-10-09 10:08 - 00041472 _____ C:\Users\C\Downloads\launcher64.dll
2015-10-09 10:07 - 2015-10-09 10:07 - 00663768 _____ (Copyright © 2010 eSupport.com. All Rights Reserved.) C:\Users\C\Downloads\biosagentplus_40.exe
2015-10-09 10:07 - 2015-10-09 10:07 - 00022200 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2015-10-09 10:07 - 2015-10-09 10:07 - 00000000 ____D C:\Users\AB\AppData\Local\eSupport.com
2015-10-09 09:49 - 2015-10-09 09:49 - 00000000 ____D C:\Users\C\Downloads\Sonderheft_Win10_XXL_11_2015
2015-10-09 09:48 - 2015-10-09 09:48 - 32826621 _____ C:\Users\C\Downloads\SH_Win10_XXL_11_2015.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-08 16:06 - 2015-08-16 14:50 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CDC91857-6445-4164-AA74-16D99DDC4E7A}
2015-11-08 16:06 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-08 16:05 - 2015-07-31 11:07 - 00000000 ___RD C:\Users\C\OneDrive
2015-11-08 16:05 - 2015-06-10 09:25 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-08 16:05 - 2013-12-12 21:09 - 00000000 ___RD C:\Users\C\Dropbox
2015-11-08 16:05 - 2013-12-12 21:07 - 00000000 ____D C:\Users\C\AppData\Roaming\Dropbox
2015-11-08 16:03 - 2014-06-17 20:34 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-08 15:45 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-08 15:38 - 2015-06-10 09:25 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-08 15:33 - 2015-07-17 10:38 - 00000596 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003.job
2015-11-08 15:23 - 2015-08-18 21:03 - 00125440 ___SH C:\Users\C\Downloads\Thumbs.db
2015-11-08 15:05 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-08 15:02 - 2014-08-10 12:10 - 00000000 ____D C:\Users\AB\AppData\LocalLow\360WD
2015-11-08 14:52 - 2015-07-17 10:38 - 00000692 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003.job
2015-11-08 14:51 - 2015-06-21 12:40 - 00000000 ___RD C:\Users\AB\Dropbox
2015-11-08 14:51 - 2015-06-10 09:25 - 00000000 ____D C:\Users\AB\AppData\Local\Dropbox
2015-11-08 14:50 - 2015-05-20 22:33 - 00000000 ____D C:\Users\C\AppData\Roaming\KeePass
2015-11-08 14:45 - 2014-12-25 18:37 - 00000000 ____D C:\ProgramData\ProductData
2015-11-07 18:31 - 2014-06-19 09:43 - 00000000 ____D C:\Users\C\AppData\LocalLow\360WD
2015-11-07 18:22 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-06 13:48 - 2015-04-20 16:52 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-06 13:48 - 2014-12-25 18:37 - 00002534 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scan
2015-11-06 13:48 - 2014-12-25 18:37 - 00002486 _____ C:\WINDOWS\System32\Tasks\Driver Booster Update
2015-11-06 13:40 - 2014-08-10 15:05 - 00000000 ____D C:\Users\AB\AppData\Roaming\360safe
2015-11-06 13:39 - 2015-07-31 14:04 - 00002415 _____ C:\Users\AB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-06 13:39 - 2015-07-31 14:04 - 00000000 ___RD C:\Users\AB\OneDrive
2015-11-05 13:27 - 2013-12-12 13:14 - 00000000 ____D C:\ProgramData\Lenovo
2015-11-04 11:36 - 2015-07-31 10:52 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-04 11:36 - 2015-07-10 17:34 - 00884838 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-04 11:36 - 2015-07-10 17:34 - 00195936 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-03 22:20 - 2014-04-18 12:47 - 00000000 ____D C:\Users\AB\AppData\Roaming\XSManager
2015-11-03 19:52 - 2015-07-31 11:07 - 00002400 _____ C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-02 00:28 - 2015-07-31 10:53 - 00000000 ____D C:\Users\C
2015-11-01 21:50 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-01 21:32 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-01 00:31 - 2015-08-09 23:46 - 00000000 ____D C:\Users\AB\AppData\Roaming\Skype
2015-11-01 00:31 - 2015-07-31 11:48 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-01 00:31 - 2015-07-16 10:39 - 00003378 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1437039558
2015-10-31 15:09 - 2015-04-20 16:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-31 14:55 - 2015-07-16 10:38 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-29 14:29 - 2013-12-12 22:35 - 00000789 _____ C:\WINDOWS\BRWMARK.INI
2015-10-28 12:06 - 2014-06-18 09:35 - 00000000 ____D C:\Users\C\AppData\Roaming\360CloudUI
2015-10-27 14:33 - 2015-07-17 10:38 - 00003854 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003
2015-10-27 14:33 - 2015-07-17 10:38 - 00003758 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003
2015-10-26 10:10 - 2013-12-26 18:31 - 00000000 ____D C:\Users\C\AppData\Local\Lenovo
2015-10-25 15:30 - 2014-06-20 08:58 - 00000000 _RSHD C:\360SANDBOX
2015-10-23 10:34 - 2014-11-13 16:21 - 00000000 ____D C:\Users\C\AppData\Roaming\Audacity
2015-10-23 09:50 - 2014-08-30 08:43 - 00000000 __SHD C:\ProgramData\360Quarant
2015-10-23 09:50 - 2014-08-30 08:43 - 00000000 __SHD C:\$360Section
2015-10-20 10:20 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-20 10:19 - 2014-05-20 12:38 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-10-20 10:18 - 2015-02-27 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2015-10-20 10:18 - 2015-02-27 19:19 - 00000000 ____D C:\Program Files\FRITZ!Fernzugang
2015-10-19 07:51 - 2014-12-25 18:37 - 00002219 _____ C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-10-16 21:23 - 2015-06-10 09:25 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 10:58 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-15 10:25 - 2013-12-12 16:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 10:19 - 2013-12-12 16:28 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-15 10:18 - 2013-12-12 17:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 23:01 - 2015-03-24 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2
2015-10-13 23:01 - 2014-06-17 20:44 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-13 23:01 - 2014-06-17 20:44 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-11 09:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-10 14:11 - 2014-03-29 23:31 - 00000000 ____D C:\Users\C\AppData\Roaming\Webocton - Scriptly
2015-10-09 10:35 - 2013-12-25 17:21 - 00000000 ____D C:\Users\C\AppData\Roaming\vlc
2015-10-09 10:31 - 2014-08-10 15:05 - 00000000 ____D C:\WINDOWS\Tasks\360Disabled
2015-10-09 10:31 - 2013-12-12 14:11 - 00003716 _____ C:\WINDOWS\System32\Tasks\googleupdatetaskmachineua
2015-10-09 10:31 - 2013-12-12 14:11 - 00003492 _____ C:\WINDOWS\System32\Tasks\googleupdatetaskmachinecore
2015-10-09 10:30 - 2013-12-12 14:12 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-09 10:26 - 2014-08-14 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Site Visualizer Professional
2015-10-09 10:24 - 2015-07-31 16:18 - 00000000 ____D C:\Users\AB\AppData\Roaming\KeePass
2015-10-09 10:22 - 2015-01-23 10:25 - 00001222 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2015-10-09 10:22 - 2014-08-10 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-10-09 10:21 - 2014-07-05 21:01 - 00000000 ____D C:\Users\AB\AppData\Roaming\360CloudUI
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-18 10:57 - 2014-09-13 12:29 - 7885584 _____ (360安全中心) C:\Program Files (x86)\360DrvMgrInstaller_2.0.0.1040.exe
2014-06-19 22:30 - 2014-06-19 22:30 - 0120996 _____ () C:\Users\AB\AppData\Local\ars.cache
2014-06-19 22:30 - 2014-06-19 22:30 - 0272862 _____ () C:\Users\AB\AppData\Local\census.cache
2015-05-27 15:21 - 2015-05-27 15:21 - 0121768 _____ () C:\Users\AB\AppData\Local\extension_1_1_0_2.crx
2014-06-19 14:55 - 2014-06-19 14:55 - 0000036 _____ () C:\Users\AB\AppData\Local\housecall.guid.cache
2014-09-23 11:41 - 2015-08-09 12:51 - 0007626 _____ () C:\Users\AB\AppData\Local\Resmon.ResmonCfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\C\setup_Pixum_Fotobuch.exe


Einige Dateien in TEMP:
====================
C:\Users\C\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph7kbhj.dll
C:\Users\AB\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0qfchf.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-01 21:45

==================== Ende von FRST.txt ============================

--- --- ---
/CODE]

hardyxy9 · 08.11.2015, 16:33

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von AB (2015-11-08 16:13:17)
Gestartet von C:\Users\C\Downloads
Windows 10 Pro (X64) (2015-07-31 10:04:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2113504872-800665639-2394083016-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2113504872-800665639-2394083016-503 - Limited - Disabled)
Gast (S-1-5-21-2113504872-800665639-2394083016-501 - Limited - Disabled)
C (S-1-5-21-2113504872-800665639-2394083016-1003 - Limited - Enabled) => C:\Users\C
AB (S-1-5-21-2113504872-800665639-2394083016-1000 - Administrator - Enabled) => C:\Users\AB
C_Surf (S-1-5-21-2113504872-800665639-2394083016-1023 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2113504872-800665639-2394083016-1026 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 7.6.0.1031 - 360 Security Center)
360云盘 (HKLM-x32\...\360云盘（网盘版）) (Version: 6.5.2.1160 - 360安全中心)
7-PDF Printer 10.10.0.2307 (HKLM\...\7-PDF Printer_is1) (Version: 10.10.0.2307 - 7-PDF, Germany - Th. Hodes)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.3.0 - IObit)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
AOMEI Partition Assistant Pro Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AusweisApp (HKLM-x32\...\{BA6CDB7A-F5D7-4341-99E1-1FF0AAEAF1D8}) (Version: 1.13.0 - OpenLimit SignCubes AG)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
BlackArmor Discovery (HKLM-x32\...\InstallShield_{B52480BF-CCED-4DD4-8DC2-28BB750D703E}) (Version: 1.20.0931.004 - Seagate)
BlackArmor Discovery (x32 Version: 1.20.0931.004 - Seagate) Hidden
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.3.48 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.3.48 - BlackBerry Ltd.) Hidden
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.53.0004 - Brother)
Brother MFL-Pro Suite MFC-9320CW (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.44.0 - Conexant)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.0.20150113 - Landesfinanzdirektion Thüringen)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.65.2 - Lenovo Group Limited)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evernote v. 5.8.12 (HKLM-x32\...\{C5F59C16-1EA5-11E5-AF29-0050569584E9}) (Version: 5.8.12.8127 - Evernote Corp.)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Free Download Manager 3.9.4 (HKU\S-1-5-21-2113504872-800665639-2394083016-1003\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free Screen Video Recorder version 3.0.4.713 (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 3.0.4.713 - DVDVideoSoft Ltd.)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Utilities PRO 4.5 (HKLM-x32\...\Glary Utilities 4) (Version: 4.5.0.89 - Glarysoft Ltd)
GlassWire 1.0 (remove only) (HKLM-x32\...\GlassWire 1.0) (Version: 1.0.67 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoStats ToolBar (HKLM-x32\...\GoStatsToolBar) (Version: 1.0 - GoStats)
GoToMeeting 7.4.1.3770 (HKU\S-1-5-21-2113504872-800665639-2394083016-1003\...\GoToMeeting) (Version: 7.4.1.3770 - CitrixOnline)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.15) (Version: 9.15 - Artifex Software Inc.)
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel(R) Driver Update Utility 2.2 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.0 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.051.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0003 - Lenovo)
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.3.7170 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.77 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.77 - Alliance Software Pty Ltd) Hidden
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Pro Photo Tools (HKLM-x32\...\{A05CF147-BEED-4880-BF9B-4EAF22C77FFD}) (Version: 2.2 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.06.07.40 - Huawei Technologies Co.,Ltd)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA)
PresentationTube Recorder 3.0 (HKLM-x32\...\{91F8441B-E7A7-4513-9D7C-080B643D2FD6}_is1) (Version: 3.0 - PresentationTube)
Rescue and Recovery (HKLM-x32\...\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}) (Version: 4.52.0005.00 - Lenovo Group Limited)
Samsung Connection Manager (HKLM-x32\...\{F3F95061-0427-4386-AB03-1556CBE52927}) (Version: 112.6 - Samsung Electronics)
SCL011 Contactless Reader (HKLM-x32\...\{101A21B2-E102-4F64-A7FA-CEF7182D0E2D}) (Version: 1.01 - SCM Microsystems)
Scribus 1.4.4 (64bit) (HKLM\...\Scribus 1.4.4) (Version: 1.4.4 - The Scribus Team)
Sdrive (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Sdrive) (Version: 1.0.5.0 - Seagate Technology LLC)
Sdrive (HKU\S-1-5-21-2113504872-800665639-2394083016-1003\...\Sdrive) (Version: 1.0.5.0 - Seagate Technology LLC)
Sdrive CBFS (HKLM-x32\...\Sdrive CBFS) (Version: 3.2.107.0 - Seagate Technology LLC)
Seagate BlackArmor Backup 2011 (HKLM-x32\...\{5607090E-B8B1-4E1E-ADA2-426522CED33C}) (Version: 14.0.4076 - Seagate)
Seagate NAS Discovery (HKLM-x32\...\{58053C71-35D9-4F16-9E5A-50C97504B2D0}) (Version: 1.00.0020 - Seagate)
Seagate Network Assistant (HKLM\...\{BA94B525-1469-4E00-AFE4-50ADEB8B3993}_is1) (Version: 1.2.1 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Should I Remove It (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
Site Visualizer Professional 1.5.10 (HKLM-x32\...\Site Visualizer Professional_is1) (Version: 1.5.10 - Elphsoft)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.2 - Synaptics Incorporated)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3200 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Video to Picture (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\VideoToPicture) (Version:  - Watermark Software. All Rights Reserved.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows-Treiberpaket - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI)
Windows-Treiberpaket - FTDI FTDI D2XX (03/21/2011 2.08.14) (HKLM\...\D6BC3CBE8968CB6351105F9D2EEC52CE24F2C99D) (Version: 03/21/2011 2.08.14 - FTDI)
Windows-Treiberpaket - FTDI FTDI VCP (03/20/2011 2.08.14) (HKLM\...\9FCA89337DAC5D4196D98BF2F17E831E1EE83336) (Version: 03/20/2011 2.08.14 - FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI D2XX (05/23/2013 2.08.28) (HKLM\...\7179001CFD2B32971C9902F02EA01225C83D6181) (Version: 05/23/2013 2.08.28 - MPP FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI VCP (05/23/2013 2.08.28) (HKLM\...\1D76E4AE71F40C949254202D92503849C8E9BF6E) (Version: 05/23/2013 2.08.28 - MPP FTDI)
Windows-Treiberpaket - MPP USB CDC Virtual COM Port (05/23/2013 2.0.0) (HKLM\...\66DD18691EC6886B537A726978F65EF1E8D2D83C) (Version: 05/23/2013 2.0.0 - MPP)
Windows-Treiberpaket - MPP USB CDC Virtual COM Port (09/16/2011 1.5.0) (HKLM\...\6D3D1B84986E536339ED6F2B2A381D13597CD69C) (Version: 09/16/2011 1.5.0 - MPP)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2113504872-800665639-2394083016-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\AB\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2113504872-800665639-2394083016-1003_Classes\CLSID\{53B2AC1B-7B81-47FC-8D3B-595CDE21D0BA}\InprocServer32 -> C:\Users\C\AppData\Local\Apps\Evernote\Evernote\EvernoteCCx64.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
CustomCLSID: HKU\S-1-5-21-2113504872-800665639-2394083016-1003_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\C\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2113504872-800665639-2394083016-1003_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\C\AppData\Local\Citrix\GoToMeeting\2759\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2113504872-800665639-2394083016-1003_Classes\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}\InprocServer32 -> C:\Users\C\AppData\Local\Apps\Evernote\Evernote\EvernoteIEx64.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
CustomCLSID: HKU\S-1-5-21-2113504872-800665639-2394083016-1003_Classes\CLSID\{93c503ec-b307-4339-bca2-37fe3b4836e8}\InprocServer32 -> C:\Users\C\AppData\Local\Apps\Evernote\Evernote\EvernoteOLShim64.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Wiederherstellungspunkte =========================

01-11-2015 21:45:09 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-08-15 15:08 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00AD2B19-E0F1-4598-B8F6-FB81D7D0C95B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {0148D66F-4402-478C-981D-4DD1E7CF5046} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {0362078B-8A5D-4076-8502-214291637CA0} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-06-24] (Lenovo Group Limited)
Task: {0624E683-48EA-41D5-81B7-81D8952E5235} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.)
Task: {130F3993-0806-4245-83F5-AAB974269AE6} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2015-03-09] (Lenovo)
Task: {1A697A3F-7917-430D-B209-D18A5C5987F2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {1B340F71-B5C5-4759-9DB2-B3BE418D496F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1E512CAA-8FBA-4F0E-85C2-79FD59D7CD53} - System32\Tasks\GlaryInitialize 4 => C:\Program Files\GlaryUtilitiesPRO44\Glary Utilities 4\Initialize.exe [2014-01-22] (Glarysoft Ltd)
Task: {2BFD8F7E-42D3-430E-9721-328D9DD188EC} - System32\Tasks\Uninstaller_SkipUac_C => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-05-20] (IObit)
Task: {2CA72F58-C84E-4F09-A444-AA58BC6F5262} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2D0C4A97-E354-489C-A4F2-EA05FA4D6E2C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)
Task: {3283DBA3-D400-40B8-86DC-34C1D39EAD21} - System32\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003 => C:\Users\C\AppData\Local\Citrix\GoToMeeting\3770\g2mupdate.exe [2015-10-27] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {3A90E392-8D43-49D1-A73A-B7943A2F9FA0} - System32\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003 => C:\Users\C\AppData\Local\Citrix\GoToMeeting\3770\g2mupload.exe [2015-10-27] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {3B7C0878-617C-45E5-9B2C-1461F461EB0E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {440299AD-80BA-4739-A075-06BE27058FE1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {49441387-1C91-4845-B422-2BACC10D6C3B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {4B78C40C-5D78-4F30-9963-A94C362D6D87} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4D2DEAB9-2143-4FB0-9093-1F4A7F59ACDA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {536C646E-D588-46D9-AF02-87FFB60D9E21} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {53F29ED5-EF5F-4E7C-8C0B-C188DA6E3322} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {590ADF76-CBFF-401E-B894-34FAE8C501D4} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
Task: {5F6F2AE7-A182-45EC-AA27-72BDCBAF4C7C} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-07-06] (IObit)
Task: {621F9089-384B-47E8-9420-D3AF938A0D19} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {63B37499-263F-4C1A-A0AF-C532FF0FD740} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {679FEB60-5999-4ED0-98C5-FD41BCB12A33} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {6D78B99B-D53B-4570-BDDC-68366556BBE0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {7974A3CC-E9BE-4CE7-B79E-E8FE27CDEAD2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7A00FD0C-6E3B-4FE1-88FD-AEEC62130AE8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {7C05B167-F13B-4DBC-86C8-E54838174520} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7CFD924D-D5BF-499A-9445-7D4E964DC927} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {7DA7447B-FD5A-4183-8698-3AA5B7D65527} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-07-06] (IObit)
Task: {7EB4168F-CB7B-42DE-84C1-05DBBA81DE8C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {7EF8B6C1-988C-495E-A807-36331F24251E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {8575E2AE-DECA-4EB3-B00C-4CC443C684AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {8959AC81-35EA-4F1E-870A-7C7B12958103} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {8995E6EC-DC82-4DD3-B523-D21822198A29} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {8F199179-FAAC-4408-8B59-F4CE020CFD69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {90F8D2E3-709F-4949-920E-54CE0D58E009} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {91213A2B-84BF-4386-8404-84D1F803206C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {92E9E2B2-6F53-49E6-BE02-5BE1799B36C8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {98012973-2E04-4626-857F-26C5F2A4C194} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {A014BFD9-8C38-4C83-B26E-FE74FD79476B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {B287132C-5F6F-4ED7-AD73-5C430DFC06D2} - System32\Tasks\ASC8_SkipUac_AB => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-06-16] (IObit)
Task: {B2F6E1B5-78A0-449B-B236-BDA0ACFBDF1F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)
Task: {B318A255-439B-4AB9-B09D-5508CA1B56AB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {B5730A8C-C8C9-4B30-BFA5-9BE87567FF51} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {B637FAD6-DC30-4BF6-85A3-10AE063EDE74} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {BFD0C495-E28E-4FCC-A95C-211BA18C2D50} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C2210B65-E867-42F3-9108-A353D3B75AC8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C289FE81-0197-4192-B24E-4118283698D5} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {C6A65C86-1A8F-4AC6-AB5E-FB7D82F8CA41} - System32\Tasks\GU4SkipUAC => C:\Program Files\GlaryUtilitiesPRO44\Glary Utilities 4\Integrator.exe [2014-01-22] (Glarysoft Ltd)
Task: {D3DE109C-D785-4FF8-B417-9F659A7A01F8} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {D411943A-A66B-4652-99A1-63DC6D014E5E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-07-01] ()
Task: {D58871F7-A51A-4716-B3A9-4C596625278E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {DC2A5D41-AE96-4D70-9C0A-E083019BEA1D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-21] (Adobe Systems Incorporated)
Task: {E503D894-230F-49C4-BAFD-FBA24F8C10CA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {E530BDF8-9011-4771-98C5-049AFF1202DB} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {E63154ED-35A9-45F1-ADAE-DA44BE709F64} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-15] (Microsoft Corporation)
Task: {E7DD67A2-CB44-47E8-BE25-449C6081C644} - System32\Tasks\Opera scheduled Autoupdate 1437039558 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {E8879E5F-A05D-4882-A81B-1CA267E75846} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {EA020356-1BD4-43A0-99D7-C7D95DA69C4D} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => C:\Windows\System32\reg.exe [2015-07-10] (Microsoft Corporation)
Task: {EFF8784A-51A8-43C5-8E2C-D3377894209C} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.)
Task: {F3356CE2-7C78-4E87-9FEC-A1EC844F1D8B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {F44B8F9C-B62D-4994-9A53-27B63E5A21C8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F5BF44D4-6D85-422C-B3C1-26762DC35829} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {F6CC68B8-F092-4D01-8BA7-73EC37CC424F} - System32\Tasks\Driver Booster SkipUAC (AB) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-07-06] (IObit)
Task: {FA17A770-6747-4617-8A41-76CB26706EF8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {FDC2A1A1-A90F-4431-B9D3-38C239B47FA6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003.job => C:\Users\C\AppData\Local\Citrix\GoToMeeting\3770\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003.job => C:\Users\C\AppData\Local\Citrix\GoToMeeting\3770\g2mupload.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-07-31 11:45 - 2015-07-31 11:45 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-01 11:58 - 2015-08-01 11:58 - 00254880 _____ () C:\Windows\System32\iMDriverHelper.dll
2015-08-19 09:55 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-07-09 08:17 - 2014-02-19 13:49 - 00099328 ____N () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
2013-12-12 22:35 - 2005-04-22 13:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2015-07-16 04:45 - 2015-07-16 04:45 - 00105112 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2014-04-18 12:47 - 2012-01-14 07:26 - 00327392 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2015-10-01 08:25 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-07-16 08:32 - 2014-06-24 05:05 - 00117760 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-10-01 08:25 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2012-10-31 19:47 - 2012-10-31 19:47 - 01246768 _____ () C:\Program Files (x86)\Seagate\BlackArmorBackup\tishell64.dll
2015-09-20 12:14 - 2010-09-28 14:56 - 06550136 _____ () C:\Program Files\ipswitch\WS_FTP 12\res0409.dll
2012-10-31 19:48 - 2012-10-31 19:48 - 00139656 _____ () C:\Program Files (x86)\Seagate\BlackArmorBackup\x64\versions_page.dll
2014-08-10 13:27 - 2015-09-21 05:10 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2015-10-01 08:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 08:25 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 08:24 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 08:24 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 08:25 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-07-02 01:28 - 2015-07-02 01:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-07-02 01:28 - 2015-07-02 01:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-12-12 22:35 - 2011-04-01 11:26 - 01163264 ____R () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2015-02-21 11:34 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2014-08-10 13:27 - 2015-09-21 05:10 - 00087672 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2015-10-09 15:48 - 2015-10-09 15:48 - 00335360 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\9c623a02ebfec7b3c6af4e87bf2f9434\Windows.Foundation.ni.dll
2015-02-21 11:34 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-03-14 16:46 - 2014-03-14 16:46 - 00065880 _____ () C:\Program Files (x86)\Lenovo\Access Connections\ACSonyEricssonHlpr.dll
2014-03-14 16:47 - 2014-03-14 16:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2015-10-14 13:05 - 2015-10-14 13:05 - 00246272 _____ () C:\Program Files (x86)\GlassWire\GeoIP.dll
2014-01-06 10:52 - 2014-01-06 10:52 - 03244032 _____ () C:\Users\C\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
2013-12-12 22:35 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-08-10 13:27 - 2015-09-21 05:10 - 00578168 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2015-10-01 08:35 - 2015-10-13 00:33 - 00166416 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-11-08 16:05 - 2015-11-08 16:05 - 00071168 _____ () c:\users\C\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph7kbhj.dll
2015-06-10 09:25 - 2015-09-24 00:07 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-10 09:25 - 2015-09-24 00:07 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 08:27 - 2015-09-24 00:07 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-10 09:25 - 2015-09-24 00:07 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-10-09 10:30 - 2015-09-24 03:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-10-09 10:30 - 2015-09-24 03:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-09-20 12:19 - 2010-09-28 14:53 - 00948496 _____ () C:\Program Files\WS_FTP\LIBEAY32.dll
2015-09-20 12:19 - 2010-09-28 14:53 - 00153360 _____ () C:\Program Files\WS_FTP\SSLEAY32.dll
2015-09-20 12:14 - 2010-09-28 14:56 - 06551672 _____ () C:\Program Files\WS_FTP\res0409.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\0fc720bbb1d23d4e6144ac26d6cbc943:Win32App
AlternateDataStreams: C:\181d51811d12972900:Win32App
AlternateDataStreams: C:\1a3d491a3fb609fccd5b2a:Win32App
AlternateDataStreams: C:\1d616b3cc3d337fa3d9d5f429c8d:Win32App
AlternateDataStreams: C:\400dfc9163dedef140:Win32App
AlternateDataStreams: C:\4e8e44df69bc98bedefb6cc3076f66:Win32App
AlternateDataStreams: C:\5621adaf9345ec36dc5793d7f0c8b1:Win32App
AlternateDataStreams: C:\5dbd9b9f8b378e1ddb958a8902ed:Win32App
AlternateDataStreams: C:\6f42a20f6da31f2fe727b8de721e3f68:Win32App
AlternateDataStreams: C:\88160bad2f871498af:Win32App
AlternateDataStreams: C:\a164d43ba4af8fdde464:Win32App
AlternateDataStreams: C:\a68a4bb77a8537a716161c6e0bfec3:Win32App
AlternateDataStreams: C:\b0d3ae91f65a665f27:Win32App
AlternateDataStreams: C:\b55362dbf3c66fbb753edea4a31e:Win32App
AlternateDataStreams: C:\daf42a1b4cebcadfc29e50:Win32App
AlternateDataStreams: C:\f86f83075e9d7d96e5:Win32App
AlternateDataStreams: C:\wamp:Win32App
AlternateDataStreams: C:\xampp:Win32App
AlternateDataStreams: C:\Program Files\Bonjour:Win32App
AlternateDataStreams: C:\Program Files\CCleaner:Win32App
AlternateDataStreams: C:\Program Files\GIMP 2:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Office:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
AlternateDataStreams: C:\Program Files\Sublime Text 2:Win32App
AlternateDataStreams: C:\Program Files\WinRAR:Win32App
AlternateDataStreams: C:\Program Files\WS_FTP:Win32App
AlternateDataStreams: C:\Program Files (x86)\AOMEI Partition Assistant Pro Edition 5.5:Win32App
AlternateDataStreams: C:\Program Files (x86)\Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\AusweisApp:Win32App
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App
AlternateDataStreams: C:\Program Files (x86)\DVDVideoSoft:Win32App
AlternateDataStreams: C:\Program Files (x86)\ElsterFormular:Win32App
AlternateDataStreams: C:\Program Files (x86)\FFmpeg for Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\FRITZ!Fernzugang einrichten:Win32App
AlternateDataStreams: C:\Program Files (x86)\GoStats:Win32App
AlternateDataStreams: C:\Program Files (x86)\Intel Driver Update Utility:Win32App
AlternateDataStreams: C:\Program Files (x86)\KeePass Password Safe 2:Win32App
AlternateDataStreams: C:\Program Files (x86)\Lame For Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\Lenovo:Win32App
AlternateDataStreams: C:\Program Files (x86)\ Malwarebytes Anti-Malware :Win32App
AlternateDataStreams: C:\Program Files (x86)\Market Samurai:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Pro Photo Tools:Win32App
AlternateDataStreams: C:\Program Files (x86)\MSXML 4.0:Win32App
AlternateDataStreams: C:\Program Files (x86)\Opera:Win32App
AlternateDataStreams: C:\Program Files (x86)\PDF Split And Merge Basic:Win32App
AlternateDataStreams: C:\Program Files (x86)\PresentationTube:Win32App
AlternateDataStreams: C:\Program Files (x86)\Samsung Connection Manager:Win32App
AlternateDataStreams: C:\Program Files (x86)\SCM Microsystems:Win32App
AlternateDataStreams: C:\Program Files (x86)\Sdrive CBFS:Win32App
AlternateDataStreams: C:\Program Files (x86)\Site Visualizer:Win32App
AlternateDataStreams: C:\Program Files (x86)\Webocton - Scriptly:Win32App
AlternateDataStreams: C:\WINDOWS\System32:Win32App
AlternateDataStreams: C:\WINDOWS\SysWOW64:Win32App
AlternateDataStreams: C:\Program Files\Common Files\DESIGNER:Win32App
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App
AlternateDataStreams: C:\Users\C\Downloads\BrAdmin3530004eur.exe:Win32App
AlternateDataStreams: C:\Users\C\AppData\Local\Temp:Win32App
AlternateDataStreams: C:\Users\C\Documents\360 Microsoft Partner.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\9320 Handbuch.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Australien Pass Antrag Nr1300t.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\BeschV - Verordnung über die Beschäftigung von Ausländerinnen und Ausländern.htm:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\BeschV - Verordnung über die Beschäftigung von Ausländerinnen und Ausländern_files:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Betreuungsrecht Patientenverfügg Infos.xps:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Bewertungen:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Bewertungen_myBetreuung24:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\CHIP_eBook_Webdesign_2013.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Diagramm Sprachkenntnisse:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\ebay Problem Anschreiben Acrobat.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\english_user_handbook dreambox 7000s.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Fragebogen:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Google Adwords_Lastschrift_Mandat.JPG:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Google Analytics Datenschutzerklärung.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Handyliga Angebot Tarif m Auszahlg Eplus_3.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Handyliga Angebot Tarif m Auszahlg Eplus_mydealz_4.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Handyliga_Mobilfunk_Vertrag_Tarif_m_Auszahlg_Eplus_3.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Homepage_alt_weebly:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\HTML Lernen.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\HUAWEI R201 Wireless Modem Quick Start-(V100R001_01,German,Vodafone_Germany).pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Hyundai_i30:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Joomla_3.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Logitel_Angebot_S2_Eplus_Mai2014.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Lokale_Allianz_Broschüre:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\NEATO-VACUUM-USER-GUIDE_Europe.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\neato_programmersmanual_20140305.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Partnerschaften Bilder:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Powerpoint myBetreuung24:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\QR Codes:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Rechnungen andere Empfänger:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Software_Seriennummern_LenovoX220_2014Juni05_a.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Software_Seriennummern_LenovoX220_2014Juni05_b.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Solac Bügeleisen Manual.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\stundenweise Betreuer:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Swissvoice_Eurit_748_de_manual.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Talkthisway Vodafone Angebotsseite12_Fussnoten Mai 2014_nur Ausz_anders.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\TL-MR3020_V1_user_guide.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\TL-MR3420_V1_user_guide.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\TL-MR3420_V1_user_guide2.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\TL-MR3420_V2_User_Guide.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\TP-Link-WA850RE_V1_User_Guide_19100.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Vertrag_1860926_notebooksbilliger.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Vodafone InfoDok 548 Selbständige Nachweis.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Vodafone_R201 Manual.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\C\Documents\Vodafone_Smart_4G_UM_DE_0127_Manual.pdf:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2113504872-800665639-2394083016-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: SecurityUtility => 2
MSCONFIG\Services: sfcdpsrv => 2
MSCONFIG\Services: SgtSch2Svc => 2
HKLM\...\StartupApproved\Run: => "Seagate Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "BlackArmorBackupMonitor.exe"
HKLM\...\StartupApproved\Run32: => "RIM PeerManager"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\StartupFolder: => "CarPort Updater.lnk"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "AusweisApp"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_0E3695195675395E5979719587D6866A"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "LaCie Ethernet Agent Startup"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{9BBA8AE2-60B1-449F-B0C8-A8D6EBAC3C3F}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{2DC30472-04D7-4ADA-8A74-39C8911698C2}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{44473BBF-B713-43A1-A601-BC9D714FAA29}C:\program files\ws_ftp\ws_ftp95.exe] => (Allow) C:\program files\ws_ftp\ws_ftp95.exe
FirewallRules: [TCP Query User{1486917C-13A9-495C-82ED-0B1F8E62E679}C:\program files\ws_ftp\ws_ftp95.exe] => (Allow) C:\program files\ws_ftp\ws_ftp95.exe
FirewallRules: [UDP Query User{A55812BB-7AFA-4D1B-A484-CE74A1E804EF}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [TCP Query User{9595CBB4-343A-4D15-8366-10A23B8553E4}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{5F356977-FC1D-45BE-ADF5-CD1E1CC761C2}C:\users\C\appdata\roaming\steganos\okayfreedom\proxy\node.exe] => (Block) C:\users\C\appdata\roaming\steganos\okayfreedom\proxy\node.exe
FirewallRules: [TCP Query User{D2C89F43-D2A6-480D-8BC3-267860D1D87A}C:\users\C\appdata\roaming\steganos\okayfreedom\proxy\node.exe] => (Block) C:\users\C\appdata\roaming\steganos\okayfreedom\proxy\node.exe
FirewallRules: [UDP Query User{4AF61F39-F381-4E2A-BB09-B34C8AB205DA}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{CB0EED64-A004-4C48-9B8E-6526166A5B93}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{B6373BC7-A281-4528-AD15-66C3F8979FC9}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{87DBBACD-307C-476F-AA5D-0624A9051D9B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{148006AD-B1B5-41CA-90B0-5651463E56AA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{88B55584-C3ED-494B-9B6B-BC7FE27DA9BD}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{27E23C90-D868-4387-B1CF-418198D8BEA3}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{C6AFF9DE-EAF1-4834-8BF5-2C430DB942E6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [UDP Query User{1812A506-E2D1-43A5-8842-8AA03E180609}C:\program files (x86)\tv-plug-in\tv-plug-in.exe] => (Allow) C:\program files (x86)\tv-plug-in\tv-plug-in.exe
FirewallRules: [TCP Query User{D5E32BC0-87CE-4FB9-A635-0945D1804111}C:\program files (x86)\tv-plug-in\tv-plug-in.exe] => (Allow) C:\program files (x86)\tv-plug-in\tv-plug-in.exe
FirewallRules: [UDP Query User{0177E90C-3D40-481F-B475-0960A015FA60}C:\users\C\appdata\roaming\sdrive\sdrive.exe] => (Allow) C:\users\C\appdata\roaming\sdrive\sdrive.exe
FirewallRules: [TCP Query User{978A4F66-BA03-41FD-93C4-45654DFDB4AD}C:\users\C\appdata\roaming\sdrive\sdrive.exe] => (Allow) C:\users\C\appdata\roaming\sdrive\sdrive.exe
FirewallRules: [{B584D037-D8A2-45EB-A17A-3EF00B205025}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6001E6A-70AB-4647-8DEF-845F3AB63954}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{0AD2DE51-673C-4785-884B-A4A0BFA5B062}C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe] => (Allow) C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe
FirewallRules: [TCP Query User{A0C4CFD6-4C52-481F-88ED-62F789FF8646}C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe] => (Allow) C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe
FirewallRules: [UDP Query User{996D0991-B32A-48F4-9946-CBC07A584725}C:\program files (x86)\qvodplayer\qvodterminal.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodterminal.exe
FirewallRules: [TCP Query User{BF6AD162-6056-4BF4-8762-F00688DFE3E2}C:\program files (x86)\qvodplayer\qvodterminal.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodterminal.exe
FirewallRules: [UDP Query User{D90D7391-3B27-4409-A9ED-1E254B1E95C7}C:\program files (x86)\qvodplayer\qvodplayer.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodplayer.exe
FirewallRules: [TCP Query User{87327AC1-AE7C-4DF1-8454-CE715CB1ECEE}C:\program files (x86)\qvodplayer\qvodplayer.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodplayer.exe
FirewallRules: [{4FDCFC07-427E-4AFD-9038-1854B3CB7C7C}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
FirewallRules: [{9F2DC1DA-D58F-4BBA-9E45-F9CF4733332C}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{C22272E4-BDCA-4A7C-8485-994A7A37620F}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{1B3E4BC4-34D8-4742-BED9-39C139DC30C4}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{341B0FCC-9200-4E26-A9D8-3C2D89772815}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{17D47B71-5D2D-4EB0-BF62-B3C10C3D9DDD}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{DF89E086-8385-408A-B94C-7153CFA39D2C}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{84C54662-6DD3-42D6-84A6-E24AB39DBA55}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{BCF06202-BC1E-4360-912E-EC79D30AE8DB}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{087FB769-BBB0-421D-AA54-462BE5B79B23}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{6293A7D5-710F-4314-A564-5B73F50582CF}] => (Allow) C:\Program Files\360\360safe\safemon\360tray.exe
FirewallRules: [{8A96FC18-B82D-4213-83B9-8F647DC37291}] => (Allow) C:\Program Files\360\360safe\safemon\360tray.exe
FirewallRules: [{2156BC52-7064-4614-83C9-2505C924CB04}] => (Allow) C:\Program Files\360\360sd\LiveUpdate360.exe
FirewallRules: [{05BBB824-B26A-4842-8354-D0374390E800}] => (Allow) C:\Program Files\360\360sd\LiveUpdate360.exe
FirewallRules: [UDP Query User{4BD5EE3C-6FE5-4B45-AC0F-2D87D651254E}C:\program files\360\360sd\360sdupd.exe] => (Allow) C:\program files\360\360sd\360sdupd.exe
FirewallRules: [TCP Query User{49796A0B-5A06-4927-AFDA-00E20337CAC3}C:\program files\360\360sd\360sdupd.exe] => (Allow) C:\program files\360\360sd\360sdupd.exe
FirewallRules: [{FF1808AD-B053-4289-BA1B-F4B3B95F8E97}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\bradminv3.exe
FirewallRules: [{558D5CFA-8A46-4C7C-AA6F-17EA8A0FE65E}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\bradminv3.exe
FirewallRules: [{43FF7CED-A6C4-4093-835A-014F5B71A3B1}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\auditorserver.exe
FirewallRules: [{16207232-F07B-446E-A39A-74B79DE5073B}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\auditorserver.exe
FirewallRules: [{FD327DCF-DD98-4467-AB91-AF29EC77D33C}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\discover.exe
FirewallRules: [{C65E9A02-A784-42CE-81CA-0CE97B7ADD45}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\discover.exe
FirewallRules: [UDP Query User{7925891A-1A80-4FE3-BD3A-9C681C833E2E}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe
FirewallRules: [TCP Query User{475B49EB-89EF-4512-AC1A-A661533109BF}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe
FirewallRules: [UDP Query User{6E9B9D91-82A2-428E-B90F-45005D9AAFE4}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe
FirewallRules: [TCP Query User{1A437E71-1C68-44E9-A07C-BCDB388811B0}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe
FirewallRules: [UDP Query User{63344FA5-0F1C-49A1-A424-F3037397870A}C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe] => (Allow) C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe
FirewallRules: [TCP Query User{F64D5CDF-3655-4330-815B-A0C3839E9A67}C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe] => (Allow) C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe
FirewallRules: [{B1099C3F-8A75-4952-A7E3-28F285AE0442}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{C250B50A-1723-492E-9E82-528F02CA24C0}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{ED6320A1-FC5E-44F7-9980-23F89461D91E}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{5B50FA54-3065-434E-8020-D8DC1936E030}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{3574FA20-5283-48EE-ACE9-A0AE2F4AF7B6}] => (Allow) C:\Program Files (x86)\360\360safe\LiveUpdate360.exe
FirewallRules: [{E29AADEC-F301-4866-A62C-F4330132D234}] => (Allow) C:\Program Files (x86)\360\360safe\LiveUpdate360.exe
FirewallRules: [{E90687C9-7CB6-4042-9B88-D417DDD37B86}] => (Allow) C:\Program Files (x86)\360\360safe\safemon\360Tray.exe
FirewallRules: [{9F8265C1-492D-4248-9AAD-339CBE71E2EB}] => (Allow) C:\Program Files (x86)\360\360safe\safemon\360Tray.exe
FirewallRules: [UDP Query User{CFABE5E4-7DA7-452E-A947-AC35B7A64F76}C:\users\C\downloads\dreamenum_0.90.exe] => (Allow) C:\users\C\downloads\dreamenum_0.90.exe
FirewallRules: [TCP Query User{15DE7B35-7260-4D0E-AA87-45534A109853}C:\users\C\downloads\dreamenum_0.90.exe] => (Allow) C:\users\C\downloads\dreamenum_0.90.exe
FirewallRules: [{CE2DD3F1-AC25-4C30-8D81-513723A0E446}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3AC7EDE9-D866-4EA9-BCDA-8EE950A48300}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{91074F9C-F99F-4F08-90E2-1BA24C48BA5C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{515B5274-509E-446C-930D-8323ACD02BC6}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{2A169989-3363-4078-B08F-63B69794EF12}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{334E196A-6A82-4DB0-BA4F-318F9E197AD9}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{0C9FB088-6313-45C5-9312-89768CF28248}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{80DA1EC3-39CF-4DDF-9924-61F3217B8309}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{525D6422-21EF-4828-BEBA-A9D35A021E83}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{C26560F8-2BA2-4B79-A9B4-2DAA961BBA85}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{7C690FEE-473D-48DD-A3E4-3EDF654978D9}] => (Allow) C:\Program Files (x86)\Bzeek\bzeek.exe
FirewallRules: [{44CEA248-5B11-469E-B560-1108C64709D7}] => (Allow) C:\Program Files (x86)\Bzeek\bzeek.exe
FirewallRules: [{0BF2FC45-FCB6-4BEF-BA5E-473AFF3260A6}] => (Allow) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{934CE094-D316-4221-BA19-C2DD50E69315}] => (Allow) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{2FAE4540-5DA7-4778-A99F-29193705FE87}] => (Allow) LPort=54925
FirewallRules: [{B5801201-1FB0-42FF-9A45-32203A0786CD}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{02471316-AD65-401F-AF62-4006C171B5BE}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{CE58AE7F-28D8-465A-B3D2-085716D53DD0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{73D3B00E-AC67-414F-943E-4335CB44AAFB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{EF914F2D-8950-40E2-AD76-F29511D2F58E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{412381B7-96BC-4CE9-AA4F-3F3A56351093}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B94DC76A-4C20-4FD9-9D11-093834BBDF9F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{E12DC2BD-D958-4FCA-B79F-51E465336F18}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{598534A9-DEFF-4BA8-B05D-0FD09EDF3E38}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{9508EE5F-46ED-4FDB-9B3A-6F4A92F5F5FA}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{ED6F5BE4-CF9D-40B0-8690-CEC0C590A00B}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{A8E07665-29AE-4C62-AAA8-4CD1AE875D2D}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{DE2506F9-3B44-4A55-89E9-CAAEAF8D20D3}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{8AB7E137-ECBA-4721-B0F0-C5880B517AFB}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{4CECD0F0-ABBE-4064-B0A8-D8086EA20A06}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB-xHCI-kompatibler Hostcontroller
Description: USB-xHCI-kompatibler Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generischer USB-xHCI-Hostcontroller
Service: USBXHCI
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft Hosted Network Virtual Adapter
Description: Von Microsoft gehosteter, virtueller Netzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/08/2015 04:05:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LenovoX220)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/08/2015 03:19:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm DriverBooster.exe, Version 2.4.0.19 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 41c8

Startzeit: 01d11a2e3fb447fb

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

Berichts-ID: c674818b-8623-11e5-9beb-7ce9d3baac23

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/07/2015 06:19:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7072109

Error: (11/07/2015 06:19:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7072109

Error: (11/07/2015 06:19:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/07/2015 06:19:43 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7072031

Error: (11/07/2015 06:19:43 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7072031

Error: (11/07/2015 06:19:43 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/07/2015 04:21:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LenovoX220)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/07/2015 04:16:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Meino2StoreApplication.exe, Version: 1.0.5408.17409, Zeitstempel: 0x54476d73
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x079da336
ID des fehlerhaften Prozesses: 0x3914
Startzeit der fehlerhaften Anwendung: 0xMeino2StoreApplication.exe0
Pfad der fehlerhaften Anwendung: Meino2StoreApplication.exe1
Pfad des fehlerhaften Moduls: Meino2StoreApplication.exe2
Berichtskennung: Meino2StoreApplication.exe3
Vollständiger Name des fehlerhaften Pakets: Meino2StoreApplication.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Meino2StoreApplication.exe5


Systemfehler:
=============
Error: (11/08/2015 04:05:07 PM) (Source: DCOM) (EventID: 10001) (User: LenovoX220)
Description: "C:\WINDOWS\System32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider31Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProviderNicht verfügbarNicht verfügbar

Error: (11/08/2015 04:05:05 PM) (Source: DCOM) (EventID: 10010) (User: LenovoX220)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (11/08/2015 04:05:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session26" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/08/2015 04:05:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session26" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/08/2015 04:05:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session26" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/08/2015 04:05:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session26" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/08/2015 04:04:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bzeek Uninstall Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/08/2015 03:17:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TVT Backup Service erreicht.

Error: (11/08/2015 02:58:36 PM) (Source: DCOM) (EventID: 10016) (User: LenovoX220)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}LenovoX220CS-1-5-21-2113504872-800665639-2394083016-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/08/2015 02:50:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session25" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-10-15 12:20:40.723
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-15 12:20:40.686
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-15 12:20:40.633
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-15 12:20:40.546
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-15 12:20:40.519
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-15 12:20:40.493
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-15 12:20:39.352
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-15 12:20:39.147
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-15 12:16:43.842
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-15 12:16:43.797
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8075.23 MB
Verfügbarer physikalischer RAM: 4771.99 MB
Summe virtueller Speicher: 16267.23 MB
Verfügbarer virtueller Speicher: 12643.03 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:136.88 GB) (Free:66.14 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.28 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Lenovo_Recovery) (Fixed) (Total:10.99 GB) (Free:1.83 GB) NTFS
Drive f: (SONYCAMERA) (Fixed) (Total:3.72 GB) (Free:3.66 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: B0B007CB)
Partition 1: (Not Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=136.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: DDD41A57)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

Achja - obige Suchen mit Farbar Tool habe ich im Account mit eingeschränkten Rechten gemacht, Bzeek wurde mir vorher angezeigt als ich als Admin angemeldet war .. falls das von Belang ist ..im Taskmanager wird er nur als aktiv angezeigt im Admin Konto ..

schrauber · 08.11.2015, 20:44

Zitat:

Achja - obige Suchen mit Farbar Tool habe ich im Account mit eingeschränkten Rechten gemacht

Die fragwürdige Datei kommt nur beim Admin, und trotzdem machst du den scan nicht aus dem betroffenen Konto?

hardyxy9 · 08.11.2015, 20:59

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Muster Man (Administrator) auf LENOVOX220 (08-11-2015 20:52:48)
Gestartet von C:\Users\Solitar\Downloads
Geladene Profile: Muster Man (Verfügbare Profile: Muster Man & Solitar)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
() C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(360.cn) C:\Program Files (x86)\360\360WangPan\360WangPan.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Connection Manager\ModemPnPService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Ipswitch) C:\Program Files\WS_FTP\WsftpCOMHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395744 2012-10-31] ()
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [164032 2015-08-23] (Synaptics)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-08-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2011-04-01] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Blackcomb] => C:\Program Files (x86)\Samsung Connection Manager\ModemPnPService.exe [131072 2011-02-11] (Samsung Electronics.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlackArmorBackupMonitor.exe] => C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe [5584616 2012-10-31] ()
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [300152 2015-09-21] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4493824 2014-05-07] (Research In Motion Limited)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2720144 2015-08-09] (Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [AusweisApp] => C:\Program Files (x86)\AusweisApp\siqBootLoader.exe [2518656 2014-01-24] (OpenLimit SignCubes AG)
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [360cloud] => C:\Program Files (x86)\360\360WangPan\360WangPan.exe [14519920 2015-06-03] (360.cn)
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [LaCie Ethernet Agent Startup] => C:\Program Files\Seagate\Network Assistant\Seagate Network Assistant.exe [8857600 2014-03-18] (Seagate SA)
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\Solitar D�ll\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Muster Man\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\Solitar D�ll\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Muster Man\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\Solitar D�ll\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Muster Man\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\Solitar D�ll\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Muster Man\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
AppInit_DLLs: C:\ProgramData\SecurityUtility\SecurityUtility64.dll => Keine Datei
Lsa: [Notification Packages] scecli ACGina
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {A786E080-E576-469D-8A39-E1CF47517117} => C:\Windows\System32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DownloadIcon] -> {A8502600-B272-4F68-A67B-A0305D46D298} => C:\ProgramData\QvodPlayer\QvodExtend\5.0.100.0\QvodExtend_x64.dll [2014-08-25] (Shenzhen QVOD Technology Co.,Ltd)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {A786E080-E576-469D-8A39-E1CF47517117} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [DownloadIcon] -> {A8502600-B272-4F68-A67B-A0305D46D297} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\Users\Muster Man\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CarPort Updater.lnk [2015-06-21]
ShortcutTarget: CarPort Updater.lnk -> C:\Program Files (x86)\CarPort\CarPort.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [.DEFAULT] => hxxp://127.0.0.1:8445/okf.pac
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{138a9c8a-a3fa-4776-8f5d-14a9c23ae785}: [NameServer] 212.23.115.132 212.23.115.150
Tcpip\..\Interfaces\{b4f3ccec-8901-4d39-910c-eb142d04fd1b}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c647e28a-b5a7-48eb-9966-19bb73eb627d}: [NameServer] 193.189.244.206 193.189.244.225

Internet Explorer:
==================
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.hao123.com/?tn=97023167_hao_pg
SearchScopes: HKLM -> DefaultScope {7BC7A817-5540-4FD0-9D36-37C2AF2DCBE1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {7BC7A817-5540-4FD0-9D36-37C2AF2DCBE1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> DefaultScope {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=33059180_oem_dg&ch=33
SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> {7BC7A817-5540-4FD0-9D36-37C2AF2DCBE1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=33059180_oem_dg&ch=33
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: QvodExtend -> {A8502600-B272-4F68-A67B-A0305D46D298} -> C:\ProgramData\QvodPlayer\QvodExtend\5.0.100.0\QvodExtend_x64.dll [2014-08-25] (Shenzhen QVOD Technology Co.,Ltd)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2015-09-21] (Qihu 360 Software Co., Ltd.)
BHO: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE64.ols [2014-04-11] (OpenLimit SignCubes AG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2015-08-10] (Qihu 360 Software Co., Ltd.)
BHO-x32: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE32.ols [2014-04-11] (OpenLimit SignCubes AG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
Toolbar: HKLM-x32 - &GO Stats - {3D98AD1A-707C-4FA7-AE98-C4039B8231EB} - C:\Program Files (x86)\GoStats\GoStatsBar.dll [2005-08-07] ()
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Muster Man\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @qvod.com/QvodShare -> C:\Program Files (x86)\QvodPlayer\npShareModule_x64.dll [2014-06-24] (Shenzhen QVOD Technology Co.,Ltd)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014-05-07] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Muster Man\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default\user.js [2015-10-09]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Muster Man\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default\Extensions\iobitascsurfingprotection@iobit.com [2015-06-23] [ist nicht signiert]
FF Extension: AusweisApp - C:\Program Files (x86)\AusweisApp\mozilla\eCardClientPIn_FFxx_Win [2014-05-20] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\Muster Man\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Muster Man\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Muster Man\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-20]
CHR Extension: (Lavasoft NewTab) - C:\Users\Muster Man\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2015-09-20]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-09-03]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2015-07-31] (Broadcom Corporation.)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [Datei ist nicht signiert]
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [99328 2014-02-19] () [Datei ist nicht signiert]
S2 bzeekuninstallsvc; C:\Program Files (x86)\Bzeek\bzeek.exe [4985056 2012-06-24] (BzeekLand LTD.) [Datei ist nicht signiert]
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320560 2014-06-24] (Lenovo.)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [8910336 2015-10-14] (SecureMix LLC)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [35784 2015-10-22] (Lenovo Group Limited)
S4 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-31] (Microsoft Corporation)
S2 OneSyncSvc_Session29; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
S2 OneSyncSvc_Session29; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_Session29; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_Session29; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [859768 2015-09-21] (QIHU 360 SOFTWARE CO. LIMITED)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [Datei ist nicht signiert]
S2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [Datei ist nicht signiert]
S4 sfcdpsrv; C:\Program Files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe [3246040 2014-07-05] (Acronis)
S4 SgtSch2Svc; C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [1114688 2012-10-31] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22008 2015-07-01] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-08-23] (Synaptics Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] ()
S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [Datei ist nicht signiert]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1526120 2013-09-25] (Lenovo Group Limited)
S3 UnistoreSvc_Session29; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc_Session29; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc_Session29; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc_Session29; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-31] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-31] (Microsoft Corporation)
S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [Datei ist nicht signiert]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-01-14] ()

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137296 2015-07-23] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-09-21] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-09-21] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-08-01] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [363088 2015-07-23] (360.cn)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21600 2013-03-14] (Advanced Micro Devices, Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] ()
S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-11-29] ()
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178768 2015-08-10] (360.cn)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-07-31] (Broadcom Corporation.)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17088 2014-01-22] (Glarysoft Ltd)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R3 cmnuusbser; C:\Windows\system32\DRIVERS\cmnuusbser.sys [123904 2014-04-18] (Wireless Device)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c65x64.sys [471312 2015-07-31] (Intel Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2014-11-10] (IObit)
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-27] (REALiX(tm))
R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-08] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-31] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-08-15] (Intel Corporation)
S3 PGRUSB; C:\Windows\System32\DRIVERS\PGRXHCI.sys [123392 2013-12-18] (Point Grey Research)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-08-23] (Synaptics Incorporated)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)
R3 Tvti2c; C:\Windows\system32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2014-11-10] (IObit.com)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [284912 2014-04-25] (Ericsson AB)
S3 XHCIdrv; C:\Windows\System32\DRIVERS\XHCIdrv.sys [119720 2013-10-24] (Windows (R) Win 7 DDK provider)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-08 20:51 - 2015-11-08 20:51 - 00016148 _____ C:\WINDOWS\system32\LENOVOX220_Solitar_HistoryPrediction.bin
2015-11-08 20:51 - 2015-11-08 20:51 - 00016148 _____ C:\WINDOWS\system32\LENOVOX220_Muster Man_HistoryPrediction.bin
2015-11-08 18:14 - 2015-11-08 18:14 - 00077075 _____ C:\Users\Solitar\Downloads\Addition2.txt
2015-11-08 18:13 - 2015-11-08 18:13 - 00061355 _____ C:\Users\Solitar\Downloads\FRST2.txt
2015-11-08 16:17 - 2015-11-08 16:17 - 00076565 _____ C:\Users\Solitar\Downloads\Addition1.txt
2015-11-08 16:16 - 2015-11-08 16:16 - 00060699 _____ C:\Users\Solitar\Downloads\FRST1.txt
2015-11-08 16:13 - 2015-11-08 16:13 - 00077093 _____ C:\Users\Solitar\Downloads\Addition.txt
2015-11-08 16:12 - 2015-11-08 20:52 - 00032631 _____ C:\Users\Solitar\Downloads\FRST.txt
2015-11-08 16:12 - 2015-11-08 20:52 - 00000000 ____D C:\FRST
2015-11-08 16:11 - 2015-11-08 16:12 - 02198528 _____ (Farbar) C:\Users\Solitar\Downloads\FRST64.exe
2015-11-07 11:55 - 2015-11-07 11:55 - 00481133 _____ C:\Users\Solitar\Downloads\FRITZ.Box 7490 113.06.30_07.11.15_1155.export
2015-11-06 13:41 - 2015-11-06 13:41 - 00000000 ____D C:\Users\Muster Man\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire
2015-11-06 13:41 - 2015-11-06 13:41 - 00000000 ____D C:\Users\Muster Man\AppData\Local\GlassWire
2015-11-06 13:41 - 2015-11-06 13:41 - 00000000 ____D C:\ProgramData\GlassWire
2015-11-06 13:41 - 2015-05-29 05:30 - 00008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2015-11-06 13:41 - 2015-05-29 05:15 - 00033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2015-11-06 13:40 - 2015-11-06 13:41 - 00000000 ____D C:\Program Files (x86)\GlassWire
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\Users\Solitar\Downloads\BrAdmin3530004eur.exe
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\f86f83075e9d7d96e5
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\daf42a1b4cebcadfc29e50
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\b55362dbf3c66fbb753edea4a31e
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\b0d3ae91f65a665f27
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\a68a4bb77a8537a716161c6e0bfec3
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\a164d43ba4af8fdde464
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\88160bad2f871498af
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\6f42a20f6da31f2fe727b8de721e3f68
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\5dbd9b9f8b378e1ddb958a8902ed
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\5621adaf9345ec36dc5793d7f0c8b1
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\4e8e44df69bc98bedefb6cc3076f66
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\400dfc9163dedef140
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\1d616b3cc3d337fa3d9d5f429c8d
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\1a3d491a3fb609fccd5b2a
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\181d51811d12972900
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\0fc720bbb1d23d4e6144ac26d6cbc943
2015-11-04 14:13 - 2015-11-04 14:15 - 210676352 _____ C:\Users\Solitar\Downloads\IntelDataMigrationSoftware_15056_de-DE.exe
2015-11-04 13:57 - 2015-11-04 13:58 - 132880840 _____ (SanDisk Corporation) C:\Users\Solitar\Downloads\SanDiskSSDDashboardSetup_1.4.1.exe
2015-11-04 11:32 - 2015-11-04 11:36 - 416418064 _____ C:\Users\Solitar\Downloads\Paragon_Backup_and_Recovery_14_free_ger.exe
2015-11-03 21:51 - 2015-11-03 21:51 - 10812008 _____ (Dovado Europe AB) C:\Users\Solitar\Downloads\TINY_7_3_11.exe
2015-11-01 00:28 - 2015-11-01 00:28 - 00000000 ____D C:\Users\Muster Man\AppData\Roaming\360TotalSecurity
2015-10-27 22:56 - 2015-10-27 22:56 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
2015-10-27 22:56 - 2015-10-27 22:56 - 00001000 _____ C:\Users\Public\Desktop\Market Samurai.lnk
2015-10-27 22:56 - 2015-10-27 22:56 - 00000000 ____D C:\Program Files (x86)\Market Samurai
2015-10-26 10:23 - 2015-10-26 10:23 - 13921385 _____ C:\Users\Solitar\Downloads\beurteilungfrauprzbylskarechnung.zip
2015-10-25 09:19 - 2015-10-25 09:19 - 00000896 _____ C:\Users\Solitar\Downloads\EVN_R2015001585856.txt
2015-10-24 21:58 - 2015-10-24 21:58 - 00000048 _____ C:\Users\Solitar\Downloads\video.m3u
2015-10-23 10:25 - 2015-10-23 10:26 - 00513004 _____ C:\Users\Solitar\Downloads\Sauer_Anrufbeantworter.wav
2015-10-23 10:15 - 2015-10-23 10:15 - 00051302 _____ C:\Users\Solitar\Downloads\Sauer_Anrufbeantworter.amr
2015-10-21 16:01 - 2015-10-21 16:01 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\360Game
2015-10-20 10:18 - 2015-10-20 10:18 - 00000112 _____ C:\WINDOWS\system32\snetcfg.log
2015-10-16 21:23 - 2015-10-16 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-15 10:17 - 2015-10-15 10:17 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-10-15 10:13 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-15 10:13 - 2015-10-10 07:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-15 10:13 - 2015-10-10 07:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-15 10:13 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-15 10:13 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-15 10:13 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-15 10:13 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-15 10:13 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-15 10:13 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-15 10:13 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-15 10:13 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-15 10:13 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-15 10:13 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-15 10:13 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-15 10:13 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-15 10:13 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-15 10:13 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-15 10:13 - 2015-09-25 04:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-15 10:13 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-15 10:13 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-15 10:13 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-15 10:13 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-15 10:13 - 2015-09-25 04:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-15 10:13 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-15 10:13 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-15 10:13 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-15 10:13 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-15 10:13 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-15 10:13 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-15 10:13 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-15 10:13 - 2015-09-25 04:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-15 10:13 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-15 10:13 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-15 10:13 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-15 10:13 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-15 10:13 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-15 10:13 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-15 10:13 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-15 10:13 - 2015-09-25 03:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-15 10:13 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-15 10:13 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-15 10:13 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-15 10:13 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-15 10:13 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-15 10:13 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-15 10:13 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-15 10:13 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-15 10:13 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-15 10:13 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-15 10:08 - 2015-10-15 10:09 - 40102072 _____ (Microsoft Corporation) C:\Users\Solitar\Downloads\vstor_redist.exe
2015-10-14 09:25 - 2015-10-14 09:25 - 00033652 _____ C:\Users\Solitar\Downloads\Treumann_Faxspam1.tif
2015-10-14 09:24 - 2015-10-14 09:24 - 00045376 _____ C:\Users\Solitar\Downloads\Boch_FaxSpam3.tif
2015-10-12 13:17 - 2015-10-12 13:19 - 00000000 ____D C:\Users\Solitar\Downloads\seniorenschwabach
2015-10-12 13:17 - 2015-10-12 13:17 - 00868607 _____ C:\Users\Solitar\Downloads\seniorenschwabach.zip
2015-10-10 21:30 - 2015-10-10 21:30 - 00923237 _____ C:\Users\Solitar\Downloads\GoStatsToolbar.zip
2015-10-10 21:30 - 2015-10-10 21:30 - 00000000 ____D C:\Users\Solitar\Downloads\GoStatsToolbar
2015-10-10 08:54 - 2015-10-10 08:54 - 00045387 _____ C:\Users\Solitar\Downloads\Boch_FaxSpam2.tif
2015-10-09 11:01 - 2015-10-25 15:29 - 00004056 _____ C:\WINDOWS\PFRO.log
2015-10-09 10:41 - 2015-11-08 17:29 - 00015596 _____ C:\WINDOWS\setupact.log
2015-10-09 10:41 - 2015-10-09 10:41 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-09 10:30 - 2015-10-09 10:30 - 00929872 _____ (Google Inc.) C:\Users\Muster Man\Downloads\ChromeSetup.exe
2015-10-09 10:26 - 2015-10-09 10:26 - 91987968 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2015-10-09 10:26 - 2015-10-09 10:26 - 00356352 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2015-10-09 10:26 - 2015-10-09 10:26 - 00073728 _____ C:\WINDOWS\system32\config\SAM.iobit
2015-10-09 10:26 - 2015-10-09 10:26 - 00032768 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2015-10-09 10:08 - 2015-10-09 10:08 - 00041472 _____ C:\Users\Solitar\Downloads\launcher64.dll
2015-10-09 10:07 - 2015-10-09 10:07 - 00663768 _____ (Copyright © 2010 eSupport.com. All Rights Reserved.) C:\Users\Solitar\Downloads\biosagentplus_40.exe
2015-10-09 10:07 - 2015-10-09 10:07 - 00022200 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2015-10-09 10:07 - 2015-10-09 10:07 - 00000000 ____D C:\Users\Muster Man\AppData\Local\eSupport.com
2015-10-09 09:49 - 2015-10-09 09:49 - 00000000 ____D C:\Users\Solitar\Downloads\Sonderheft_Win10_XXL_11_2015
2015-10-09 09:48 - 2015-10-09 09:48 - 32826621 _____ C:\Users\Solitar\Downloads\SH_Win10_XXL_11_2015.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-08 20:52 - 2015-07-17 10:38 - 00000692 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003.job
2015-11-08 20:52 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-08 20:51 - 2015-07-31 11:07 - 00000000 ___RD C:\Users\Solitar\OneDrive
2015-11-08 20:51 - 2015-06-21 12:40 - 00000000 ___RD C:\Users\Muster Man\Dropbox
2015-11-08 20:51 - 2015-06-10 09:25 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-08 20:51 - 2015-06-10 09:25 - 00000000 ____D C:\Users\Muster Man\AppData\Local\Dropbox
2015-11-08 20:51 - 2015-05-20 22:33 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\KeePass
2015-11-08 20:51 - 2014-06-17 20:34 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-08 20:38 - 2015-06-10 09:25 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-08 20:33 - 2015-07-17 10:38 - 00000596 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003.job
2015-11-08 20:03 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-08 18:43 - 2015-07-31 10:52 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-08 18:43 - 2015-07-10 17:34 - 00884838 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-08 18:43 - 2015-07-10 17:34 - 00195936 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-08 17:11 - 2014-06-19 09:43 - 00000000 ____D C:\Users\Solitar\AppData\LocalLow\360WD
2015-11-08 17:00 - 2013-12-12 21:09 - 00000000 ___RD C:\Users\Solitar\Dropbox
2015-11-08 17:00 - 2013-12-12 21:07 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\Dropbox
2015-11-08 16:06 - 2015-08-16 14:50 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CDC91857-6445-4164-AA74-16D99DDC4E7A}
2015-11-08 15:23 - 2015-08-18 21:03 - 00125440 ___SH C:\Users\Solitar\Downloads\Thumbs.db
2015-11-08 15:05 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-08 15:02 - 2014-08-10 12:10 - 00000000 ____D C:\Users\Muster Man\AppData\LocalLow\360WD
2015-11-08 14:45 - 2014-12-25 18:37 - 00000000 ____D C:\ProgramData\ProductData
2015-11-07 18:22 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-06 13:48 - 2015-04-20 16:52 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-06 13:48 - 2014-12-25 18:37 - 00002534 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scan
2015-11-06 13:48 - 2014-12-25 18:37 - 00002486 _____ C:\WINDOWS\System32\Tasks\Driver Booster Update
2015-11-06 13:40 - 2014-08-10 15:05 - 00000000 ____D C:\Users\Muster Man\AppData\Roaming\360safe
2015-11-06 13:39 - 2015-07-31 14:04 - 00002415 _____ C:\Users\Muster Man\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-06 13:39 - 2015-07-31 14:04 - 00000000 ___RD C:\Users\Muster Man\OneDrive
2015-11-05 13:27 - 2013-12-12 13:14 - 00000000 ____D C:\ProgramData\Lenovo
2015-11-03 22:20 - 2014-04-18 12:47 - 00000000 ____D C:\Users\Muster Man\AppData\Roaming\XSManager
2015-11-03 19:52 - 2015-07-31 11:07 - 00002400 _____ C:\Users\Solitar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-02 00:28 - 2015-07-31 10:53 - 00000000 ____D C:\Users\Solitar
2015-11-01 21:50 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-01 21:32 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-01 00:31 - 2015-08-09 23:46 - 00000000 ____D C:\Users\Muster Man\AppData\Roaming\Skype
2015-11-01 00:31 - 2015-07-31 11:48 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-01 00:31 - 2015-07-16 10:39 - 00003378 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1437039558
2015-10-31 15:09 - 2015-04-20 16:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-31 14:55 - 2015-07-16 10:38 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-29 14:29 - 2013-12-12 22:35 - 00000789 _____ C:\WINDOWS\BRWMARK.INI
2015-10-28 12:06 - 2014-06-18 09:35 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\360CloudUI
2015-10-27 14:33 - 2015-07-17 10:38 - 00003854 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003
2015-10-27 14:33 - 2015-07-17 10:38 - 00003758 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003
2015-10-26 10:10 - 2013-12-26 18:31 - 00000000 ____D C:\Users\Solitar\AppData\Local\Lenovo
2015-10-25 15:30 - 2014-06-20 08:58 - 00000000 _RSHD C:\360SANDBOX
2015-10-23 10:34 - 2014-11-13 16:21 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\Audacity
2015-10-23 09:50 - 2014-08-30 08:43 - 00000000 __SHD C:\ProgramData\360Quarant
2015-10-23 09:50 - 2014-08-30 08:43 - 00000000 __SHD C:\$360Section
2015-10-20 10:20 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-20 10:19 - 2014-05-20 12:38 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-10-20 10:18 - 2015-02-27 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2015-10-20 10:18 - 2015-02-27 19:19 - 00000000 ____D C:\Program Files\FRITZ!Fernzugang
2015-10-19 07:51 - 2014-12-25 18:37 - 00002219 _____ C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-10-16 21:23 - 2015-06-10 09:25 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 10:58 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-15 10:25 - 2013-12-12 16:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 10:19 - 2013-12-12 16:28 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-15 10:18 - 2013-12-12 17:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 23:01 - 2015-03-24 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2
2015-10-13 23:01 - 2014-06-17 20:44 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-13 23:01 - 2014-06-17 20:44 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-11 09:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-10 14:11 - 2014-03-29 23:31 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\Webocton - Scriptly
2015-10-09 10:35 - 2013-12-25 17:21 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\vlc
2015-10-09 10:31 - 2014-08-10 15:05 - 00000000 ____D C:\WINDOWS\Tasks\360Disabled
2015-10-09 10:31 - 2013-12-12 14:11 - 00003716 _____ C:\WINDOWS\System32\Tasks\googleupdatetaskmachineua
2015-10-09 10:31 - 2013-12-12 14:11 - 00003492 _____ C:\WINDOWS\System32\Tasks\googleupdatetaskmachinecore
2015-10-09 10:30 - 2013-12-12 14:12 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-09 10:26 - 2014-08-14 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Site Visualizer Professional
2015-10-09 10:24 - 2015-07-31 16:18 - 00000000 ____D C:\Users\Muster Man\AppData\Roaming\KeePass
2015-10-09 10:22 - 2015-01-23 10:25 - 00001222 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2015-10-09 10:22 - 2014-08-10 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-10-09 10:21 - 2014-07-05 21:01 - 00000000 ____D C:\Users\Muster Man\AppData\Roaming\360CloudUI
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-09 10:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-18 10:57 - 2014-09-13 12:29 - 7885584 _____ (360安全中心) C:\Program Files (x86)\360DrvMgrInstaller_2.0.0.1040.exe
2014-06-19 22:30 - 2014-06-19 22:30 - 0120996 _____ () C:\Users\Muster Man\AppData\Local\ars.cache
2014-06-19 22:30 - 2014-06-19 22:30 - 0272862 _____ () C:\Users\Muster Man\AppData\Local\census.cache
2015-05-27 15:21 - 2015-05-27 15:21 - 0121768 _____ () C:\Users\Muster Man\AppData\Local\extension_1_1_0_2.crx
2014-06-19 14:55 - 2014-06-19 14:55 - 0000036 _____ () C:\Users\Muster Man\AppData\Local\housecall.guid.cache
2014-09-23 11:41 - 2015-08-09 12:51 - 0007626 _____ () C:\Users\Muster Man\AppData\Local\Resmon.ResmonCfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Solitar\setup_Pixum_Fotobuch.exe


Einige Dateien in TEMP:
====================
C:\Users\Solitar\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppw_qcj.dll
C:\Users\Muster Man\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpevuczj.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-01 21:45

==================== Ende von FRST.txt ============================

So jetzt als Admin

hardyxy9 · 08.11.2015, 21:26

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von Muster Man (2015-11-08 21:13:08)
Gestartet von C:\Users\Solitar\Downloads
Windows 10 Pro (X64) (2015-07-31 10:04:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2113504872-800665639-2394083016-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2113504872-800665639-2394083016-503 - Limited - Disabled)
Gast (S-1-5-21-2113504872-800665639-2394083016-501 - Limited - Disabled)
Solitar (S-1-5-21-2113504872-800665639-2394083016-1003 - Limited - Enabled) => C:\Users\Solitar
Muster Man (S-1-5-21-2113504872-800665639-2394083016-1000 - Administrator - Enabled) => C:\Users\Muster Man
Solitar_Surf (S-1-5-21-2113504872-800665639-2394083016-1023 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2113504872-800665639-2394083016-1026 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell 

deinstalliert werden.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 7.6.0.1031 - 360 Security Center)
360云盘 (HKLM-x32\...\360云盘（网盘版）) (Version: 6.5.2.1160 - 360安全中心)
7-PDF Printer 10.10.0.2307 (HKLM\...\7-PDF Printer_is1) (Version: 10.10.0.2307 - 7-PDF, Germany - Th. Hodes)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.3.0 - IObit)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
AOMEI Partition Assistant Pro Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AusweisApp (HKLM-x32\...\{BA6CDB7A-F5D7-4341-99E1-1FF0AAEAF1D8}) (Version: 1.13.0 - OpenLimit SignCubes AG)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
BlackArmor Discovery (HKLM-x32\...\InstallShield_{B52480BF-CCED-4DD4-8DC2-28BB750D703E}) (Version: 1.20.0931.004 - Seagate)
BlackArmor Discovery (x32 Version: 1.20.0931.004 - Seagate) Hidden
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.3.48 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.3.48 - BlackBerry Ltd.) Hidden
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.53.0004 - Brother)
Brother MFL-Pro Suite MFC-9320CW (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.44.0 - Conexant)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.0.20150113 - Landesfinanzdirektion Thüringen)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.65.2 - Lenovo Group Limited)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evernote v. 5.8.12 (HKLM-x32\...\{C5F59C16-1EA5-11E5-AF29-0050569584E9}) (Version: 5.8.12.8127 - Evernote Corp.)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Free Screen Video Recorder version 3.0.4.713 (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 3.0.4.713 - DVDVideoSoft Ltd.)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Utilities PRO 4.5 (HKLM-x32\...\Glary Utilities 4) (Version: 4.5.0.89 - Glarysoft Ltd)
GlassWire 1.0 (remove only) (HKLM-x32\...\GlassWire 1.0) (Version: 1.0.67 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoStats ToolBar (HKLM-x32\...\GoStatsToolBar) (Version: 1.0 - GoStats)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.15) (Version: 9.15 - Artifex Software Inc.)
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel(R) Driver Update Utility 2.2 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.0 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.051.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0003 - Lenovo)
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.3.7170 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.77 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.77 - Alliance Software Pty Ltd) Hidden
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Pro Photo Tools (HKLM-x32\...\{A05CF147-BEED-4880-BF9B-4EAF22C77FFD}) (Version: 2.2 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 

9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft 

Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft 

Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft 

Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft 

Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft 

Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft 

Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft 

Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft 

Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft 

Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - 

Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft 

Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft 

Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft 

Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft 

Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft 

Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft 

Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft 

Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 

- Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) 

Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.06.07.40 - Huawei Technologies Co.,Ltd)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA)
PresentationTube Recorder 3.0 (HKLM-x32\...\{91F8441B-E7A7-4513-9D7C-080B643D2FD6}_is1) (Version: 3.0 - PresentationTube)
Rescue and Recovery (HKLM-x32\...\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}) (Version: 4.52.0005.00 - Lenovo Group Limited)
Samsung Connection Manager (HKLM-x32\...\{F3F95061-0427-4386-AB03-1556CBE52927}) (Version: 112.6 - Samsung Electronics)
SCL011 Contactless Reader (HKLM-x32\...\{101A21B2-E102-4F64-A7FA-CEF7182D0E2D}) (Version: 1.01 - SCM Microsystems)
Scribus 1.4.4 (64bit) (HKLM\...\Scribus 1.4.4) (Version: 1.4.4 - The Scribus Team)
Sdrive (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Sdrive) (Version: 1.0.5.0 - Seagate Technology LLC)
Sdrive CBFS (HKLM-x32\...\Sdrive CBFS) (Version: 3.2.107.0 - Seagate Technology LLC)
Seagate BlackArmor Backup 2011 (HKLM-x32\...\{5607090E-B8B1-4E1E-ADA2-426522CED33C}) (Version: 14.0.4076 - Seagate)
Seagate NAS Discovery (HKLM-x32\...\{58053C71-35D9-4F16-9E5A-50C97504B2D0}) (Version: 1.00.0020 - Seagate)
Seagate Network Assistant (HKLM\...\{BA94B525-1469-4E00-AFE4-50ADEB8B3993}_is1) (Version: 1.2.1 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-

2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Should I Remove It (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
Site Visualizer Professional 1.5.10 (HKLM-x32\...\Site Visualizer Professional_is1) (Version: 1.5.10 - Elphsoft)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.2 - Synaptics Incorporated)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3200 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Video to Picture (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\VideoToPicture) (Version:  - Watermark Software. All Rights Reserved.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 

6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 

- Broadcom)
Windows-Treiberpaket - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 

01/18/2013 2.08.28 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 

01/18/2013 2.08.28 - FTDI)
Windows-Treiberpaket - FTDI FTDI D2XX (03/21/2011 2.08.14) (HKLM\...\D6BC3CBE8968CB6351105F9D2EEC52CE24F2C99D) (Version: 03/21/2011 2.08.14 - FTDI)
Windows-Treiberpaket - FTDI FTDI VCP (03/20/2011 2.08.14) (HKLM\...\9FCA89337DAC5D4196D98BF2F17E831E1EE83336) (Version: 03/20/2011 2.08.14 - FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI D2XX (05/23/2013 2.08.28) (HKLM\...\7179001CFD2B32971C9902F02EA01225C83D6181) (Version: 05/23/2013 2.08.28 - 

MPP FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI VCP (05/23/2013 2.08.28) (HKLM\...\1D76E4AE71F40C949254202D92503849C8E9BF6E) (Version: 05/23/2013 2.08.28 - 

MPP FTDI)
Windows-Treiberpaket - MPP USB CDC Virtual COM Port (05/23/2013 2.0.0) (HKLM\...\66DD18691EC6886B537A726978F65EF1E8D2D83C) (Version: 05/23/2013 2.0.0 - 

MPP)
Windows-Treiberpaket - MPP USB CDC Virtual COM Port (09/16/2011 1.5.0) (HKLM\...\6D3D1B84986E536339ED6F2B2A381D13597CD69C) (Version: 09/16/2011 1.5.0 - 

MPP)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat 

aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2113504872-800665639-2394083016-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Muster 

Man\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

01-11-2015 21:45:09 Windows Update
08-11-2015 17:30:50 Windows-Sicherung

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-08-15 15:08 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat 

aufgelistet wird.)

Task: {00AD2B19-E0F1-4598-B8F6-FB81D7D0C95B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {0148D66F-4402-478C-981D-4DD1E7CF5046} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {0362078B-8A5D-4076-8502-214291637CA0} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-06-24] (Lenovo 

Group Limited)
Task: {0624E683-48EA-41D5-81B7-81D8952E5235} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015

-10-09] (Google Inc.)
Task: {130F3993-0806-4245-83F5-AAB974269AE6} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App

\LSCTaskService.exe [2015-03-09] (Lenovo)
Task: {17A29073-1CEA-485C-A61B-FA51DFE201EB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-15] 

(Microsoft Corporation)
Task: {1A697A3F-7917-430D-B209-D18A5C5987F2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {1B340F71-B5C5-4759-9DB2-B3BE418D496F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1E512CAA-8FBA-4F0E-85C2-79FD59D7CD53} - System32\Tasks\GlaryInitialize 4 => C:\Program Files\GlaryUtilitiesPRO44\Glary Utilities 

4\Initialize.exe [2014-01-22] (Glarysoft Ltd)
Task: {2BFD8F7E-42D3-430E-9721-328D9DD188EC} - System32\Tasks\Uninstaller_SkipUac_Solitar => C:\Program Files (x86)\IObit\IObit Uninstaller

\IObitUninstaler.exe [2015-05-20] (IObit)
Task: {2CA72F58-C84E-4F09-A444-AA58BC6F5262} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2D0C4A97-E354-489C-A4F2-EA05FA4D6E2C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe 

[2015-06-10] (Dropbox, Inc.)
Task: {3283DBA3-D400-40B8-86DC-34C1D39EAD21} - System32\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003 => C:\Users\Solitar\AppData

\Local\Citrix\GoToMeeting\3770\g2mupdate.exe [2015-10-27] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {3A90E392-8D43-49D1-A73A-B7943A2F9FA0} - System32\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003 => C:\Users\Solitar\AppData

\Local\Citrix\GoToMeeting\3770\g2mupload.exe [2015-10-27] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {3B7C0878-617C-45E5-9B2C-1461F461EB0E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {440299AD-80BA-4739-A075-06BE27058FE1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback 

Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {49441387-1C91-4845-B422-2BACC10D6C3B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {4B78C40C-5D78-4F30-9963-A94C362D6D87} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4D2DEAB9-2143-4FB0-9093-1F4A7F59ACDA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {536C646E-D588-46D9-AF02-87FFB60D9E21} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {53F29ED5-EF5F-4E7C-8C0B-C188DA6E3322} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {590ADF76-CBFF-401E-B894-34FAE8C501D4} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files 

(x86)\Innovative Solutions\DriverMax\innostp.exe
Task: {5F6F2AE7-A182-45EC-AA27-72BDCBAF4C7C} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-

07-06] (IObit)
Task: {621F9089-384B-47E8-9420-D3AF938A0D19} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM

\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {63B37499-263F-4C1A-A0AF-C532FF0FD740} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {679FEB60-5999-4ED0-98C5-FD41BCB12A33} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {6D78B99B-D53B-4570-BDDC-68366556BBE0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer 

Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {7974A3CC-E9BE-4CE7-B79E-E8FE27CDEAD2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7A00FD0C-6E3B-4FE1-88FD-AEEC62130AE8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {7C05B167-F13B-4DBC-86C8-E54838174520} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7CFD924D-D5BF-499A-9445-7D4E964DC927} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {7DA7447B-FD5A-4183-8698-3AA5B7D65527} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe 

[2015-07-06] (IObit)
Task: {7EB4168F-CB7B-42DE-84C1-05DBBA81DE8C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome

\ehPrivJob.exe
Task: {7EF8B6C1-988C-495E-A807-36331F24251E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {8575E2AE-DECA-4EB3-B00C-4CC443C684AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {8959AC81-35EA-4F1E-870A-7C7B12958103} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {8995E6EC-DC82-4DD3-B523-D21822198A29} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {8F199179-FAAC-4408-8B59-F4CE020CFD69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {90F8D2E3-709F-4949-920E-54CE0D58E009} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {91213A2B-84BF-4386-8404-84D1F803206C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {92E9E2B2-6F53-49E6-BE02-5BE1799B36C8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {98012973-2E04-4626-857F-26C5F2A4C194} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {A014BFD9-8C38-4C83-B26E-FE74FD79476B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== 

ACHTUNG
Task: {B287132C-5F6F-4ED7-AD73-5C430DFC06D2} - System32\Tasks\ASC8_SkipUac_Muster Man => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe 

[2015-06-16] (IObit)
Task: {B2F6E1B5-78A0-449B-B236-BDA0ACFBDF1F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe 

[2015-06-10] (Dropbox, Inc.)
Task: {B318A255-439B-4AB9-B09D-5508CA1B56AB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {B5730A8C-C8C9-4B30-BFA5-9BE87567FF51} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe 

[2015-03-09] ()
Task: {B637FAD6-DC30-4BF6-85A3-10AE063EDE74} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo 

Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {BFD0C495-E28E-4FCC-A95C-211BA18C2D50} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C2210B65-E867-42F3-9108-A353D3B75AC8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C289FE81-0197-4192-B24E-4118283698D5} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {C6A65C86-1A8F-4AC6-AB5E-FB7D82F8CA41} - System32\Tasks\GU4SkipUAC => C:\Program Files\GlaryUtilitiesPRO44\Glary Utilities 4\Integrator.exe 

[2014-01-22] (Glarysoft Ltd)
Task: {D3DE109C-D785-4FF8-B417-9F659A7A01F8} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {D411943A-A66B-4652-99A1-63DC6D014E5E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-07-

01] ()
Task: {D58871F7-A51A-4716-B3A9-4C596625278E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center

\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {DC2A5D41-AE96-4D70-9C0A-E083019BEA1D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash

\FlashPlayerUpdateService.exe [2015-06-21] (Adobe Systems Incorporated)
Task: {E503D894-230F-49C4-BAFD-FBA24F8C10CA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center

\LSC.exe [2015-03-09] ()
Task: {E530BDF8-9011-4771-98C5-049AFF1202DB} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {E7DD67A2-CB44-47E8-BE25-449C6081C644} - System32\Tasks\Opera scheduled Autoupdate 1437039558 => C:\Program Files (x86)\Opera\launcher.exe [2015

-07-10] (Opera Software)
Task: {E8879E5F-A05D-4882-A81B-1CA267E75846} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {EA020356-1BD4-43A0-99D7-C7D95DA69C4D} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => C:\Windows

\System32\reg.exe [2015-07-10] (Microsoft Corporation)
Task: {EFF8784A-51A8-43C5-8E2C-D3377894209C} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 

[2015-10-09] (Google Inc.)
Task: {F3356CE2-7C78-4E87-9FEC-A1EC844F1D8B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {F44B8F9C-B62D-4994-9A53-27B63E5A21C8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F5BF44D4-6D85-422C-B3C1-26762DC35829} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {F6CC68B8-F092-4D01-8BA7-73EC37CC424F} - System32\Tasks\Driver Booster SkipUAC (Muster Man) => C:\Program Files (x86)\IObit\Driver Booster

\DriverBooster.exe [2015-07-06] (IObit)
Task: {FA17A770-6747-4617-8A41-76CB26706EF8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {FDC2A1A1-A90F-4431-B9D3-38C239B47FA6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control 

iMControllerService 128

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht 

verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003.job => C:\Users\Solitar\AppData\Local\Citrix\GoToMeeting

\3770\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003.job => C:\Users\Solitar\AppData\Local\Citrix\GoToMeeting

\3770\g2mupload.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-07-31 11:45 - 2015-07-31 11:45 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-01 11:58 - 2015-08-01 11:58 - 00254880 _____ () C:\Windows\System32\iMDriverHelper.dll
2015-08-19 09:55 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-07-09 08:17 - 2014-02-19 13:49 - 00099328 ____N () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
2013-12-12 22:35 - 2005-04-22 13:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2015-07-16 04:45 - 2015-07-16 04:45 - 00105112 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2014-04-18 12:47 - 2012-01-14 07:26 - 00327392 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2015-10-01 08:25 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-07-16 08:32 - 2014-06-24 05:05 - 00117760 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-10-01 08:25 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 08:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 08:25 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 08:24 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 08:24 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 08:25 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-07-02 01:28 - 2015-07-02 01:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-07-02 01:28 - 2015-07-02 01:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-12-12 22:35 - 2011-04-01 11:26 - 01163264 ____R () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2015-02-21 11:34 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2014-08-10 13:27 - 2015-09-21 05:10 - 00087672 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2015-10-09 15:48 - 2015-10-09 15:48 - 00335360 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation

\9c623a02ebfec7b3c6af4e87bf2f9434\Windows.Foundation.ni.dll
2015-02-21 11:34 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-03-14 16:46 - 2014-03-14 16:46 - 00065880 _____ () C:\Program Files (x86)\Lenovo\Access Connections\ACSonyEricssonHlpr.dll
2014-03-14 16:47 - 2014-03-14 16:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2015-10-14 13:05 - 2015-10-14 13:05 - 00246272 _____ () C:\Program Files (x86)\GlassWire\GeoIP.dll
2013-12-12 22:35 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-10-01 08:35 - 2015-10-13 00:33 - 00166416 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-11-08 20:51 - 2015-11-08 20:51 - 00071168 _____ () c:\Users\Muster Man\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-

3e3e7ecf0d81}.tmpevuczj.dll
2015-06-10 09:25 - 2015-09-24 00:07 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-10 09:25 - 2015-09-24 00:07 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 08:27 - 2015-09-24 00:07 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-10 09:25 - 2015-09-24 00:07 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-10-09 10:30 - 2015-09-24 03:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-10-09 10:30 - 2015-09-24 03:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-09-20 12:19 - 2010-09-28 14:53 - 00948496 _____ () C:\Program Files\WS_FTP\LIBEAY32.dll
2015-09-20 12:19 - 2010-09-28 14:53 - 00153360 _____ () C:\Program Files\WS_FTP\SSLEAY32.dll
2015-09-20 12:14 - 2010-09-28 14:56 - 06551672 _____ () C:\Program Files\WS_FTP\res0409.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\0fc720bbb1d23d4e6144ac26d6cbc943:Win32App
AlternateDataStreams: C:\181d51811d12972900:Win32App
AlternateDataStreams: C:\1a3d491a3fb609fccd5b2a:Win32App
AlternateDataStreams: C:\1d616b3cc3d337fa3d9d5f429c8d:Win32App
AlternateDataStreams: C:\400dfc9163dedef140:Win32App
AlternateDataStreams: C:\4e8e44df69bc98bedefb6cc3076f66:Win32App
AlternateDataStreams: C:\5621adaf9345ec36dc5793d7f0c8b1:Win32App
AlternateDataStreams: C:\5dbd9b9f8b378e1ddb958a8902ed:Win32App
AlternateDataStreams: C:\6f42a20f6da31f2fe727b8de721e3f68:Win32App
AlternateDataStreams: C:\88160bad2f871498af:Win32App
AlternateDataStreams: C:\a164d43ba4af8fdde464:Win32App
AlternateDataStreams: C:\a68a4bb77a8537a716161c6e0bfec3:Win32App
AlternateDataStreams: C:\b0d3ae91f65a665f27:Win32App
AlternateDataStreams: C:\b55362dbf3c66fbb753edea4a31e:Win32App
AlternateDataStreams: C:\daf42a1b4cebcadfc29e50:Win32App
AlternateDataStreams: C:\f86f83075e9d7d96e5:Win32App
AlternateDataStreams: C:\wamp:Win32App
AlternateDataStreams: C:\xampp:Win32App
AlternateDataStreams: C:\Program Files\Bonjour:Win32App
AlternateDataStreams: C:\Program Files\CCleaner:Win32App
AlternateDataStreams: C:\Program Files\GIMP 2:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Office:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
AlternateDataStreams: C:\Program Files\Sublime Text 2:Win32App
AlternateDataStreams: C:\Program Files\WinRAR:Win32App
AlternateDataStreams: C:\Program Files\WS_FTP:Win32App
AlternateDataStreams: C:\Program Files (x86)\AOMEI Partition Assistant Pro Edition 5.5:Win32App
AlternateDataStreams: C:\Program Files (x86)\Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\AusweisApp:Win32App
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App
AlternateDataStreams: C:\Program Files (x86)\DVDVideoSoft:Win32App
AlternateDataStreams: C:\Program Files (x86)\ElsterFormular:Win32App
AlternateDataStreams: C:\Program Files (x86)\FFmpeg for Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\FRITZ!Fernzugang einrichten:Win32App
AlternateDataStreams: C:\Program Files (x86)\GoStats:Win32App
AlternateDataStreams: C:\Program Files (x86)\Intel Driver Update Utility:Win32App
AlternateDataStreams: C:\Program Files (x86)\KeePass Password Safe 2:Win32App
AlternateDataStreams: C:\Program Files (x86)\Lame For Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\Lenovo:Win32App
AlternateDataStreams: C:\Program Files (x86)\ Malwarebytes Anti-Malware :Win32App
AlternateDataStreams: C:\Program Files (x86)\Market Samurai:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Pro Photo Tools:Win32App
AlternateDataStreams: C:\Program Files (x86)\MSXML 4.0:Win32App
AlternateDataStreams: C:\Program Files (x86)\Opera:Win32App
AlternateDataStreams: C:\Program Files (x86)\PDF Split And Merge Basic:Win32App
AlternateDataStreams: C:\Program Files (x86)\PresentationTube:Win32App
AlternateDataStreams: C:\Program Files (x86)\Samsung Connection Manager:Win32App
AlternateDataStreams: C:\Program Files (x86)\SCM Microsystems:Win32App
AlternateDataStreams: C:\Program Files (x86)\Sdrive CBFS:Win32App
AlternateDataStreams: C:\Program Files (x86)\Site Visualizer:Win32App
AlternateDataStreams: C:\Program Files (x86)\Webocton - Scriptly:Win32App
AlternateDataStreams: C:\WINDOWS\System32:Win32App
AlternateDataStreams: C:\WINDOWS\SysWOW64:Win32App
AlternateDataStreams: C:\Program Files\Common Files\DESIGNER:Win32App
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App
AlternateDataStreams: C:\Users\Solitar\Downloads\BrAdmin3530004eur.exe:Win32App
AlternateDataStreams: C:\Users\Solitar\AppData\Local\Temp:Win32App
AlternateDataStreams: C:\Users\Solitar\Documents\360 Microsoft Partner.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\9320 Handbuch.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Australien Pass Antrag Nr1300t.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\BeschV - Verordnung über die Beschäftigung von Ausländerinnen und 

Ausländern.htm:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\BeschV - Verordnung über die Beschäftigung von Ausländerinnen und 

Ausländern_files:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Betreuungsrecht Patientenverfügg Infos.xps:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Bewertungen:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Bewertungen_myBetreuung24:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\CHIP_eBook_Webdesign_2013.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Diagramm Sprachkenntnisse:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\ebay Problem Anschreiben Acrobat.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\english_user_handbook dreambox 7000s.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Fragebogen:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Google Adwords_Lastschrift_Mandat.JPG:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Google Analytics Datenschutzerklärung.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Handyliga Angebot Tarif m Auszahlg Eplus_3.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Handyliga Angebot Tarif m Auszahlg Eplus_mydealz_4.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Handyliga_Mobilfunk_Vertrag_Tarif_m_Auszahlg_Eplus_3.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Homepage_alt_weebly:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\HTML Lernen.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\HUAWEI R201 Wireless Modem Quick Start-

(V100R001_01,German,Vodafone_Germany).pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Hyundai_i30:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Joomla_3.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Logitel_Angebot_S2_Eplus_Mai2014.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Lokale_Allianz_Broschüre:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\NEATO-VACUUM-USER-GUIDE_Europe.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\neato_programmersmanual_20140305.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Partnerschaften Bilder:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Powerpoint myBetreuung24:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\QR Codes:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Rechnungen andere Empfänger:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Software_Seriennummern_LenovoX220_2014Juni05_a.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Software_Seriennummern_LenovoX220_2014Juni05_b.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Solac Bügeleisen Manual.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\stundenweise Betreuer:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Swissvoice_Eurit_748_de_manual.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Talkthisway Vodafone Angebotsseite12_Fussnoten Mai 2014_nur Ausz_anders.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\TL-MR3020_V1_user_guide.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\TL-MR3420_V1_user_guide.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\TL-MR3420_V1_user_guide2.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\TL-MR3420_V2_User_Guide.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\TP-Link-WA850RE_V1_User_Guide_19100.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Vertrag_1860926_notebooksbilliger.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Vodafone InfoDok 548 Selbständige Nachweis.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Vodafone_R201 Manual.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Vodafone_Smart_4G_UM_DE_0127_Manual.pdf:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: SecurityUtility => 2
MSCONFIG\Services: sfcdpsrv => 2
MSCONFIG\Services: SgtSch2Svc => 2
HKLM\...\StartupApproved\Run: => "Seagate Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "BlackArmorBackupMonitor.exe"
HKLM\...\StartupApproved\Run32: => "RIM PeerManager"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\StartupFolder: => "CarPort Updater.lnk"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "AusweisApp"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_0E3695195675395E5979719587D6866A"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "LaCie Ethernet Agent Startup"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat 

aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{9BBA8AE2-60B1-449F-B0C8-A8D6EBAC3C3F}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program 

files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{2DC30472-04D7-4ADA-8A74-39C8911698C2}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program 

files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{44473BBF-B713-43A1-A601-BC9D714FAA29}C:\program files\ws_ftp\ws_ftp95.exe] => (Allow) C:\program files\ws_ftp

\ws_ftp95.exe
FirewallRules: [TCP Query User{1486917C-13A9-495C-82ED-0B1F8E62E679}C:\program files\ws_ftp\ws_ftp95.exe] => (Allow) C:\program files\ws_ftp

\ws_ftp95.exe
FirewallRules: [UDP Query User{A55812BB-7AFA-4D1B-A484-CE74A1E804EF}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache

\apache2.4.9\bin\httpd.exe
FirewallRules: [TCP Query User{9595CBB4-343A-4D15-8366-10A23B8553E4}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache

\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{5F356977-FC1D-45BE-ADF5-CD1E1CC761C2}C:\users\Solitar\appdata\roaming\steganos\okayfreedom\proxy\node.exe] => (Block) 

C:\users\Solitar\appdata\roaming\steganos\okayfreedom\proxy\node.exe
FirewallRules: [TCP Query User{D2C89F43-D2A6-480D-8BC3-267860D1D87A}C:\users\Solitar\appdata\roaming\steganos\okayfreedom\proxy\node.exe] => (Block) 

C:\users\Solitar\appdata\roaming\steganos\okayfreedom\proxy\node.exe
FirewallRules: [UDP Query User{4AF61F39-F381-4E2A-BB09-B34C8AB205DA}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp

\filezillaserver.exe
FirewallRules: [TCP Query User{CB0EED64-A004-4C48-9B8E-6526166A5B93}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp

\filezillaserver.exe
FirewallRules: [UDP Query User{B6373BC7-A281-4528-AD15-66C3F8979FC9}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{87DBBACD-307C-476F-AA5D-0624A9051D9B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{148006AD-B1B5-41CA-90B0-5651463E56AA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{88B55584-C3ED-494B-9B6B-BC7FE27DA9BD}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{27E23C90-D868-4387-B1CF-418198D8BEA3}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{C6AFF9DE-EAF1-4834-8BF5-2C430DB942E6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [UDP Query User{1812A506-E2D1-43A5-8842-8AA03E180609}C:\program files (x86)\tv-plug-in\tv-plug-in.exe] => (Allow) C:\program files 

(x86)\tv-plug-in\tv-plug-in.exe
FirewallRules: [TCP Query User{D5E32BC0-87CE-4FB9-A635-0945D1804111}C:\program files (x86)\tv-plug-in\tv-plug-in.exe] => (Allow) C:\program files 

(x86)\tv-plug-in\tv-plug-in.exe
FirewallRules: [UDP Query User{0177E90C-3D40-481F-B475-0960A015FA60}C:\users\Solitar\appdata\roaming\sdrive\sdrive.exe] => (Allow) C:\users\Solitar

\appdata\roaming\sdrive\sdrive.exe
FirewallRules: [TCP Query User{978A4F66-BA03-41FD-93C4-45654DFDB4AD}C:\users\Solitar\appdata\roaming\sdrive\sdrive.exe] => (Allow) C:\users\Solitar

\appdata\roaming\sdrive\sdrive.exe
FirewallRules: [{B584D037-D8A2-45EB-A17A-3EF00B205025}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6001E6A-70AB-4647-8DEF-845F3AB63954}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{0AD2DE51-673C-4785-884B-A4A0BFA5B062}C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe] => 

(Allow) C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe
FirewallRules: [TCP Query User{A0C4CFD6-4C52-481F-88ED-62F789FF8646}C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe] => 

(Allow) C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe
FirewallRules: [UDP Query User{996D0991-B32A-48F4-9946-CBC07A584725}C:\program files (x86)\qvodplayer\qvodterminal.exe] => (Allow) C:\program files 

(x86)\qvodplayer\qvodterminal.exe
FirewallRules: [TCP Query User{BF6AD162-6056-4BF4-8762-F00688DFE3E2}C:\program files (x86)\qvodplayer\qvodterminal.exe] => (Allow) C:\program files 

(x86)\qvodplayer\qvodterminal.exe
FirewallRules: [UDP Query User{D90D7391-3B27-4409-A9ED-1E254B1E95C7}C:\program files (x86)\qvodplayer\qvodplayer.exe] => (Allow) C:\program files 

(x86)\qvodplayer\qvodplayer.exe
FirewallRules: [TCP Query User{87327AC1-AE7C-4DF1-8454-CE715CB1ECEE}C:\program files (x86)\qvodplayer\qvodplayer.exe] => (Allow) C:\program files 

(x86)\qvodplayer\qvodplayer.exe
FirewallRules: [{4FDCFC07-427E-4AFD-9038-1854B3CB7C7C}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager

\PeerManager.exe
FirewallRules: [{9F2DC1DA-D58F-4BBA-9E45-F9CF4733332C}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{C22272E4-BDCA-4A7C-8485-994A7A37620F}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager

\mDNSResponder.exe
FirewallRules: [{1B3E4BC4-34D8-4742-BED9-39C139DC30C4}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager

\mDNSResponder.exe
FirewallRules: [{341B0FCC-9200-4E26-A9D8-3C2D89772815}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{17D47B71-5D2D-4EB0-BF62-B3C10C3D9DDD}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{DF89E086-8385-408A-B94C-7153CFA39D2C}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{84C54662-6DD3-42D6-84A6-E24AB39DBA55}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{BCF06202-BC1E-4360-912E-EC79D30AE8DB}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{087FB769-BBB0-421D-AA54-462BE5B79B23}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{6293A7D5-710F-4314-A564-5B73F50582CF}] => (Allow) C:\Program Files\360\360safe\safemon\360tray.exe
FirewallRules: [{8A96FC18-B82D-4213-83B9-8F647DC37291}] => (Allow) C:\Program Files\360\360safe\safemon\360tray.exe
FirewallRules: [{2156BC52-7064-4614-83C9-2505C924CB04}] => (Allow) C:\Program Files\360\360sd\LiveUpdate360.exe
FirewallRules: [{05BBB824-B26A-4842-8354-D0374390E800}] => (Allow) C:\Program Files\360\360sd\LiveUpdate360.exe
FirewallRules: [UDP Query User{4BD5EE3C-6FE5-4B45-AC0F-2D87D651254E}C:\program files\360\360sd\360sdupd.exe] => (Allow) C:\program files\360\360sd

\360sdupd.exe
FirewallRules: [TCP Query User{49796A0B-5A06-4927-AFDA-00E20337CAC3}C:\program files\360\360sd\360sdupd.exe] => (Allow) C:\program files\360\360sd

\360sdupd.exe
FirewallRules: [{FF1808AD-B053-4289-BA1B-F4B3B95F8E97}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\bradminv3.exe
FirewallRules: [{558D5CFA-8A46-4C7C-AA6F-17EA8A0FE65E}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\bradminv3.exe
FirewallRules: [{43FF7CED-A6C4-4093-835A-014F5B71A3B1}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\auditorserver.exe
FirewallRules: [{16207232-F07B-446E-A39A-74B79DE5073B}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\auditorserver.exe
FirewallRules: [{FD327DCF-DD98-4467-AB91-AF29EC77D33C}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\discover.exe
FirewallRules: [{C65E9A02-A784-42CE-81CA-0CE97B7ADD45}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\discover.exe
FirewallRules: [UDP Query User{7925891A-1A80-4FE3-BD3A-9C681C833E2E}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe] => (Allow) 

C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe
FirewallRules: [TCP Query User{475B49EB-89EF-4512-AC1A-A661533109BF}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe] => (Allow) 

C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe
FirewallRules: [UDP Query User{6E9B9D91-82A2-428E-B90F-45005D9AAFE4}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe] => 

(Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe
FirewallRules: [TCP Query User{1A437E71-1C68-44E9-A07C-BCDB388811B0}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe] => 

(Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe
FirewallRules: [UDP Query User{63344FA5-0F1C-49A1-A424-F3037397870A}C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe] => 

(Allow) C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe
FirewallRules: [TCP Query User{F64D5CDF-3655-4330-815B-A0C3839E9A67}C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe] => 

(Allow) C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe
FirewallRules: [{B1099C3F-8A75-4952-A7E3-28F285AE0442}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{C250B50A-1723-492E-9E82-528F02CA24C0}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{ED6320A1-FC5E-44F7-9980-23F89461D91E}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{5B50FA54-3065-434E-8020-D8DC1936E030}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{3574FA20-5283-48EE-ACE9-A0AE2F4AF7B6}] => (Allow) C:\Program Files (x86)\360\360safe\LiveUpdate360.exe
FirewallRules: [{E29AADEC-F301-4866-A62C-F4330132D234}] => (Allow) C:\Program Files (x86)\360\360safe\LiveUpdate360.exe
FirewallRules: [{E90687C9-7CB6-4042-9B88-D417DDD37B86}] => (Allow) C:\Program Files (x86)\360\360safe\safemon\360Tray.exe
FirewallRules: [{9F8265C1-492D-4248-9AAD-339CBE71E2EB}] => (Allow) C:\Program Files (x86)\360\360safe\safemon\360Tray.exe
FirewallRules: [UDP Query User{CFABE5E4-7DA7-452E-A947-AC35B7A64F76}C:\users\Solitar\downloads\dreamenum_0.90.exe] => (Allow) C:\users\Solitar

\downloads\dreamenum_0.90.exe
FirewallRules: [TCP Query User{15DE7B35-7260-4D0E-AA87-45534A109853}C:\users\Solitar\downloads\dreamenum_0.90.exe] => (Allow) C:\users\Solitar

\downloads\dreamenum_0.90.exe
FirewallRules: [{CE2DD3F1-AC25-4C30-8D81-513723A0E446}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3AC7EDE9-D866-4EA9-BCDA-8EE950A48300}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{91074F9C-F99F-4F08-90E2-1BA24C48BA5C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{515B5274-509E-446C-930D-8323ACD02BC6}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{2A169989-3363-4078-B08F-63B69794EF12}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{334E196A-6A82-4DB0-BA4F-318F9E197AD9}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{0C9FB088-6313-45C5-9312-89768CF28248}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{80DA1EC3-39CF-4DDF-9924-61F3217B8309}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{525D6422-21EF-4828-BEBA-A9D35A021E83}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{C26560F8-2BA2-4B79-A9B4-2DAA961BBA85}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{7C690FEE-473D-48DD-A3E4-3EDF654978D9}] => (Allow) C:\Program Files (x86)\Bzeek\bzeek.exe
FirewallRules: [{44CEA248-5B11-469E-B560-1108C64709D7}] => (Allow) C:\Program Files (x86)\Bzeek\bzeek.exe
FirewallRules: [{0BF2FC45-FCB6-4BEF-BA5E-473AFF3260A6}] => (Allow) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager

\mDNSResponder.exe
FirewallRules: [{934CE094-D316-4221-BA19-C2DD50E69315}] => (Allow) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager

\mDNSResponder.exe
FirewallRules: [{2FAE4540-5DA7-4778-A99F-29193705FE87}] => (Allow) LPort=54925
FirewallRules: [{B5801201-1FB0-42FF-9A45-32203A0786CD}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{02471316-AD65-401F-AF62-4006C171B5BE}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{CE58AE7F-28D8-465A-B3D2-085716D53DD0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{73D3B00E-AC67-414F-943E-4335CB44AAFB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files

\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{EF914F2D-8950-40E2-AD76-F29511D2F58E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files

\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{412381B7-96BC-4CE9-AA4F-3F3A56351093}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files

\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B94DC76A-4C20-4FD9-9D11-093834BBDF9F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files

\logitech gaming software\lcore.exe
FirewallRules: [{E12DC2BD-D958-4FCA-B79F-51E465336F18}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{598534A9-DEFF-4BA8-B05D-0FD09EDF3E38}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{9508EE5F-46ED-4FDB-9B3A-6F4A92F5F5FA}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{ED6F5BE4-CF9D-40B0-8690-CEC0C590A00B}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{A8E07665-29AE-4C62-AAA8-4CD1AE875D2D}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{DE2506F9-3B44-4A55-89E9-CAAEAF8D20D3}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{2281D929-A905-452A-88AD-3989CC453AFE}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{7E2DEE0E-762D-42FA-88F9-6089C87696B7}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB-xHCI-kompatibler Hostcontroller
Description: USB-xHCI-kompatibler Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generischer USB-xHCI-Hostcontroller
Service: USBXHCI
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft Hosted Network Virtual Adapter
Description: Von Microsoft gehosteter, virtueller Netzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/08/2015 06:42:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: 

Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/08/2015 05:30:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: 

Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/08/2015 05:30:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: 

Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/08/2015 05:30:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: 

Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/08/2015 05:29:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 10.0.10240.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den 

Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 38b0

Startzeit: 01d11a3e7839048a

Beendigungszeit: 0

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: eaf5e13e-8635-11e5-9beb-7ce9d3baac23

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/08/2015 05:15:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: 

Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/08/2015 04:05:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LenovoX220)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere 

Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/08/2015 03:19:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm DriverBooster.exe, Version 2.4.0.19 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den 

Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 41c8

Startzeit: 01d11a2e3fb447fb

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

Berichts-ID: c674818b-8623-11e5-9beb-7ce9d3baac23

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/07/2015 06:19:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7072109

Error: (11/07/2015 06:19:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7072109


Systemfehler:
=============
Error: (11/08/2015 09:02:15 PM) (Source: DCOM) (EventID: 10016) (User: LenovoX220)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}LenovoX220SolitarS-1-5-21

-2113504872-800665639-2394083016-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/08/2015 08:51:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session28" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen 

werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/08/2015 08:51:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session28" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen 

werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/08/2015 08:51:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session28" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 

10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/08/2015 08:51:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session28" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen 

werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/08/2015 06:35:16 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT-AUTORITÄT)
Description: Der Filter-Manager konnte keine Verbindung mit dem Volume "\Device\HarddiskVolume12" herstellen. Dieses Volume ist erst nach einem 

Neustart für die Filterung verfügbar. Der letzte Status war "0xc03a001c".

Error: (11/08/2015 06:35:16 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT-AUTORITÄT)
Description: Der Filter-Manager konnte keine Verbindung mit dem Volume "\Device\HarddiskVolume12" herstellen. Dieses Volume ist erst nach einem 

Neustart für die Filterung verfügbar. Der letzte Status war "0xc03a001c".

Error: (11/08/2015 05:47:23 PM) (Source: volsnap) (EventID: 35) (User: )
Description: Die Schattenkopien von Volume "G:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.

Error: (11/08/2015 04:39:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session27" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen 

werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/08/2015 04:39:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session27" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen 

werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-10-15 12:20:40.723
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to 

load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the 

Microsoft signing level requirements.

  Date: 2015-10-15 12:20:40.686
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to 

load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level 

requirements.

  Date: 2015-10-15 12:20:40.633
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to 

load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level 

requirements.

  Date: 2015-10-15 12:20:40.546
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to 

load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the 

Microsoft signing level requirements.

  Date: 2015-10-15 12:20:40.519
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to 

load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level 

requirements.

  Date: 2015-10-15 12:20:40.493
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to 

load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level 

requirements.

  Date: 2015-10-15 12:20:39.352
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to 

load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level 

requirements.

  Date: 2015-10-15 12:20:39.147
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to 

load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level 

requirements.

  Date: 2015-10-15 12:16:43.842
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted 

to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the 

Microsoft signing level requirements.

  Date: 2015-10-15 12:16:43.797
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted 

to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level 

requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8075.23 MB
Verfügbarer physikalischer RAM: 5084.31 MB
Summe virtueller Speicher: 16267.23 MB
Verfügbarer virtueller Speicher: 12818.51 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:136.88 GB) (Free:64.64 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.28 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Lenovo_Recovery) (Fixed) (Total:10.99 GB) (Free:1.83 GB) NTFS
Drive f: (SONYCAMERA) (Fixed) (Total:3.72 GB) (Free:3.66 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: B0B007CB)
Partition 1: (Not Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=136.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: DDD41A57)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

Ich musste die Antivirensoftware ausschalten damit die Addition.txt erstellt wird ..

---

Ich hatte auch den Support von Malwarebytes angeschrieben, die (rasche) Antwort lautet:

" ..
Welcome to Malwarebytes support, my name is Julia and I’ll be assisting you today.

Bzeek is a global WiFi network. How do you connect to the internet?
Who is your ISP? Check with them, see if they use it.

Regards,

Julia Wallace .."

Hmm ..

schrauber · 09.11.2015, 18:58

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

hardyxy9 · 09.11.2015, 20:25

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 09.11.2015 09:35, SYSTEM, LENOVOX220, Scheduler, IP Database, 2015.11.6.2, 2015.11.9.2, 
Update, 09.11.2015 09:35, SYSTEM, LENOVOX220, Scheduler, Domain Database, 2015.11.8.1, 2015.11.9.4, 
Update, 09.11.2015 09:35, SYSTEM, LENOVOX220, Scheduler, Malware Database, 2015.11.8.5, 2015.11.9.1, 
Protection, 09.11.2015 09:35, SYSTEM, LENOVOX220, Protection, Refresh, Starting, 
Protection, 09.11.2015 09:35, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopping, 
Protection, 09.11.2015 09:35, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopped, 
Protection, 09.11.2015 09:35, SYSTEM, LENOVOX220, Protection, Refresh, Success, 
Protection, 09.11.2015 09:35, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Starting, 
Protection, 09.11.2015 09:35, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Started, 
Update, 09.11.2015 11:03, SYSTEM, LENOVOX220, Scheduler, Malware Database, 2015.11.9.1, 2015.11.9.2, 
Protection, 09.11.2015 11:03, SYSTEM, LENOVOX220, Protection, Refresh, Starting, 
Protection, 09.11.2015 11:03, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopping, 
Protection, 09.11.2015 11:03, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopped, 
Protection, 09.11.2015 11:03, SYSTEM, LENOVOX220, Protection, Refresh, Success, 
Protection, 09.11.2015 11:03, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Starting, 
Protection, 09.11.2015 11:03, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Started, 
Update, 09.11.2015 15:16, SYSTEM, LENOVOX220, Scheduler, Malware Database, 2015.11.9.2, 2015.11.9.3, 
Protection, 09.11.2015 15:16, SYSTEM, LENOVOX220, Protection, Refresh, Starting, 
Protection, 09.11.2015 15:16, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopping, 
Protection, 09.11.2015 15:16, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopped, 
Protection, 09.11.2015 15:16, SYSTEM, LENOVOX220, Protection, Refresh, Success, 
Protection, 09.11.2015 15:16, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Starting, 
Protection, 09.11.2015 15:16, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Started, 
Update, 09.11.2015 18:50, SYSTEM, LENOVOX220, Scheduler, Malware Database, 2015.11.9.3, 2015.11.9.4, 
Protection, 09.11.2015 18:50, SYSTEM, LENOVOX220, Protection, Refresh, Starting, 
Protection, 09.11.2015 18:50, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopping, 
Protection, 09.11.2015 18:50, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopped, 
Protection, 09.11.2015 18:50, SYSTEM, LENOVOX220, Protection, Refresh, Success, 
Protection, 09.11.2015 18:50, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Starting, 
Protection, 09.11.2015 18:50, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Started, 
Update, 09.11.2015 18:56, SYSTEM, LENOVOX220, Scheduler, Malware Database, 2015.11.9.4, 2015.11.9.5, 
Protection, 09.11.2015 18:56, SYSTEM, LENOVOX220, Protection, Refresh, Starting, 
Protection, 09.11.2015 18:56, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopping, 
Protection, 09.11.2015 18:56, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopped, 
Protection, 09.11.2015 18:56, SYSTEM, LENOVOX220, Protection, Refresh, Success, 
Protection, 09.11.2015 18:56, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Starting, 
Protection, 09.11.2015 18:56, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Started, 
Update, 09.11.2015 19:24, SYSTEM, LENOVOX220, Manual, Domain Database, 2015.11.9.4, 2015.11.9.6, 
Protection, 09.11.2015 19:24, SYSTEM, LENOVOX220, Protection, Refresh, Starting, 
Protection, 09.11.2015 19:24, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopping, 
Protection, 09.11.2015 19:24, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Stopped, 
Protection, 09.11.2015 19:24, SYSTEM, LENOVOX220, Protection, Refresh, Success, 
Protection, 09.11.2015 19:24, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Starting, 
Protection, 09.11.2015 19:24, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Started, 
Scan, 09.11.2015 19:35, SYSTEM, LENOVOX220, Manual, Start: 09.11.2015 19:24, Dauer: 11 Min. 18 Sek., Bedrohungssuchlauf, Abgeschlossen, 0 Malware-Erkennung, 0 Nicht-Malware-Erkennungen, 
Protection, 09.11.2015 20:08, SYSTEM, LENOVOX220, Protection, Malware Protection, Starting, 
Protection, 09.11.2015 20:08, SYSTEM, LENOVOX220, Protection, Malware Protection, Started, 
Protection, 09.11.2015 20:08, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Starting, 
Protection, 09.11.2015 20:08, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Started, 
Protection, 09.11.2015 20:22, SYSTEM, LENOVOX220, Protection, Malware Protection, Starting, 
Protection, 09.11.2015 20:22, SYSTEM, LENOVOX220, Protection, Malware Protection, Started, 
Protection, 09.11.2015 20:22, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Starting, 
Protection, 09.11.2015 20:22, SYSTEM, LENOVOX220, Protection, Malicious Website Protection, Started, 

(end)

Code:

ATTFilter

# AdwCleaner v5.019 - Bericht erstellt am 09/11/2015 um 20:04:12
# Aktualisiert am 08/11/2015 von Xplode
# Datenbank : 2015-11-09.1 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : Muster Man - LENOVOX220
# Gestartet von : C:\Users\Solitar\Downloads\AdwCleaner_5.019.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\QvodPlayer
[-] Ordner Gelöscht : C:\Program Files (x86)\QvodPlayer
[-] Ordner Gelöscht : C:\ProgramData\QvodPlayer
[-] Ordner Gelöscht : C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
[-] Ordner Gelöscht : C:\Users\Muster Man\AppData\Local\eSupport.com
[-] Ordner Gelöscht : C:\Users\Muster Man\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Muster Man\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DownloadIcon
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8502600-B272-4F68-A67B-A0305D46D298}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A8502600-B272-4F68-A67B-A0305D46D298}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A8502600-B272-4F68-A67B-A0305D46D298}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8502600-B272-4F68-A67B-A0305D46D298}
[-] Schlüssel Gelöscht : HKCU\Software\eSupport.com
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7BC7A817-5540-4FD0-9D36-37C2AF2DCBE1}
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]

***** [ Internetbrowser ] *****

[-] [C:\Users\Muster Man\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : oejkcgajlodefenbbjdnaiahmbnnoole
[-] [C:\Users\Solitar\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : ixquick.com
[-] [C:\Users\Solitar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Gelöscht : hxxps://ixquick.de/deu/
[-] [C:\Users\Solitar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxps://ixquick.com/do/dsearch?query={searchTerms}&cat=web&pl=chrome&language=deutsch
[-] [C:\Users\Solitar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : oejkcgajlodefenbbjdnaiahmbnnoole

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [3506 Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Pro x64
Ran by Muster Man on 09.11.2015 at 20:16:14,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] drvagent64 [Reboot required]



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster Scan
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (solitar Dll)
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster Update
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Uninstaller_SkipUac_solitar



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver booster 2
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\solitar Dll\AppData\Roaming\iobit\driver booster
Successfully deleted: [Folder] C:\Users\solitar Dll\AppData\Roaming\productdata
Successfully deleted: [Folder] C:\WINDOWS\SysWOW64\ai_recyclebin



~~~ FireFox

Successfully deleted: [Folder] C:\Users\solitar Dll\AppData\Roaming\mozilla\firefox\profiles\kr4jb1f6.default\extensions

\iobitascsurfingprotection@iobit.com



~~~ Chrome


[C:\Users\solitar Dll\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\solitar Dll\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\solitar Dll\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\solitar Dll\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.11.2015 at 20:19:12,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber · 10.11.2015, 21:01

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

hardyxy9 · 10.11.2015, 21:58

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=f55013e66aa43d4d98ab85a89f929217
# engine=18786
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-19 01:33:50
# local_time=2014-06-19 03:33:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2014'
# compatibility_mode=1051 16777213 100 100 18051 90318814 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6277576 154814680 0 0
# scanned=142854
# found=5
# cleaned=4
# scan_time=2162
sh=D5ACB7BEB7448438BBACB9196EE4411C25D795FE ft=1 fh=4071dddff7b68764 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Soda PDF 6\Installation\adawareTb_3.4.0.3_Lav01.exe"
sh=61ED5E3EA71E73DED3D62E32905D80471C4EB879 ft=1 fh=10c8c63937cd4ad6 vn="Win32/Toolbar.Zugo evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Bzeek\bzeekPlugin-setup.exe"
sh=D5ACB7BEB7448438BBACB9196EE4411C25D795FE ft=1 fh=4071dddff7b68764 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\Soda PDF 6\Installation\adawareTb_3.4.0.3_Lav01.exe"
sh=61ED5E3EA71E73DED3D62E32905D80471C4EB879 ft=1 fh=10c8c63937cd4ad6 vn="Win32/Toolbar.Zugo evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muster\Downloads\bzeekPlugin-setup.exe"
sh=C8A5C273B16FB890EBD6DBBA9D38A8ECB35C5654 ft=1 fh=1efd904ef6c69915 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muster\Downloads\PDF_Sam_Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f55013e66aa43d4d98ab85a89f929217
# end=init
# utc_time=2015-11-10 08:06:39
# local_time=2015-11-10 09:06:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f55013e66aa43d4d98ab85a89f929217
# end=init
# utc_time=2015-11-10 08:09:00
# local_time=2015-11-10 09:09:00 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 26662
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f55013e66aa43d4d98ab85a89f929217
# end=updated
# utc_time=2015-11-10 08:11:56
# local_time=2015-11-10 09:11:56 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f55013e66aa43d4d98ab85a89f929217
# engine=26662
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-10 08:50:14
# local_time=2015-11-10 09:50:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 7618193 10662626 0 0
# compatibility_mode_1='360 Total Security'
# compatibility_mode=16641 16777213 87 100 38773 26133312 0 0
# scanned=361417
# found=4
# cleaned=0
# scan_time=2297
sh=53F8742021CC6B62433B574206EF59BA450BEAAB ft=1 fh=70a5cbc454726348 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="C:\Users\Muster\AppData\Roaming\Steganos Updates\okayfreedom.exe"
sh=0123D57987F7428E1F57E8519E9B55545CE9D83D ft=0 fh=0000000000000000 vn="PHP/WebShell.NBV Trojaner" ac=I fn="C:\wamp\www\Live_seite\css\7c32.php"
sh=0123D57987F7428E1F57E8519E9B55545CE9D83D ft=0 fh=0000000000000000 vn="PHP/WebShell.NBV Trojaner" ac=I fn="C:\wamp\www\Live_Seite_Joomla2\css\7c32.php"
sh=0123D57987F7428E1F57E8519E9B55545CE9D83D ft=0 fh=0000000000000000 vn="PHP/WebShell.NBV Trojaner" ac=I fn="C:\xampp\htdocs\myBetreuung24_Joomla!-Version 2.5.28\css\7c32.php"

Code:

ATTFilter

 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender     
360 Total Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 80  
 Java version 32-bit out of Date! 
 Google Chrome (45.0.2454.101) 
 Google Chrome (plugins...) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Muster_Man (Administrator) auf LENOVOX220 (10-11-2015 21:56:49)
Gestartet von C:\Users\Solitar\Downloads
Geladene Profile: Muster_Man (Verfügbare Profile: Muster_Man & Solitar)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(360.cn) C:\Program Files (x86)\360\360WangPan\360WangPan.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Connection Manager\ModemPnPService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Ipswitch) C:\Program Files\WS_FTP\WsftpCOMHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395744 2012-10-31] ()
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [164032 2015-08-23] (Synaptics)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-08-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2011-04-01] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Blackcomb] => C:\Program Files (x86)\Samsung Connection Manager\ModemPnPService.exe [131072 2011-02-11] (Samsung Electronics.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlackArmorBackupMonitor.exe] => C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe [5584616 2012-10-31] ()
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [300152 2015-09-21] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4493824 2014-05-07] (Research In Motion Limited)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2720144 2015-08-09] (Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [AusweisApp] => C:\Program Files (x86)\AusweisApp\siqBootLoader.exe [2518656 2014-01-24] (OpenLimit SignCubes AG)
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [360cloud] => C:\Program Files (x86)\360\360WangPan\360WangPan.exe [14519920 2015-06-03] (360.cn)
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [LaCie Ethernet Agent Startup] => C:\Program Files\Seagate\Network Assistant\Seagate Network Assistant.exe [8857600 2014-03-18] (Seagate SA)
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\Solitar D�ll\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Muster_Man\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\Solitar D�ll\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Muster_Man\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\Solitar D�ll\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Muster_Man\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\Solitar D�ll\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Muster_Man\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
Lsa: [Notification Packages] scecli ACGina
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {A786E080-E576-469D-8A39-E1CF47517117} => C:\Windows\System32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [DownloadIcon] -> {A8502600-B272-4F68-A67B-A0305D46D298} =>  Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {A786E080-E576-469D-8A39-E1CF47517117} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\Users\Muster_Man\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CarPort Updater.lnk [2015-06-21]
ShortcutTarget: CarPort Updater.lnk -> C:\Program Files (x86)\CarPort\CarPort.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{138a9c8a-a3fa-4776-8f5d-14a9c23ae785}: [NameServer] 212.23.115.132 212.23.115.150
Tcpip\..\Interfaces\{b4f3ccec-8901-4d39-910c-eb142d04fd1b}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c647e28a-b5a7-48eb-9966-19bb73eb627d}: [NameServer] 193.189.244.225 193.189.244.206

Internet Explorer:
==================
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {7BC7A817-5540-4FD0-9D36-37C2AF2DCBE1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {7BC7A817-5540-4FD0-9D36-37C2AF2DCBE1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> DefaultScope {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=33059180_oem_dg&ch=33
SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=33059180_oem_dg&ch=33
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2015-09-21] (Qihu 360 Software Co., Ltd.)
BHO: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE64.ols [2014-04-11] (OpenLimit SignCubes AG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2015-08-10] (Qihu 360 Software Co., Ltd.)
BHO-x32: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE32.ols [2014-04-11] (OpenLimit SignCubes AG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
Toolbar: HKLM-x32 - &GO Stats - {3D98AD1A-707C-4FA7-AE98-C4039B8231EB} - C:\Program Files (x86)\GoStats\GoStatsBar.dll [2005-08-07] ()
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Muster_Man\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @qvod.com/QvodShare -> C:\Program Files (x86)\QvodPlayer\npShareModule_x64.dll [Keine Datei]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014-05-07] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: AusweisApp - C:\Program Files (x86)\AusweisApp\mozilla\eCardClientPIn_FFxx_Win [2014-05-20] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\Muster_Man\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default\extensions\iobitascsurfingprotection@iobit.com [nicht gefunden]

Chrome: 
=======
CHR Profile: C:\Users\Muster_Man\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Muster_Man\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Muster_Man\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-20]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2015-07-31] (Broadcom Corporation.)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [Datei ist nicht signiert]
S2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [99328 2014-02-19] () [Datei ist nicht signiert]
S2 bzeekuninstallsvc; C:\Program Files (x86)\Bzeek\bzeek.exe [4985056 2012-06-24] (BzeekLand LTD.) [Datei ist nicht signiert]
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320560 2014-06-24] (Lenovo.)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
S2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [8910336 2015-10-14] (SecureMix LLC)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [35784 2015-10-22] (Lenovo Group Limited)
S4 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-31] (Microsoft Corporation)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [859768 2015-09-21] (QIHU 360 SOFTWARE CO. LIMITED)
S2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [Datei ist nicht signiert]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [Datei ist nicht signiert]
S4 sfcdpsrv; C:\Program Files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe [3246040 2014-07-05] (Acronis)
S4 SgtSch2Svc; C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [1114688 2012-10-31] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22008 2015-07-01] ()
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-08-23] (Synaptics Incorporated)
S2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] ()
S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [Datei ist nicht signiert]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1526120 2013-09-25] (Lenovo Group Limited)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-31] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-31] (Microsoft Corporation)
S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [Datei ist nicht signiert]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-01-14] ()

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137296 2015-07-23] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-09-21] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-09-21] (360.cn)
R3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-08-01] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [363088 2015-07-23] (360.cn)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21600 2013-03-14] (Advanced Micro Devices, Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] ()
S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-11-29] ()
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178768 2015-08-10] (360.cn)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-07-31] (Broadcom Corporation.)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17088 2014-01-22] (Glarysoft Ltd)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 cmnuusbser; C:\Windows\system32\DRIVERS\cmnuusbser.sys [123904 2014-04-18] (Wireless Device)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c65x64.sys [471312 2015-07-31] (Intel Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2014-11-10] (IObit)
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-27] (REALiX(tm))
R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-10] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-31] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-08-15] (Intel Corporation)
S3 PGRUSB; C:\Windows\System32\DRIVERS\PGRXHCI.sys [123392 2013-12-18] (Point Grey Research)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-08-23] (Synaptics Incorporated)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)
R3 Tvti2c; C:\Windows\system32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2014-11-10] (IObit.com)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [284912 2014-04-25] (Ericsson AB)
S3 XHCIdrv; C:\Windows\System32\DRIVERS\XHCIdrv.sys [119720 2013-10-24] (Windows (R) Win 7 DDK provider)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-10 21:44 - 2015-11-10 21:44 - 00016148 _____ C:\WINDOWS\system32\LENOVOX220_Muster_Man_HistoryPrediction.bin
2015-11-10 21:13 - 2015-11-10 21:54 - 00852720 _____ C:\Users\Muster_Man\Desktop\SecurityCheck.exe
2015-11-10 21:08 - 2015-11-10 21:08 - 02870984 _____ (ESET) C:\Users\Solitar\Downloads\esetsmartinstaller_deu (1).exe
2015-11-10 21:06 - 2015-11-10 21:06 - 02870984 _____ (ESET) C:\Users\Solitar\Downloads\esetsmartinstaller_deu.exe
2015-11-10 21:04 - 2015-11-10 21:04 - 00016148 _____ C:\WINDOWS\system32\LENOVOX220_Solitar_HistoryPrediction.bin
2015-11-10 16:20 - 2015-11-10 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-09 21:22 - 2015-11-09 21:22 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-11-09 20:15 - 2015-10-05 23:26 - 01801288 _____ (Malwarebytes) C:\Users\Muster_Man\Desktop\JRT.exe
2015-11-09 20:10 - 2015-11-09 20:10 - 00003587 _____ C:\Users\Solitar\Downloads\AdwCleaner[C2].txt
2015-11-09 19:14 - 2015-11-09 20:15 - 01798976 _____ (Malwarebytes) C:\Users\Solitar\Downloads\JRT.exe
2015-11-09 19:14 - 2015-11-09 20:01 - 01712128 _____ C:\Users\Solitar\Downloads\AdwCleaner_5.019.exe
2015-11-09 10:40 - 2015-11-09 10:40 - 00481045 _____ C:\Users\Solitar\Downloads\FRITZ.Box 7490 113.06.30_09.11.15_1040.export
2015-11-09 10:22 - 2015-11-09 10:22 - 00045495 _____ C:\Users\Solitar\Downloads\Boch_FaxSpam4.tif
2015-11-08 16:12 - 2015-11-10 21:57 - 00029356 _____ C:\Users\Solitar\Downloads\FRST.txt
2015-11-08 16:12 - 2015-11-10 21:56 - 00000000 ____D C:\FRST
2015-11-08 16:11 - 2015-11-08 16:12 - 02198528 _____ (Farbar) C:\Users\Solitar\Downloads\FRST64.exe
2015-11-07 11:55 - 2015-11-07 11:55 - 00481133 _____ C:\Users\Solitar\Downloads\FRITZ.Box 7490 113.06.30_07.11.15_1155.export
2015-11-06 13:41 - 2015-11-06 13:41 - 00000000 ____D C:\Users\Muster_Man\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire
2015-11-06 13:41 - 2015-11-06 13:41 - 00000000 ____D C:\Users\Muster_Man\AppData\Local\GlassWire
2015-11-06 13:41 - 2015-11-06 13:41 - 00000000 ____D C:\ProgramData\GlassWire
2015-11-06 13:41 - 2015-05-29 05:30 - 00008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2015-11-06 13:41 - 2015-05-29 05:15 - 00033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2015-11-06 13:40 - 2015-11-06 13:41 - 00000000 ____D C:\Program Files (x86)\GlassWire
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\Users\Solitar\Downloads\BrAdmin3530004eur.exe
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\f86f83075e9d7d96e5
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\daf42a1b4cebcadfc29e50
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\b55362dbf3c66fbb753edea4a31e
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\b0d3ae91f65a665f27
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\a68a4bb77a8537a716161c6e0bfec3
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\a164d43ba4af8fdde464
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\88160bad2f871498af
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\6f42a20f6da31f2fe727b8de721e3f68
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\5dbd9b9f8b378e1ddb958a8902ed
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\5621adaf9345ec36dc5793d7f0c8b1
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\4e8e44df69bc98bedefb6cc3076f66
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\400dfc9163dedef140
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\1d616b3cc3d337fa3d9d5f429c8d
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\1a3d491a3fb609fccd5b2a
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\181d51811d12972900
2015-11-05 13:27 - 2015-11-05 13:27 - 00000000 _____ C:\0fc720bbb1d23d4e6144ac26d6cbc943
2015-11-04 14:13 - 2015-11-04 14:15 - 210676352 _____ C:\Users\Solitar\Downloads\IntelDataMigrationSoftware_15056_de-DE.exe
2015-11-04 13:57 - 2015-11-04 13:58 - 132880840 _____ (SanDisk Corporation) C:\Users\Solitar\Downloads\SanDiskSSDDashboardSetup_1.4.1.exe
2015-11-04 11:32 - 2015-11-04 11:36 - 416418064 _____ C:\Users\Solitar\Downloads\Paragon_Backup_and_Recovery_14_free_ger.exe
2015-11-03 21:51 - 2015-11-03 21:51 - 10812008 _____ (Dovado Europe AB) C:\Users\Solitar\Downloads\TINY_7_3_11.exe
2015-11-01 00:28 - 2015-11-01 00:28 - 00000000 ____D C:\Users\Muster_Man\AppData\Roaming\360TotalSecurity
2015-10-30 21:17 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 21:17 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 21:17 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 21:17 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 21:17 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 21:17 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 21:17 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 21:17 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 21:17 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 21:17 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 21:17 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 21:17 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 21:17 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 21:17 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 21:17 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 21:17 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 21:17 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 21:17 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 21:17 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 21:17 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 21:17 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 21:17 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 21:17 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 21:17 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 21:17 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 21:17 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 21:17 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 21:17 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 21:17 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 21:17 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 21:17 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 21:17 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 21:17 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 21:17 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-27 22:56 - 2015-10-27 22:56 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
2015-10-27 22:56 - 2015-10-27 22:56 - 00001000 _____ C:\Users\Public\Desktop\Market Samurai.lnk
2015-10-27 22:56 - 2015-10-27 22:56 - 00000000 ____D C:\Program Files (x86)\Market Samurai
2015-10-26 10:23 - 2015-10-26 10:23 - 13921385 _____ C:\Users\Solitar\Downloads\beurteilungfrauprzbylskarechnung.zip
2015-10-25 09:19 - 2015-10-25 09:19 - 00000896 _____ C:\Users\Solitar\Downloads\EVN_R2015001585856.txt
2015-10-24 21:58 - 2015-10-24 21:58 - 00000048 _____ C:\Users\Solitar\Downloads\video.m3u
2015-10-23 10:25 - 2015-10-23 10:26 - 00513004 _____ C:\Users\Solitar\Downloads\Sauer_Anrufbeantworter.wav
2015-10-23 10:15 - 2015-10-23 10:15 - 00051302 _____ C:\Users\Solitar\Downloads\Sauer_Anrufbeantworter.amr
2015-10-21 16:01 - 2015-10-21 16:01 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\360Game
2015-10-20 10:18 - 2015-10-20 10:18 - 00000112 _____ C:\WINDOWS\system32\snetcfg.log
2015-10-15 10:17 - 2015-10-15 10:17 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-10-15 10:13 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-15 10:13 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-15 10:13 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-15 10:13 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-15 10:13 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-15 10:13 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-15 10:13 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-15 10:13 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-15 10:13 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-15 10:13 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-15 10:13 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-15 10:13 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-15 10:13 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-15 10:13 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-15 10:13 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-15 10:13 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-15 10:13 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-15 10:13 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-15 10:13 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-15 10:13 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-15 10:13 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-15 10:13 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-15 10:13 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-15 10:13 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-15 10:13 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-15 10:13 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-15 10:13 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-15 10:13 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-15 10:13 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-15 10:13 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-15 10:13 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-15 10:13 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-15 10:13 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-15 10:13 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-15 10:13 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-15 10:13 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-15 10:13 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-15 10:13 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-15 10:13 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-15 10:13 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-15 10:13 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-15 10:13 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-15 10:13 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-15 10:13 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-15 10:13 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-15 10:13 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-15 10:08 - 2015-10-15 10:09 - 40102072 _____ (Microsoft Corporation) C:\Users\Solitar\Downloads\vstor_redist.exe
2015-10-14 09:25 - 2015-10-14 09:25 - 00033652 _____ C:\Users\Solitar\Downloads\Treumann_Faxspam1.tif
2015-10-14 09:24 - 2015-10-14 09:24 - 00045376 _____ C:\Users\Solitar\Downloads\Boch_FaxSpam3.tif
2015-10-12 13:17 - 2015-10-12 13:19 - 00000000 ____D C:\Users\Solitar\Downloads\seniorenschwabach
2015-10-12 13:17 - 2015-10-12 13:17 - 00868607 _____ C:\Users\Solitar\Downloads\seniorenschwabach.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-10 21:49 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-10 21:38 - 2015-06-10 09:25 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-10 21:33 - 2015-07-17 10:38 - 00000596 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003.job
2015-11-10 21:18 - 2014-08-10 12:10 - 00000000 ____D C:\Users\Muster_Man\AppData\LocalLow\360WD
2015-11-10 21:14 - 2015-10-09 10:41 - 00017533 _____ C:\WINDOWS\setupact.log
2015-11-10 21:14 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-10 21:09 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-10 21:04 - 2015-07-31 11:07 - 00000000 ___RD C:\Users\Solitar\OneDrive
2015-11-10 21:04 - 2015-06-21 12:40 - 00000000 ___RD C:\Users\Muster_Man\Dropbox
2015-11-10 21:04 - 2015-06-10 09:25 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-10 21:04 - 2015-06-10 09:25 - 00000000 ____D C:\Users\Muster_Man\AppData\Local\Dropbox
2015-11-10 21:04 - 2015-05-20 22:33 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\KeePass
2015-11-10 21:04 - 2014-06-17 20:34 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-10 20:52 - 2015-07-17 10:38 - 00000692 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003.job
2015-11-10 19:58 - 2014-06-19 09:43 - 00000000 ____D C:\Users\Solitar\AppData\LocalLow\360WD
2015-11-10 19:46 - 2013-12-12 21:09 - 00000000 ___RD C:\Users\Solitar\Dropbox
2015-11-10 19:46 - 2013-12-12 21:07 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\Dropbox
2015-11-10 18:40 - 2015-08-16 14:50 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CDC91857-6445-4164-AA74-16D99DDC4E7A}
2015-11-10 16:20 - 2015-06-10 09:25 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-10 09:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-09 20:28 - 2015-04-20 16:52 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-09 20:17 - 2014-12-25 18:37 - 00000000 ____D C:\Users\Muster_Man\AppData\Roaming\IObit
2015-11-09 20:17 - 2014-12-25 18:37 - 00000000 ____D C:\ProgramData\IObit
2015-11-09 20:17 - 2014-12-25 18:37 - 00000000 ____D C:\Program Files (x86)\IObit
2015-11-09 20:12 - 2015-07-31 10:52 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-09 20:12 - 2015-07-10 17:34 - 00884838 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-09 20:12 - 2015-07-10 17:34 - 00195936 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-09 20:07 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-09 20:06 - 2015-10-09 11:01 - 00005200 _____ C:\WINDOWS\PFRO.log
2015-11-09 20:05 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-09 20:05 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-09 20:05 - 2014-06-20 08:58 - 00000000 _RSHD C:\360SANDBOX
2015-11-09 20:04 - 2013-12-14 23:39 - 00000000 ____D C:\AdwCleaner
2015-11-08 15:23 - 2015-08-18 21:03 - 00125440 ___SH C:\Users\Solitar\Downloads\Thumbs.db
2015-11-07 18:22 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-06 13:40 - 2014-08-10 15:05 - 00000000 ____D C:\Users\Muster_Man\AppData\Roaming\360safe
2015-11-06 13:39 - 2015-07-31 14:04 - 00002415 _____ C:\Users\Muster_Man\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-06 13:39 - 2015-07-31 14:04 - 00000000 ___RD C:\Users\Muster_Man\OneDrive
2015-11-05 13:27 - 2013-12-12 13:14 - 00000000 ____D C:\ProgramData\Lenovo
2015-11-03 22:20 - 2014-04-18 12:47 - 00000000 ____D C:\Users\Muster_Man\AppData\Roaming\XSManager
2015-11-03 19:52 - 2015-07-31 11:07 - 00002400 _____ C:\Users\Solitar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-02 00:28 - 2015-07-31 10:53 - 00000000 ____D C:\Users\Solitar
2015-11-01 21:50 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-01 00:31 - 2015-08-09 23:46 - 00000000 ____D C:\Users\Muster_Man\AppData\Roaming\Skype
2015-11-01 00:31 - 2015-07-31 11:48 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-01 00:31 - 2015-07-16 10:39 - 00003378 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1437039558
2015-10-31 15:09 - 2015-04-20 16:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-31 14:55 - 2015-07-16 10:38 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-29 14:29 - 2013-12-12 22:35 - 00000789 _____ C:\WINDOWS\BRWMARK.INI
2015-10-28 12:06 - 2014-06-18 09:35 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\360CloudUI
2015-10-27 14:33 - 2015-07-17 10:38 - 00003854 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003
2015-10-27 14:33 - 2015-07-17 10:38 - 00003758 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003
2015-10-26 10:10 - 2013-12-26 18:31 - 00000000 ____D C:\Users\Solitar\AppData\Local\Lenovo
2015-10-23 10:34 - 2014-11-13 16:21 - 00000000 ____D C:\Users\Solitar\AppData\Roaming\Audacity
2015-10-23 09:50 - 2014-08-30 08:43 - 00000000 __SHD C:\ProgramData\360Quarant
2015-10-23 09:50 - 2014-08-30 08:43 - 00000000 __SHD C:\$360Section
2015-10-20 10:19 - 2014-05-20 12:38 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-10-20 10:18 - 2015-02-27 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2015-10-20 10:18 - 2015-02-27 19:19 - 00000000 ____D C:\Program Files\FRITZ!Fernzugang
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 10:25 - 2013-12-12 16:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 10:19 - 2013-12-12 16:28 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-15 10:18 - 2013-12-12 17:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 23:01 - 2015-03-24 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2
2015-10-13 23:01 - 2014-06-17 20:44 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-13 23:01 - 2014-06-17 20:44 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-18 10:57 - 2014-09-13 12:29 - 7885584 _____ (360安全中心) C:\Program Files (x86)\360DrvMgrInstaller_2.0.0.1040.exe
2014-06-19 22:30 - 2014-06-19 22:30 - 0120996 _____ () C:\Users\Muster_Man\AppData\Local\ars.cache
2014-06-19 22:30 - 2014-06-19 22:30 - 0272862 _____ () C:\Users\Muster_Man\AppData\Local\census.cache
2015-05-27 15:21 - 2015-05-27 15:21 - 0121768 _____ () C:\Users\Muster_Man\AppData\Local\extension_1_1_0_2.crx
2014-06-19 14:55 - 2014-06-19 14:55 - 0000036 _____ () C:\Users\Muster_Man\AppData\Local\housecall.guid.cache
2014-09-23 11:41 - 2015-08-09 12:51 - 0007626 _____ () C:\Users\Muster_Man\AppData\Local\Resmon.ResmonCfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Solitar\setup_Pixum_Fotobuch.exe


Einige Dateien in TEMP:
====================
C:\Users\Solitar\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp56ihxh.dll
C:\Users\Muster_Man\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpo6td8b.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-10 09:16

==================== Ende von FRST.txt ============================

hardyxy9 · 10.11.2015, 22:00

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von Muster_Man (2015-11-10 21:57:16)
Gestartet von C:\Users\Solitar\Downloads
Windows 10 Pro (X64) (2015-07-31 10:04:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2113504872-800665639-2394083016-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2113504872-800665639-2394083016-503 - Limited - Disabled)
Gast (S-1-5-21-2113504872-800665639-2394083016-501 - Limited - Disabled)
Solitar (S-1-5-21-2113504872-800665639-2394083016-1003 - Limited - Enabled) => C:\Users\Solitar
Muster_Man (S-1-5-21-2113504872-800665639-2394083016-1000 - Administrator - Enabled) => C:\Users\Muster_Man
Solitar_Surf (S-1-5-21-2113504872-800665639-2394083016-1023 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2113504872-800665639-2394083016-1026 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 7.6.0.1031 - 360 Security Center)
360云盘 (HKLM-x32\...\360云盘（网盘版）) (Version: 6.5.2.1160 - 360安全中心)
7-PDF Printer 10.10.0.2307 (HKLM\...\7-PDF Printer_is1) (Version: 10.10.0.2307 - 7-PDF, Germany - Th. Hodes)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.3.0 - IObit)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
AOMEI Partition Assistant Pro Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AusweisApp (HKLM-x32\...\{BA6CDB7A-F5D7-4341-99E1-1FF0AAEAF1D8}) (Version: 1.13.0 - OpenLimit SignCubes AG)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
BlackArmor Discovery (HKLM-x32\...\InstallShield_{B52480BF-CCED-4DD4-8DC2-28BB750D703E}) (Version: 1.20.0931.004 - Seagate)
BlackArmor Discovery (x32 Version: 1.20.0931.004 - Seagate) Hidden
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.3.48 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.3.48 - BlackBerry Ltd.) Hidden
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.53.0004 - Brother)
Brother MFL-Pro Suite MFC-9320CW (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.44.0 - Conexant)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.0.20150113 - Landesfinanzdirektion Thüringen)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.65.2 - Lenovo Group Limited)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evernote v. 5.8.12 (HKLM-x32\...\{C5F59C16-1EA5-11E5-AF29-0050569584E9}) (Version: 5.8.12.8127 - Evernote Corp.)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Free Screen Video Recorder version 3.0.4.713 (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 3.0.4.713 - DVDVideoSoft Ltd.)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Utilities PRO 4.5 (HKLM-x32\...\Glary Utilities 4) (Version: 4.5.0.89 - Glarysoft Ltd)
GlassWire 1.0 (remove only) (HKLM-x32\...\GlassWire 1.0) (Version: 1.0.67 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoStats ToolBar (HKLM-x32\...\GoStatsToolBar) (Version: 1.0 - GoStats)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.15) (Version: 9.15 - Artifex Software Inc.)
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel(R) Driver Update Utility 2.2 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.0 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.051.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0003 - Lenovo)
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.3.7170 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.77 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.77 - Alliance Software Pty Ltd) Hidden
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Pro Photo Tools (HKLM-x32\...\{A05CF147-BEED-4880-BF9B-4EAF22C77FFD}) (Version: 2.2 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.06.07.40 - Huawei Technologies Co.,Ltd)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA)
PresentationTube Recorder 3.0 (HKLM-x32\...\{91F8441B-E7A7-4513-9D7C-080B643D2FD6}_is1) (Version: 3.0 - PresentationTube)
Rescue and Recovery (HKLM-x32\...\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}) (Version: 4.52.0005.00 - Lenovo Group Limited)
Samsung Connection Manager (HKLM-x32\...\{F3F95061-0427-4386-AB03-1556CBE52927}) (Version: 112.6 - Samsung Electronics)
SCL011 Contactless Reader (HKLM-x32\...\{101A21B2-E102-4F64-A7FA-CEF7182D0E2D}) (Version: 1.01 - SCM Microsystems)
Scribus 1.4.4 (64bit) (HKLM\...\Scribus 1.4.4) (Version: 1.4.4 - The Scribus Team)
Sdrive (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Sdrive) (Version: 1.0.5.0 - Seagate Technology LLC)
Sdrive CBFS (HKLM-x32\...\Sdrive CBFS) (Version: 3.2.107.0 - Seagate Technology LLC)
Seagate BlackArmor Backup 2011 (HKLM-x32\...\{5607090E-B8B1-4E1E-ADA2-426522CED33C}) (Version: 14.0.4076 - Seagate)
Seagate NAS Discovery (HKLM-x32\...\{58053C71-35D9-4F16-9E5A-50C97504B2D0}) (Version: 1.00.0020 - Seagate)
Seagate Network Assistant (HKLM\...\{BA94B525-1469-4E00-AFE4-50ADEB8B3993}_is1) (Version: 1.2.1 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Should I Remove It (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
Site Visualizer Professional 1.5.10 (HKLM-x32\...\Site Visualizer Professional_is1) (Version: 1.5.10 - Elphsoft)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.2 - Synaptics Incorporated)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3200 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Video to Picture (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\VideoToPicture) (Version:  - Watermark Software. All Rights Reserved.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows-Treiberpaket - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI)
Windows-Treiberpaket - FTDI FTDI D2XX (03/21/2011 2.08.14) (HKLM\...\D6BC3CBE8968CB6351105F9D2EEC52CE24F2C99D) (Version: 03/21/2011 2.08.14 - FTDI)
Windows-Treiberpaket - FTDI FTDI VCP (03/20/2011 2.08.14) (HKLM\...\9FCA89337DAC5D4196D98BF2F17E831E1EE83336) (Version: 03/20/2011 2.08.14 - FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI D2XX (05/23/2013 2.08.28) (HKLM\...\7179001CFD2B32971C9902F02EA01225C83D6181) (Version: 05/23/2013 2.08.28 - MPP FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI VCP (05/23/2013 2.08.28) (HKLM\...\1D76E4AE71F40C949254202D92503849C8E9BF6E) (Version: 05/23/2013 2.08.28 - MPP FTDI)
Windows-Treiberpaket - MPP USB CDC Virtual COM Port (05/23/2013 2.0.0) (HKLM\...\66DD18691EC6886B537A726978F65EF1E8D2D83C) (Version: 05/23/2013 2.0.0 - MPP)
Windows-Treiberpaket - MPP USB CDC Virtual COM Port (09/16/2011 1.5.0) (HKLM\...\6D3D1B84986E536339ED6F2B2A381D13597CD69C) (Version: 09/16/2011 1.5.0 - MPP)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2113504872-800665639-2394083016-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Muster_Man\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

08-11-2015 17:30:50 Windows-Sicherung
09-11-2015 20:16:15 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-08-15 15:08 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00AD2B19-E0F1-4598-B8F6-FB81D7D0C95B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {0148D66F-4402-478C-981D-4DD1E7CF5046} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {0362078B-8A5D-4076-8502-214291637CA0} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-06-24] (Lenovo Group Limited)
Task: {0624E683-48EA-41D5-81B7-81D8952E5235} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.)
Task: {130F3993-0806-4245-83F5-AAB974269AE6} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2015-03-09] (Lenovo)
Task: {1A697A3F-7917-430D-B209-D18A5C5987F2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {1B340F71-B5C5-4759-9DB2-B3BE418D496F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1E512CAA-8FBA-4F0E-85C2-79FD59D7CD53} - System32\Tasks\GlaryInitialize 4 => C:\Program Files\GlaryUtilitiesPRO44\Glary Utilities 4\Initialize.exe [2014-01-22] (Glarysoft Ltd)
Task: {2CA72F58-C84E-4F09-A444-AA58BC6F5262} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2D0C4A97-E354-489C-A4F2-EA05FA4D6E2C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)
Task: {3283DBA3-D400-40B8-86DC-34C1D39EAD21} - System32\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003 => C:\Users\Solitar\AppData\Local\Citrix\GoToMeeting\3770\g2mupdate.exe [2015-10-27] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {3A90E392-8D43-49D1-A73A-B7943A2F9FA0} - System32\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003 => C:\Users\Solitar\AppData\Local\Citrix\GoToMeeting\3770\g2mupload.exe [2015-10-27] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {3B7C0878-617C-45E5-9B2C-1461F461EB0E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {440299AD-80BA-4739-A075-06BE27058FE1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {49441387-1C91-4845-B422-2BACC10D6C3B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {4B78C40C-5D78-4F30-9963-A94C362D6D87} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4D2DEAB9-2143-4FB0-9093-1F4A7F59ACDA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {536C646E-D588-46D9-AF02-87FFB60D9E21} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {53F29ED5-EF5F-4E7C-8C0B-C188DA6E3322} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {590ADF76-CBFF-401E-B894-34FAE8C501D4} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
Task: {621F9089-384B-47E8-9420-D3AF938A0D19} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {63B37499-263F-4C1A-A0AF-C532FF0FD740} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {679FEB60-5999-4ED0-98C5-FD41BCB12A33} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {6D78B99B-D53B-4570-BDDC-68366556BBE0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {7974A3CC-E9BE-4CE7-B79E-E8FE27CDEAD2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7A00FD0C-6E3B-4FE1-88FD-AEEC62130AE8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {7C05B167-F13B-4DBC-86C8-E54838174520} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7CFD924D-D5BF-499A-9445-7D4E964DC927} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {7EB4168F-CB7B-42DE-84C1-05DBBA81DE8C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {7EF8B6C1-988C-495E-A807-36331F24251E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {8575E2AE-DECA-4EB3-B00C-4CC443C684AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {8959AC81-35EA-4F1E-870A-7C7B12958103} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {8995E6EC-DC82-4DD3-B523-D21822198A29} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {8EB23F6E-5DE1-433C-8901-A26BF07C9538} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-15] (Microsoft Corporation)
Task: {8F199179-FAAC-4408-8B59-F4CE020CFD69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {90F8D2E3-709F-4949-920E-54CE0D58E009} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {91213A2B-84BF-4386-8404-84D1F803206C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {92E9E2B2-6F53-49E6-BE02-5BE1799B36C8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {98012973-2E04-4626-857F-26C5F2A4C194} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {A014BFD9-8C38-4C83-B26E-FE74FD79476B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {B287132C-5F6F-4ED7-AD73-5C430DFC06D2} - System32\Tasks\ASC8_SkipUac_Muster_Man => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-06-16] (IObit)
Task: {B2F6E1B5-78A0-449B-B236-BDA0ACFBDF1F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)
Task: {B318A255-439B-4AB9-B09D-5508CA1B56AB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {B5730A8C-C8C9-4B30-BFA5-9BE87567FF51} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {B637FAD6-DC30-4BF6-85A3-10AE063EDE74} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {BFD0C495-E28E-4FCC-A95C-211BA18C2D50} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C2210B65-E867-42F3-9108-A353D3B75AC8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C289FE81-0197-4192-B24E-4118283698D5} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {C6A65C86-1A8F-4AC6-AB5E-FB7D82F8CA41} - System32\Tasks\GU4SkipUAC => C:\Program Files\GlaryUtilitiesPRO44\Glary Utilities 4\Integrator.exe [2014-01-22] (Glarysoft Ltd)
Task: {D3DE109C-D785-4FF8-B417-9F659A7A01F8} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {D411943A-A66B-4652-99A1-63DC6D014E5E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-07-01] ()
Task: {D58871F7-A51A-4716-B3A9-4C596625278E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {DC2A5D41-AE96-4D70-9C0A-E083019BEA1D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-21] (Adobe Systems Incorporated)
Task: {E503D894-230F-49C4-BAFD-FBA24F8C10CA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {E530BDF8-9011-4771-98C5-049AFF1202DB} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {E7DD67A2-CB44-47E8-BE25-449C6081C644} - System32\Tasks\Opera scheduled Autoupdate 1437039558 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {E8879E5F-A05D-4882-A81B-1CA267E75846} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {EA020356-1BD4-43A0-99D7-C7D95DA69C4D} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => C:\Windows\System32\reg.exe [2015-07-10] (Microsoft Corporation)
Task: {EFF8784A-51A8-43C5-8E2C-D3377894209C} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.)
Task: {F3356CE2-7C78-4E87-9FEC-A1EC844F1D8B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {F44B8F9C-B62D-4994-9A53-27B63E5A21C8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F5BF44D4-6D85-422C-B3C1-26762DC35829} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {FA17A770-6747-4617-8A41-76CB26706EF8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {FDC2A1A1-A90F-4431-B9D3-38C239B47FA6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003.job => C:\Users\Solitar\AppData\Local\Citrix\GoToMeeting\3770\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003.job => C:\Users\Solitar\AppData\Local\Citrix\GoToMeeting\3770\g2mupload.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-07-31 11:45 - 2015-07-31 11:45 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-01 11:58 - 2015-08-01 11:58 - 00254880 _____ () C:\Windows\System32\iMDriverHelper.dll
2015-08-19 09:55 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-12-12 22:35 - 2005-04-22 13:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2015-10-01 08:25 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-07-16 08:32 - 2014-06-24 05:05 - 00117760 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-10-01 08:25 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2012-10-31 19:47 - 2012-10-31 19:47 - 01246768 _____ () C:\Program Files (x86)\Seagate\BlackArmorBackup\tishell64.dll
2015-09-20 12:14 - 2010-09-28 14:56 - 06550136 _____ () C:\Program Files\ipswitch\WS_FTP 12\res0409.dll
2012-10-31 19:48 - 2012-10-31 19:48 - 00139656 _____ () C:\Program Files (x86)\Seagate\BlackArmorBackup\x64\versions_page.dll
2014-08-10 13:27 - 2015-09-21 05:10 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2015-10-01 08:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-07-02 01:28 - 2015-07-02 01:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-07-02 01:28 - 2015-07-02 01:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-12-12 22:35 - 2011-04-01 11:26 - 01163264 ____R () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2015-10-01 08:25 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 08:24 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 08:24 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 08:25 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-08-10 13:27 - 2015-09-21 05:10 - 00087672 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2013-12-12 22:35 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-10-01 08:35 - 2015-11-05 00:44 - 00166416 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-11-10 21:04 - 2015-11-10 21:04 - 00071168 _____ () c:\Users\Muster_Man\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpo6td8b.dll
2015-06-10 09:25 - 2015-09-03 01:11 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-10 09:25 - 2015-09-03 01:11 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 08:27 - 2015-09-03 01:11 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-10 09:25 - 2015-09-03 01:11 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-10-09 10:30 - 2015-09-24 03:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-10-09 10:30 - 2015-09-24 03:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-09-20 12:19 - 2010-09-28 14:53 - 00948496 _____ () C:\Program Files\WS_FTP\LIBEAY32.dll
2015-09-20 12:19 - 2010-09-28 14:53 - 00153360 _____ () C:\Program Files\WS_FTP\SSLEAY32.dll
2015-09-20 12:14 - 2010-09-28 14:56 - 06551672 _____ () C:\Program Files\WS_FTP\res0409.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\0fc720bbb1d23d4e6144ac26d6cbc943:Win32App
AlternateDataStreams: C:\181d51811d12972900:Win32App
AlternateDataStreams: C:\1a3d491a3fb609fccd5b2a:Win32App
AlternateDataStreams: C:\1d616b3cc3d337fa3d9d5f429c8d:Win32App
AlternateDataStreams: C:\400dfc9163dedef140:Win32App
AlternateDataStreams: C:\4e8e44df69bc98bedefb6cc3076f66:Win32App
AlternateDataStreams: C:\5621adaf9345ec36dc5793d7f0c8b1:Win32App
AlternateDataStreams: C:\5dbd9b9f8b378e1ddb958a8902ed:Win32App
AlternateDataStreams: C:\6f42a20f6da31f2fe727b8de721e3f68:Win32App
AlternateDataStreams: C:\88160bad2f871498af:Win32App
AlternateDataStreams: C:\a164d43ba4af8fdde464:Win32App
AlternateDataStreams: C:\a68a4bb77a8537a716161c6e0bfec3:Win32App
AlternateDataStreams: C:\b0d3ae91f65a665f27:Win32App
AlternateDataStreams: C:\b55362dbf3c66fbb753edea4a31e:Win32App
AlternateDataStreams: C:\daf42a1b4cebcadfc29e50:Win32App
AlternateDataStreams: C:\f86f83075e9d7d96e5:Win32App
AlternateDataStreams: C:\wamp:Win32App
AlternateDataStreams: C:\xampp:Win32App
AlternateDataStreams: C:\Program Files\Bonjour:Win32App
AlternateDataStreams: C:\Program Files\CCleaner:Win32App
AlternateDataStreams: C:\Program Files\GIMP 2:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Office:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
AlternateDataStreams: C:\Program Files\Sublime Text 2:Win32App
AlternateDataStreams: C:\Program Files\WinRAR:Win32App
AlternateDataStreams: C:\Program Files\WS_FTP:Win32App
AlternateDataStreams: C:\Program Files (x86)\AOMEI Partition Assistant Pro Edition 5.5:Win32App
AlternateDataStreams: C:\Program Files (x86)\Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\AusweisApp:Win32App
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App
AlternateDataStreams: C:\Program Files (x86)\DVDVideoSoft:Win32App
AlternateDataStreams: C:\Program Files (x86)\ElsterFormular:Win32App
AlternateDataStreams: C:\Program Files (x86)\FFmpeg for Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\FRITZ!Fernzugang einrichten:Win32App
AlternateDataStreams: C:\Program Files (x86)\GoStats:Win32App
AlternateDataStreams: C:\Program Files (x86)\Intel Driver Update Utility:Win32App
AlternateDataStreams: C:\Program Files (x86)\KeePass Password Safe 2:Win32App
AlternateDataStreams: C:\Program Files (x86)\Lame For Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\Lenovo:Win32App
AlternateDataStreams: C:\Program Files (x86)\ Malwarebytes Anti-Malware :Win32App
AlternateDataStreams: C:\Program Files (x86)\Market Samurai:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Pro Photo Tools:Win32App
AlternateDataStreams: C:\Program Files (x86)\MSXML 4.0:Win32App
AlternateDataStreams: C:\Program Files (x86)\Opera:Win32App
AlternateDataStreams: C:\Program Files (x86)\PDF Split And Merge Basic:Win32App
AlternateDataStreams: C:\Program Files (x86)\PresentationTube:Win32App
AlternateDataStreams: C:\Program Files (x86)\Samsung Connection Manager:Win32App
AlternateDataStreams: C:\Program Files (x86)\SCM Microsystems:Win32App
AlternateDataStreams: C:\Program Files (x86)\Sdrive CBFS:Win32App
AlternateDataStreams: C:\Program Files (x86)\Site Visualizer:Win32App
AlternateDataStreams: C:\Program Files (x86)\Webocton - Scriptly:Win32App
AlternateDataStreams: C:\WINDOWS\System32:Win32App
AlternateDataStreams: C:\WINDOWS\SysWOW64:Win32App
AlternateDataStreams: C:\Program Files\Common Files\DESIGNER:Win32App
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App
AlternateDataStreams: C:\Users\Solitar\Downloads\BrAdmin3530004eur.exe:Win32App
AlternateDataStreams: C:\Users\Solitar\AppData\Local\Temp:Win32App
AlternateDataStreams: C:\Users\Solitar\Documents\360 Microsoft Partner.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\9320 Handbuch.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Australien Pass Antrag Nr1300t.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\BeschV - Verordnung über die Beschäftigung von Ausländerinnen und Ausländern.htm:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\BeschV - Verordnung über die Beschäftigung von Ausländerinnen und Ausländern_files:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Betreuungsrecht Patientenverfügg Infos.xps:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Bewertungen:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Bewertungen_myBetreuung24:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\CHIP_eBook_Webdesign_2013.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Diagramm Sprachkenntnisse:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\ebay Problem Anschreiben Acrobat.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\english_user_handbook dreambox 7000s.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Fragebogen:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Google Adwords_Lastschrift_Mandat.JPG:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Google Analytics Datenschutzerklärung.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Handyliga Angebot Tarif m Auszahlg Eplus_3.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Handyliga Angebot Tarif m Auszahlg Eplus_mydealz_4.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Handyliga_Mobilfunk_Vertrag_Tarif_m_Auszahlg_Eplus_3.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Homepage_alt_weebly:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\HTML Lernen.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\HUAWEI R201 Wireless Modem Quick Start-(V100R001_01,German,Vodafone_Germany).pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Hyundai_i30:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Joomla_3.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Logitel_Angebot_S2_Eplus_Mai2014.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Lokale_Allianz_Broschüre:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\NEATO-VACUUM-USER-GUIDE_Europe.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\neato_programmersmanual_20140305.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Partnerschaften Bilder:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Powerpoint myBetreuung24:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\QR Codes:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Rechnungen andere Empfänger:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Software_Seriennummern_LenovoX220_2014Juni05_a.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Software_Seriennummern_LenovoX220_2014Juni05_b.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Solac Bügeleisen Manual.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\stundenweise Betreuer:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Swissvoice_Eurit_748_de_manual.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Talkthisway Vodafone Angebotsseite12_Fussnoten Mai 2014_nur Ausz_anders.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\TL-MR3020_V1_user_guide.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\TL-MR3420_V1_user_guide.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\TL-MR3420_V1_user_guide2.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\TL-MR3420_V2_User_Guide.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\TP-Link-WA850RE_V1_User_Guide_19100.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Vertrag_1860926_notebooksbilliger.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Vodafone InfoDok 548 Selbständige Nachweis.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Vodafone_R201 Manual.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Solitar\Documents\Vodafone_Smart_4G_UM_DE_0127_Manual.pdf:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: SecurityUtility => 2
MSCONFIG\Services: sfcdpsrv => 2
MSCONFIG\Services: SgtSch2Svc => 2
HKLM\...\StartupApproved\Run: => "Seagate Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "BlackArmorBackupMonitor.exe"
HKLM\...\StartupApproved\Run32: => "RIM PeerManager"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\StartupFolder: => "CarPort Updater.lnk"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "AusweisApp"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_0E3695195675395E5979719587D6866A"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "LaCie Ethernet Agent Startup"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{9BBA8AE2-60B1-449F-B0C8-A8D6EBAC3C3F}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{2DC30472-04D7-4ADA-8A74-39C8911698C2}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{44473BBF-B713-43A1-A601-BC9D714FAA29}C:\program files\ws_ftp\ws_ftp95.exe] => (Allow) C:\program files\ws_ftp\ws_ftp95.exe
FirewallRules: [TCP Query User{1486917C-13A9-495C-82ED-0B1F8E62E679}C:\program files\ws_ftp\ws_ftp95.exe] => (Allow) C:\program files\ws_ftp\ws_ftp95.exe
FirewallRules: [UDP Query User{A55812BB-7AFA-4D1B-A484-CE74A1E804EF}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [TCP Query User{9595CBB4-343A-4D15-8366-10A23B8553E4}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{5F356977-FC1D-45BE-ADF5-CD1E1CC761C2}C:\users\Solitar\appdata\roaming\steganos\okayfreedom\proxy\node.exe] => (Block) C:\users\Solitar\appdata\roaming\steganos\okayfreedom\proxy\node.exe
FirewallRules: [TCP Query User{D2C89F43-D2A6-480D-8BC3-267860D1D87A}C:\users\Solitar\appdata\roaming\steganos\okayfreedom\proxy\node.exe] => (Block) C:\users\Solitar\appdata\roaming\steganos\okayfreedom\proxy\node.exe
FirewallRules: [UDP Query User{4AF61F39-F381-4E2A-BB09-B34C8AB205DA}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{CB0EED64-A004-4C48-9B8E-6526166A5B93}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{B6373BC7-A281-4528-AD15-66C3F8979FC9}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{87DBBACD-307C-476F-AA5D-0624A9051D9B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{148006AD-B1B5-41CA-90B0-5651463E56AA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{88B55584-C3ED-494B-9B6B-BC7FE27DA9BD}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{27E23C90-D868-4387-B1CF-418198D8BEA3}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{C6AFF9DE-EAF1-4834-8BF5-2C430DB942E6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [UDP Query User{1812A506-E2D1-43A5-8842-8AA03E180609}C:\program files (x86)\tv-plug-in\tv-plug-in.exe] => (Allow) C:\program files (x86)\tv-plug-in\tv-plug-in.exe
FirewallRules: [TCP Query User{D5E32BC0-87CE-4FB9-A635-0945D1804111}C:\program files (x86)\tv-plug-in\tv-plug-in.exe] => (Allow) C:\program files (x86)\tv-plug-in\tv-plug-in.exe
FirewallRules: [UDP Query User{0177E90C-3D40-481F-B475-0960A015FA60}C:\users\Solitar\appdata\roaming\sdrive\sdrive.exe] => (Allow) C:\users\Solitar\appdata\roaming\sdrive\sdrive.exe
FirewallRules: [TCP Query User{978A4F66-BA03-41FD-93C4-45654DFDB4AD}C:\users\Solitar\appdata\roaming\sdrive\sdrive.exe] => (Allow) C:\users\Solitar\appdata\roaming\sdrive\sdrive.exe
FirewallRules: [{B584D037-D8A2-45EB-A17A-3EF00B205025}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6001E6A-70AB-4647-8DEF-845F3AB63954}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{0AD2DE51-673C-4785-884B-A4A0BFA5B062}C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe] => (Allow) C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe
FirewallRules: [TCP Query User{A0C4CFD6-4C52-481F-88ED-62F789FF8646}C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe] => (Allow) C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe
FirewallRules: [UDP Query User{996D0991-B32A-48F4-9946-CBC07A584725}C:\program files (x86)\qvodplayer\qvodterminal.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodterminal.exe
FirewallRules: [TCP Query User{BF6AD162-6056-4BF4-8762-F00688DFE3E2}C:\program files (x86)\qvodplayer\qvodterminal.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodterminal.exe
FirewallRules: [UDP Query User{D90D7391-3B27-4409-A9ED-1E254B1E95C7}C:\program files (x86)\qvodplayer\qvodplayer.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodplayer.exe
FirewallRules: [TCP Query User{87327AC1-AE7C-4DF1-8454-CE715CB1ECEE}C:\program files (x86)\qvodplayer\qvodplayer.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodplayer.exe
FirewallRules: [{4FDCFC07-427E-4AFD-9038-1854B3CB7C7C}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
FirewallRules: [{9F2DC1DA-D58F-4BBA-9E45-F9CF4733332C}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{C22272E4-BDCA-4A7C-8485-994A7A37620F}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{1B3E4BC4-34D8-4742-BED9-39C139DC30C4}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{341B0FCC-9200-4E26-A9D8-3C2D89772815}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{17D47B71-5D2D-4EB0-BF62-B3C10C3D9DDD}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{DF89E086-8385-408A-B94C-7153CFA39D2C}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{84C54662-6DD3-42D6-84A6-E24AB39DBA55}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{BCF06202-BC1E-4360-912E-EC79D30AE8DB}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{087FB769-BBB0-421D-AA54-462BE5B79B23}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{6293A7D5-710F-4314-A564-5B73F50582CF}] => (Allow) C:\Program Files\360\360safe\safemon\360tray.exe
FirewallRules: [{8A96FC18-B82D-4213-83B9-8F647DC37291}] => (Allow) C:\Program Files\360\360safe\safemon\360tray.exe
FirewallRules: [{2156BC52-7064-4614-83C9-2505C924CB04}] => (Allow) C:\Program Files\360\360sd\LiveUpdate360.exe
FirewallRules: [{05BBB824-B26A-4842-8354-D0374390E800}] => (Allow) C:\Program Files\360\360sd\LiveUpdate360.exe
FirewallRules: [UDP Query User{4BD5EE3C-6FE5-4B45-AC0F-2D87D651254E}C:\program files\360\360sd\360sdupd.exe] => (Allow) C:\program files\360\360sd\360sdupd.exe
FirewallRules: [TCP Query User{49796A0B-5A06-4927-AFDA-00E20337CAC3}C:\program files\360\360sd\360sdupd.exe] => (Allow) C:\program files\360\360sd\360sdupd.exe
FirewallRules: [{FF1808AD-B053-4289-BA1B-F4B3B95F8E97}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\bradminv3.exe
FirewallRules: [{558D5CFA-8A46-4C7C-AA6F-17EA8A0FE65E}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\bradminv3.exe
FirewallRules: [{43FF7CED-A6C4-4093-835A-014F5B71A3B1}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\auditorserver.exe
FirewallRules: [{16207232-F07B-446E-A39A-74B79DE5073B}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\auditorserver.exe
FirewallRules: [{FD327DCF-DD98-4467-AB91-AF29EC77D33C}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\discover.exe
FirewallRules: [{C65E9A02-A784-42CE-81CA-0CE97B7ADD45}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\discover.exe
FirewallRules: [UDP Query User{7925891A-1A80-4FE3-BD3A-9C681C833E2E}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe
FirewallRules: [TCP Query User{475B49EB-89EF-4512-AC1A-A661533109BF}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe
FirewallRules: [UDP Query User{6E9B9D91-82A2-428E-B90F-45005D9AAFE4}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe
FirewallRules: [TCP Query User{1A437E71-1C68-44E9-A07C-BCDB388811B0}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe
FirewallRules: [UDP Query User{63344FA5-0F1C-49A1-A424-F3037397870A}C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe] => (Allow) C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe
FirewallRules: [TCP Query User{F64D5CDF-3655-4330-815B-A0C3839E9A67}C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe] => (Allow) C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe
FirewallRules: [{B1099C3F-8A75-4952-A7E3-28F285AE0442}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{C250B50A-1723-492E-9E82-528F02CA24C0}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{ED6320A1-FC5E-44F7-9980-23F89461D91E}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{5B50FA54-3065-434E-8020-D8DC1936E030}] => (Allow) C:\Program Files (x86)\360\360safe\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{3574FA20-5283-48EE-ACE9-A0AE2F4AF7B6}] => (Allow) C:\Program Files (x86)\360\360safe\LiveUpdate360.exe
FirewallRules: [{E29AADEC-F301-4866-A62C-F4330132D234}] => (Allow) C:\Program Files (x86)\360\360safe\LiveUpdate360.exe
FirewallRules: [{E90687C9-7CB6-4042-9B88-D417DDD37B86}] => (Allow) C:\Program Files (x86)\360\360safe\safemon\360Tray.exe
FirewallRules: [{9F8265C1-492D-4248-9AAD-339CBE71E2EB}] => (Allow) C:\Program Files (x86)\360\360safe\safemon\360Tray.exe
FirewallRules: [UDP Query User{CFABE5E4-7DA7-452E-A947-AC35B7A64F76}C:\users\Solitar\downloads\dreamenum_0.90.exe] => (Allow) C:\users\Solitar\downloads\dreamenum_0.90.exe
FirewallRules: [TCP Query User{15DE7B35-7260-4D0E-AA87-45534A109853}C:\users\Solitar\downloads\dreamenum_0.90.exe] => (Allow) C:\users\Solitar\downloads\dreamenum_0.90.exe
FirewallRules: [{CE2DD3F1-AC25-4C30-8D81-513723A0E446}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3AC7EDE9-D866-4EA9-BCDA-8EE950A48300}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{91074F9C-F99F-4F08-90E2-1BA24C48BA5C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{515B5274-509E-446C-930D-8323ACD02BC6}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{2A169989-3363-4078-B08F-63B69794EF12}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{334E196A-6A82-4DB0-BA4F-318F9E197AD9}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{0C9FB088-6313-45C5-9312-89768CF28248}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{80DA1EC3-39CF-4DDF-9924-61F3217B8309}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{525D6422-21EF-4828-BEBA-A9D35A021E83}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{C26560F8-2BA2-4B79-A9B4-2DAA961BBA85}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{7C690FEE-473D-48DD-A3E4-3EDF654978D9}] => (Allow) C:\Program Files (x86)\Bzeek\bzeek.exe
FirewallRules: [{44CEA248-5B11-469E-B560-1108C64709D7}] => (Allow) C:\Program Files (x86)\Bzeek\bzeek.exe
FirewallRules: [{0BF2FC45-FCB6-4BEF-BA5E-473AFF3260A6}] => (Allow) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{934CE094-D316-4221-BA19-C2DD50E69315}] => (Allow) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{2FAE4540-5DA7-4778-A99F-29193705FE87}] => (Allow) LPort=54925
FirewallRules: [{B5801201-1FB0-42FF-9A45-32203A0786CD}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{02471316-AD65-401F-AF62-4006C171B5BE}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{CE58AE7F-28D8-465A-B3D2-085716D53DD0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{73D3B00E-AC67-414F-943E-4335CB44AAFB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{EF914F2D-8950-40E2-AD76-F29511D2F58E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{412381B7-96BC-4CE9-AA4F-3F3A56351093}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B94DC76A-4C20-4FD9-9D11-093834BBDF9F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{E12DC2BD-D958-4FCA-B79F-51E465336F18}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9508EE5F-46ED-4FDB-9B3A-6F4A92F5F5FA}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{ED6F5BE4-CF9D-40B0-8690-CEC0C590A00B}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{A8E07665-29AE-4C62-AAA8-4CD1AE875D2D}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{DE2506F9-3B44-4A55-89E9-CAAEAF8D20D3}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{AC52A8AE-5182-4446-AA66-AD850D20C587}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{CD1B234B-7770-4179-B918-30679BA3B849}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{6A41B3A9-0AD4-4DB1-86AC-A88D487C964B}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB-xHCI-kompatibler Hostcontroller
Description: USB-xHCI-kompatibler Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generischer USB-xHCI-Hostcontroller
Service: USBXHCI
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft Hosted Network Virtual Adapter
Description: Von Microsoft gehosteter, virtueller Netzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/10/2015 09:54:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/10/2015 09:54:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/10/2015 09:51:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/10/2015 09:08:56 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/10/2015 09:08:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/10/2015 09:08:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/10/2015 09:06:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/10/2015 09:06:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/10/2015 09:06:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/10/2015 06:59:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LenovoX220)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (11/10/2015 09:11:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/10/2015 09:11:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\HERMAN~1\AppData\Local\Temp\ehdrv.sys

Error: (11/10/2015 09:11:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/10/2015 09:11:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\HERMAN~1\AppData\Local\Temp\ehdrv.sys

Error: (11/10/2015 09:11:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/10/2015 09:11:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\HERMAN~1\AppData\Local\Temp\ehdrv.sys

Error: (11/10/2015 09:09:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/10/2015 09:09:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\HERMAN~1\AppData\Local\Temp\ehdrv.sys

Error: (11/10/2015 09:09:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/10/2015 09:09:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\HERMAN~1\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2015-11-10 13:52:58.938
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-10 13:52:58.887
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-10 13:52:58.826
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-10 13:52:58.720
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-10 13:52:58.684
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-10 13:52:58.651
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-10 13:52:57.702
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-10 13:52:57.514
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-10 13:46:52.136
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-10 13:46:52.099
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8075.23 MB
Verfügbarer physikalischer RAM: 4716.14 MB
Summe virtueller Speicher: 16267.23 MB
Verfügbarer virtueller Speicher: 13056.36 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:136.88 GB) (Free:66.75 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.28 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Lenovo_Recovery) (Fixed) (Total:10.99 GB) (Free:1.83 GB) NTFS
Drive f: (SONYCAMERA) (Fixed) (Total:3.72 GB) (Free:3.66 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: B0B007CB)
Partition 1: (Not Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=136.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: DDD41A57)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

--
Ich sage erstmal herzlich Dankeschön!

schrauber · 11.11.2015, 17:15

Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\All Users\Soda PDF 6\Installation\adawareTb_3.4.0.3_Lav01.exe

C:\Program Files (x86)\Bzeek

C:\ProgramData\Soda PDF 6\Installation\adawareTb_3.4.0.3_Lav01.exe

C:\Users\Muster\Downloads\bzeekPlugin-setup.exe

C:\Users\Muster\Downloads\PDF_Sam_Installer.exe

C:\Users\Muster\AppData\Roaming\Steganos Updates\okayfreedom.exe

C:\wamp\www\Live_seite\css\7c32.php

C:\wamp\www\Live_Seite_Joomla2\css\7c32.php
Task: {1A697A3F-7917-430D-B209-D18A5C5987F2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG

Task: {3B7C0878-617C-45E5-9B2C-1461F461EB0E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG

Task: {49441387-1C91-4845-B422-2BACC10D6C3B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

Task: {679FEB60-5999-4ED0-98C5-FD41BCB12A33} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

Task: {7974A3CC-E9BE-4CE7-B79E-E8FE27CDEAD2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

Task: {7A00FD0C-6E3B-4FE1-88FD-AEEC62130AE8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

Task: {8959AC81-35EA-4F1E-870A-7C7B12958103} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

Task: {8F199179-FAAC-4408-8B59-F4CE020CFD69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Task: {92E9E2B2-6F53-49E6-BE02-5BE1799B36C8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG

Task: {BFD0C495-E28E-4FCC-A95C-211BA18C2D50} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

Task: {C2210B65-E867-42F3-9108-A353D3B75AC8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
S2 bzeekuninstallsvc; C:\Program Files (x86)\Bzeek\bzeek.exe [4985056 2012-06-24] (BzeekLand LTD.) [Datei ist nicht signiert]

C:\xampp\htdocs\myBetreuung24_Joomla!-Version 2.5.28\css\7c32.php
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

hardyxy9 · 11.11.2015, 18:00

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von Muster_Man (2015-11-11 17:50:55) Run:1
Gestartet von C:\Users\Solitar\Downloads
Geladene Profile: Muster_Man (Verfügbare Profile: Muster_Man & Solitar)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\All Users\Soda PDF 6\Installation\adawareTb_3.4.0.3_Lav01.exe

C:\Program Files (x86)\Bzeek

C:\ProgramData\Soda PDF 6\Installation\adawareTb_3.4.0.3_Lav01.exe

C:\Users\Muster_Man\Downloads\bzeekPlugin-setup.exe

C:\Users\Muster_Man\Downloads\PDF_Sam_Installer.exe

C:\Users\Muster_Man\AppData\Roaming\Steganos Updates\okayfreedom.exe

C:\wamp\www\Live_seite\css\7c32.php

C:\wamp\www\Live_Seite_Joomla2\css\7c32.php
Task: {1A697A3F-7917-430D-B209-D18A5C5987F2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG

Task: {3B7C0878-617C-45E5-9B2C-1461F461EB0E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG

Task: {49441387-1C91-4845-B422-2BACC10D6C3B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

Task: {679FEB60-5999-4ED0-98C5-FD41BCB12A33} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

Task: {7974A3CC-E9BE-4CE7-B79E-E8FE27CDEAD2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

Task: {7A00FD0C-6E3B-4FE1-88FD-AEEC62130AE8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

Task: {8959AC81-35EA-4F1E-870A-7C7B12958103} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

Task: {8F199179-FAAC-4408-8B59-F4CE020CFD69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Task: {92E9E2B2-6F53-49E6-BE02-5BE1799B36C8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG

Task: {BFD0C495-E28E-4FCC-A95C-211BA18C2D50} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

Task: {C2210B65-E867-42F3-9108-A353D3B75AC8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
S2 bzeekuninstallsvc; C:\Program Files (x86)\Bzeek\bzeek.exe [4985056 2012-06-24] (BzeekLand LTD.) [Datei ist nicht signiert]

C:\xampp\htdocs\xxxxxxxxxxxxx_Joomla!-Version 2.5.28\css\7c32.php
Emptytemp:
         
*****************

"C:\Users\All Users\Soda PDF 6\Installation\adawareTb_3.4.0.3_Lav01.exe" => nicht gefunden.
"C:\Program Files (x86)\Bzeek" => nicht gefunden.
"C:\ProgramData\Soda PDF 6\Installation\adawareTb_3.4.0.3_Lav01.exe" => nicht gefunden.
"C:\Users\Muster_Man\Downloads\bzeekPlugin-setup.exe" => nicht gefunden.
"C:\Users\Muster_Man\Downloads\PDF_Sam_Installer.exe" => nicht gefunden.
"C:\Users\Muster_Man\AppData\Roaming\Steganos Updates\okayfreedom.exe" => nicht gefunden.
C:\wamp\www\Live_seite\css\7c32.php => erfolgreich verschoben
C:\wamp\www\Live_Seite_Joomla2\css\7c32.php => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A697A3F-7917-430D-B209-D18A5C5987F2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A697A3F-7917-430D-B209-D18A5C5987F2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B7C0878-617C-45E5-9B2C-1461F461EB0E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B7C0878-617C-45E5-9B2C-1461F461EB0E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49441387-1C91-4845-B422-2BACC10D6C3B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49441387-1C91-4845-B422-2BACC10D6C3B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{679FEB60-5999-4ED0-98C5-FD41BCB12A33}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{679FEB60-5999-4ED0-98C5-FD41BCB12A33}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7974A3CC-E9BE-4CE7-B79E-E8FE27CDEAD2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7974A3CC-E9BE-4CE7-B79E-E8FE27CDEAD2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A00FD0C-6E3B-4FE1-88FD-AEEC62130AE8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A00FD0C-6E3B-4FE1-88FD-AEEC62130AE8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8959AC81-35EA-4F1E-870A-7C7B12958103}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8959AC81-35EA-4F1E-870A-7C7B12958103}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F199179-FAAC-4408-8B59-F4CE020CFD69}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F199179-FAAC-4408-8B59-F4CE020CFD69}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92E9E2B2-6F53-49E6-BE02-5BE1799B36C8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92E9E2B2-6F53-49E6-BE02-5BE1799B36C8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BFD0C495-E28E-4FCC-A95C-211BA18C2D50}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFD0C495-E28E-4FCC-A95C-211BA18C2D50}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C2210B65-E867-42F3-9108-A353D3B75AC8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2210B65-E867-42F3-9108-A353D3B75AC8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
bzeekuninstallsvc => Dienst erfolgreich entfernt
"C:\xampp\htdocs\xxxxxxxxxxxx_Joomla!-Version 2.5.28\css\7c32.php" => nicht gefunden.
EmptyTemp: => 220.9 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:51:13 ====

schrauber · 12.11.2015, 17:06

fertig

12.11.2015, 17:06	#15
schrauber /// the machine /// TB-Ausbilder	Bzeek Version 0.9.192 gefährlich? Soll ich entfernen ? - wie? fertig __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Bzeek Version 0.9.192 gefährlich? Soll ich entfernen ? - wie?

Plagegeister aller Art und deren Bekämpfung: Bzeek Version 0.9.192 gefährlich? Soll ich entfernen ? - wie?